[PATCH] Keys: Base keyring size on key pointer not key struct
The attached patch makes the keyring functions calculate the new size of a
keyring's payload based on the size of pointer to the key struct, not the size
of the key struct itself.
Signed-Off-By: David Howells <dhowells@redhat.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
diff --git a/security/keys/keyring.c b/security/keys/keyring.c
index 90a551e..a1f6bac 100644
--- a/security/keys/keyring.c
+++ b/security/keys/keyring.c
@@ -129,7 +129,7 @@
int loop, ret;
const unsigned limit =
- (PAGE_SIZE - sizeof(*klist)) / sizeof(struct key);
+ (PAGE_SIZE - sizeof(*klist)) / sizeof(struct key *);
ret = 0;
@@ -150,7 +150,7 @@
max = limit;
ret = -ENOMEM;
- size = sizeof(*klist) + sizeof(struct key) * max;
+ size = sizeof(*klist) + sizeof(struct key *) * max;
klist = kmalloc(size, GFP_KERNEL);
if (!klist)
goto error;
@@ -163,7 +163,7 @@
klist->nkeys = sklist->nkeys;
memcpy(klist->keys,
sklist->keys,
- sklist->nkeys * sizeof(struct key));
+ sklist->nkeys * sizeof(struct key *));
for (loop = klist->nkeys - 1; loop >= 0; loop--)
atomic_inc(&klist->keys[loop]->usage);
@@ -783,7 +783,7 @@
ret = -ENFILE;
if (max > 65535)
goto error3;
- size = sizeof(*klist) + sizeof(*key) * max;
+ size = sizeof(*klist) + sizeof(struct key *) * max;
if (size > PAGE_SIZE)
goto error3;
@@ -895,7 +895,8 @@
key_is_present:
/* we need to copy the key list for RCU purposes */
- nklist = kmalloc(sizeof(*klist) + sizeof(*key) * klist->maxkeys,
+ nklist = kmalloc(sizeof(*klist) +
+ sizeof(struct key *) * klist->maxkeys,
GFP_KERNEL);
if (!nklist)
goto nomem;
@@ -905,12 +906,12 @@
if (loop > 0)
memcpy(&nklist->keys[0],
&klist->keys[0],
- loop * sizeof(klist->keys[0]));
+ loop * sizeof(struct key *));
if (loop < nklist->nkeys)
memcpy(&nklist->keys[loop],
&klist->keys[loop + 1],
- (nklist->nkeys - loop) * sizeof(klist->keys[0]));
+ (nklist->nkeys - loop) * sizeof(struct key *));
/* adjust the user's quota */
key_payload_reserve(keyring,