From 373f58fd7f38decf2756053f0ab4fb8b0662a32c Mon Sep 17 00:00:00 2001 From: David Howells Date: Thu, 21 Feb 2013 12:00:25 +0000 Subject: KEYS: Revert one application of "Fix unreachable code" patch commit fe9453a1dcb5fb146f9653267e78f4a558066f6f upstream. A patch to fix some unreachable code in search_my_process_keyrings() got applied twice by two different routes upstream as commits e67eab39bee2 and b010520ab3d2 (both "fix unreachable code"). Unfortunately, the second application removed something it shouldn't have and this wasn't detected by GIT. This is due to the patch not having sufficient lines of context to distinguish the two places of application. The effect of this is relatively minor: inside the kernel, the keyring search routines may search multiple keyrings and then prioritise the errors if no keys or negative keys are found in any of them. With the extra deletion, the presence of a negative key in the thread keyring (causing ENOKEY) is incorrectly overridden by an error searching the process keyring. So revert the second application of the patch. Signed-off-by: David Howells Cc: Jiri Kosina Cc: Andrew Morton Signed-off-by: Linus Torvalds Signed-off-by: Greg Kroah-Hartman diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c index 20e4bf5..58dfe08 100644 --- a/security/keys/process_keys.c +++ b/security/keys/process_keys.c @@ -367,6 +367,8 @@ key_ref_t search_my_process_keyrings(struct key_type *type, switch (PTR_ERR(key_ref)) { case -EAGAIN: /* no key */ + if (ret) + break; case -ENOKEY: /* negative key */ ret = key_ref; break; -- cgit v0.10.2