KEYS: Move the flags representing required permission to linux/key.h Move the flags representing required permission to linux/key.h as the perm parameter of security_key_permission() is in terms of them - and not the permissions mask flags used in key->perm. Whilst we're at it: (1) Rename them to be KEY_NEED_xxx rather than KEY_xxx to avoid collisions with symbols in uapi/linux/input.h. (2) Don't use key_perm_t for a mask of required permissions, but rather limit it to the permissions mask attached to the key and arguments related directly to that. Signed-off-by: David Howells <dhowells@redhat.com> Tested-by: Dmitry Kasatkin <d.kasatkin@samsung.com>

commit: f5895943d91b41b0368830cdb6eaffb8eda0f4c8 [log] [tgz]
author: David Howells <dhowells@redhat.com> Fri Mar 14 17:44:49 2014 +0000
committer: David Howells <dhowells@redhat.com> Fri Mar 14 17:44:49 2014 +0000
tree: 7f2306521dae27b9beb0be25942d27ee6d9a328a
parent: c60f7d5a8e7c639de5d9dfe07e1e91d302d506e4 [diff] [blame]
diff --git a/security/keys/proc.c b/security/keys/proc.c
index 88e9a46..d3f6f2f 100644
--- a/security/keys/proc.c
+++ b/security/keys/proc.c

@@ -218,7 +218,7 @@
 	 * - the caller holds a spinlock, and thus the RCU read lock, making our
 	 *   access to __current_cred() safe
 	 */
-	rc = key_task_permission(key_ref, ctx.cred, KEY_VIEW);
+	rc = key_task_permission(key_ref, ctx.cred, KEY_NEED_VIEW);
 	if (rc < 0)
 		return 0;
commit	f5895943d91b41b0368830cdb6eaffb8eda0f4c8	[log] [tgz]
author	David Howells <dhowells@redhat.com>	Fri Mar 14 17:44:49 2014 +0000
committer	David Howells <dhowells@redhat.com>	Fri Mar 14 17:44:49 2014 +0000
tree	7f2306521dae27b9beb0be25942d27ee6d9a328a
parent	c60f7d5a8e7c639de5d9dfe07e1e91d302d506e4 [diff] [blame]