KEYS: Fix error handling in big_key instantiation

In the big_key_instantiate() function we return 0 if kernel_write() returns us an error rather than returning an error. This can potentially lead to dentry_open() giving a BUG when called from big_key_read() with an unset tmpfile path. ------------[ cut here ]------------ kernel BUG at fs/open.c:798! ... RIP: 0010:[<ffffffff8119bbd1>] dentry_open+0xd1/0xe0 ... Call Trace: [<ffffffff812350c5>] big_key_read+0x55/0x100 [<ffffffff81231084>] keyctl_read_key+0xb4/0xe0 [<ffffffff81231e58>] SyS_keyctl+0xf8/0x1d0 [<ffffffff815bb799>] system_call_fastpath+0x16/0x1b Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
author: David Howells <dhowells@redhat.com> 2013-11-13 16:51:06 +0000
committer: David Howells <dhowells@redhat.com> 2013-11-13 16:51:06 +0000
commit: 97826c821ec6724fc359d9b7840dc10af914c641 (patch)
tree: 0d0f64d3dde09c876fd0248df6ca6bfaec16be93 /security
parent: fbf8c53f1a2ac7610ed124043600dc074992e71b (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/security/keys/big_key.c b/security/keys/big_key.c
index 2cf5e62d67af..7f44c3207a9b 100644
--- a/security/keys/big_key.c
+++ b/security/keys/big_key.c
@@ -78,6 +78,7 @@ int big_key_instantiate(struct key *key, struct key_preparsed_payload *prep)
 
 		written = kernel_write(file, prep->data, prep->datalen, 0);
 		if (written != datalen) {
+			ret = written;
 			if (written >= 0)
 				ret = -ENOMEM;
 			goto err_fput;
author	David Howells <dhowells@redhat.com>	2013-11-13 16:51:06 +0000
committer	David Howells <dhowells@redhat.com>	2013-11-13 16:51:06 +0000
commit	97826c821ec6724fc359d9b7840dc10af914c641 (patch)
tree	0d0f64d3dde09c876fd0248df6ca6bfaec16be93 /security
parent	fbf8c53f1a2ac7610ed124043600dc074992e71b (diff)