Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / 4aab1e896a0a9d57420ff2867caa5a369123d8cb
commit4aab1e896a0a9d57420ff2867caa5a369123d8cb[log] [tgz]
authorDavid Howells <dhowells@redhat.com>Fri Mar 11 17:57:33 2011 +0000
committerJames Morris <jmorris@namei.org>Thu Mar 17 11:59:49 2011 +1100
tree92212870353a9493c10fb46a0dd9b6ce27230012
parent78b7280cce23293f7570ad52c1ffe1485c6d9669 [diff]
KEYS: Make request_key() and co. return an error for a negative key

Make request_key() and co. return an error for a negative or rejected key.  If
the key was simply negated, then return ENOKEY, otherwise return the error
with which it was rejected.

Without this patch, the following command returns a key number (with the latest
keyutils):

	[root@andromeda ~]# keyctl request2 user debug:foo rejected @s
	586569904

Trying to print the key merely gets you a permission denied error:

	[root@andromeda ~]# keyctl print 586569904
	keyctl_read_alloc: Permission denied

Doing another request_key() call does get you the error, as long as it hasn't
expired yet:

	[root@andromeda ~]# keyctl request user debug:foo
	request_key: Key was rejected by service

Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
1 file changed
tree: 92212870353a9493c10fb46a0dd9b6ce27230012
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. COPYING
  25. CREDITS
  26. Kbuild
  27. Kconfig
  28. MAINTAINERS
  29. Makefile
  30. README
  31. REPORTING-BUGS