From: David Howells <dhowells@redhat.com>
To: keyrings@vger.kernel.org, ebiggers@kernel.org
Cc: Eric Biggers <ebiggers@google.com>,
James Morris <jamorris@linux.microsoft.com>,
dhowells@redhat.com, linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: [PATCH 09/10] keys: Reuse keyring_index_key::desc_len in lookup_user_key() [ver #3]
Date: Wed, 19 Jun 2019 13:19:59 +0000 [thread overview]
Message-ID: <156095039896.9363.4535558628030573762.stgit@warthog.procyon.org.uk> (raw)
In-Reply-To: <156095032052.9363.8954337545422131435.stgit@warthog.procyon.org.uk>
From: Eric Biggers <ebiggers@google.com>
When lookup_user_key() checks whether the key is possessed, it should
use the key's existing index_key including the 'desc_len' field, rather
than recomputing the 'desc_len'. This doesn't change the behavior; this
way is just simpler and faster.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: James Morris <jamorris@linux.microsoft.com>
---
security/keys/process_keys.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c
index ba5d3172cafe..39aaa21462bf 100644
--- a/security/keys/process_keys.c
+++ b/security/keys/process_keys.c
@@ -688,9 +688,7 @@ key_ref_t lookup_user_key(key_serial_t id, unsigned long lflags,
key_ref = make_key_ref(key, 0);
/* check to see if we possess the key */
- ctx.index_key.type = key->type;
- ctx.index_key.description = key->description;
- ctx.index_key.desc_len = strlen(key->description);
+ ctx.index_key = key->index_key;
ctx.match_data.raw_data = key;
kdebug("check possessed");
skey_ref = search_process_keyrings(&ctx);
WARNING: multiple messages have this Message-ID (diff)
From: David Howells <dhowells@redhat.com>
To: keyrings@vger.kernel.org, ebiggers@kernel.org
Cc: Eric Biggers <ebiggers@google.com>,
James Morris <jamorris@linux.microsoft.com>,
dhowells@redhat.com, linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: [PATCH 09/10] keys: Reuse keyring_index_key::desc_len in lookup_user_key() [ver #3]
Date: Wed, 19 Jun 2019 14:19:59 +0100 [thread overview]
Message-ID: <156095039896.9363.4535558628030573762.stgit@warthog.procyon.org.uk> (raw)
In-Reply-To: <156095032052.9363.8954337545422131435.stgit@warthog.procyon.org.uk>
From: Eric Biggers <ebiggers@google.com>
When lookup_user_key() checks whether the key is possessed, it should
use the key's existing index_key including the 'desc_len' field, rather
than recomputing the 'desc_len'. This doesn't change the behavior; this
way is just simpler and faster.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: James Morris <jamorris@linux.microsoft.com>
---
security/keys/process_keys.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c
index ba5d3172cafe..39aaa21462bf 100644
--- a/security/keys/process_keys.c
+++ b/security/keys/process_keys.c
@@ -688,9 +688,7 @@ key_ref_t lookup_user_key(key_serial_t id, unsigned long lflags,
key_ref = make_key_ref(key, 0);
/* check to see if we possess the key */
- ctx.index_key.type = key->type;
- ctx.index_key.description = key->description;
- ctx.index_key.desc_len = strlen(key->description);
+ ctx.index_key = key->index_key;
ctx.match_data.raw_data = key;
kdebug("check possessed");
skey_ref = search_process_keyrings(&ctx);
next prev parent reply other threads:[~2019-06-19 13:19 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-19 13:18 [PATCH 00/10] keys: Miscellany [ver #3] David Howells
2019-06-19 13:18 ` David Howells
2019-06-19 13:18 ` [PATCH 01/10] keys: sparse: Fix key_fs[ug]id_changed() " David Howells
2019-06-19 13:18 ` David Howells
2019-06-19 13:19 ` [PATCH 02/10] keys: sparse: Fix incorrect RCU accesses " David Howells
2019-06-19 13:19 ` David Howells
2019-06-19 13:19 ` [PATCH 03/10] keys: sparse: Fix kdoc mismatches " David Howells
2019-06-19 13:19 ` David Howells
2019-06-19 13:19 ` [PATCH 04/10] keys: Change keyring_serialise_link_sem to a mutex " David Howells
2019-06-19 13:19 ` David Howells
2019-06-19 13:19 ` [PATCH 05/10] keys: Break bits out of key_unlink() " David Howells
2019-06-19 13:19 ` David Howells
2019-06-19 13:19 ` [PATCH 06/10] keys: Hoist locking out of __key_link_begin() " David Howells
2019-06-19 13:19 ` David Howells
2019-06-19 13:19 ` [PATCH 07/10] keys: Add a keyctl to move a key between keyrings " David Howells
2019-06-19 13:19 ` David Howells
2019-06-19 13:19 ` [PATCH 08/10] keys: Grant Link permission to possessers of request_key auth keys " David Howells
2019-06-19 13:19 ` David Howells
2019-06-19 13:19 ` David Howells [this message]
2019-06-19 13:19 ` [PATCH 09/10] keys: Reuse keyring_index_key::desc_len in lookup_user_key() " David Howells
2019-06-19 13:20 ` [PATCH 10/10] keys: Add capability-checking keyctl function " David Howells
2019-06-19 13:20 ` David Howells
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=156095039896.9363.4535558628030573762.stgit@warthog.procyon.org.uk \
--to=dhowells@redhat.com \
--cc=ebiggers@google.com \
--cc=ebiggers@kernel.org \
--cc=jamorris@linux.microsoft.com \
--cc=keyrings@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.