KEYS: keyring_serialise_link_sem is only needed for keyring->keyring links
keyring_serialise_link_sem is only needed for keyring->keyring links as it's used to prevent cycle detection from being avoided by parallel keyring additions. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
parent
0ffbe2699c
commit
553d603c8f
1 changed files with 9 additions and 7 deletions
|
@ -705,13 +705,14 @@ int __key_link(struct key *keyring, struct key *key)
|
|||
if (keyring->type != &key_type_keyring)
|
||||
goto error;
|
||||
|
||||
/* serialise link/link calls to prevent parallel calls causing a
|
||||
* cycle when applied to two keyring in opposite orders */
|
||||
down_write(&keyring_serialise_link_sem);
|
||||
|
||||
/* check that we aren't going to create a cycle adding one keyring to
|
||||
* another */
|
||||
/* do some special keyring->keyring link checks */
|
||||
if (key->type == &key_type_keyring) {
|
||||
/* serialise link/link calls to prevent parallel calls causing
|
||||
* a cycle when applied to two keyring in opposite orders */
|
||||
down_write(&keyring_serialise_link_sem);
|
||||
|
||||
/* check that we aren't going to create a cycle adding one
|
||||
* keyring to another */
|
||||
ret = keyring_detect_cycle(keyring, key);
|
||||
if (ret < 0)
|
||||
goto error2;
|
||||
|
@ -814,7 +815,8 @@ int __key_link(struct key *keyring, struct key *key)
|
|||
done:
|
||||
ret = 0;
|
||||
error2:
|
||||
up_write(&keyring_serialise_link_sem);
|
||||
if (key->type == &key_type_keyring)
|
||||
up_write(&keyring_serialise_link_sem);
|
||||
error:
|
||||
return ret;
|
||||
|
||||
|
|
Loading…
Reference in a new issue