diff options
author | David Howells <dhowells@redhat.com> | 2010-04-30 14:32:28 +0100 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2010-05-06 10:56:52 +1000 |
commit | 553d603c8fce8cf727eb26e4bf6b9549cd4623f1 (patch) | |
tree | 137d9976ac663371d5f4f9ccf59ef4fb1ea9bc88 /security/keys | |
parent | 0ffbe2699cda6afbe08501098dff8a8c2fe6ae09 (diff) | |
download | kernel_goldelico_gta04-553d603c8fce8cf727eb26e4bf6b9549cd4623f1.zip kernel_goldelico_gta04-553d603c8fce8cf727eb26e4bf6b9549cd4623f1.tar.gz kernel_goldelico_gta04-553d603c8fce8cf727eb26e4bf6b9549cd4623f1.tar.bz2 |
KEYS: keyring_serialise_link_sem is only needed for keyring->keyring links
keyring_serialise_link_sem is only needed for keyring->keyring links as it's
used to prevent cycle detection from being avoided by parallel keyring
additions.
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/keys')
-rw-r--r-- | security/keys/keyring.c | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/security/keys/keyring.c b/security/keys/keyring.c index 2fb2bc9..29de5ee 100644 --- a/security/keys/keyring.c +++ b/security/keys/keyring.c @@ -705,13 +705,14 @@ int __key_link(struct key *keyring, struct key *key) if (keyring->type != &key_type_keyring) goto error; - /* serialise link/link calls to prevent parallel calls causing a - * cycle when applied to two keyring in opposite orders */ - down_write(&keyring_serialise_link_sem); - - /* check that we aren't going to create a cycle adding one keyring to - * another */ + /* do some special keyring->keyring link checks */ if (key->type == &key_type_keyring) { + /* serialise link/link calls to prevent parallel calls causing + * a cycle when applied to two keyring in opposite orders */ + down_write(&keyring_serialise_link_sem); + + /* check that we aren't going to create a cycle adding one + * keyring to another */ ret = keyring_detect_cycle(keyring, key); if (ret < 0) goto error2; @@ -814,7 +815,8 @@ int __key_link(struct key *keyring, struct key *key) done: ret = 0; error2: - up_write(&keyring_serialise_link_sem); + if (key->type == &key_type_keyring) + up_write(&keyring_serialise_link_sem); error: return ret; |