From 553d603c8fce8cf727eb26e4bf6b9549cd4623f1 Mon Sep 17 00:00:00 2001 From: David Howells Date: Fri, 30 Apr 2010 14:32:28 +0100 Subject: KEYS: keyring_serialise_link_sem is only needed for keyring->keyring links keyring_serialise_link_sem is only needed for keyring->keyring links as it's used to prevent cycle detection from being avoided by parallel keyring additions. Signed-off-by: David Howells Signed-off-by: James Morris --- security/keys/keyring.c | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) (limited to 'security') diff --git a/security/keys/keyring.c b/security/keys/keyring.c index 2fb2bc9712a..29de5ee3457 100644 --- a/security/keys/keyring.c +++ b/security/keys/keyring.c @@ -705,13 +705,14 @@ int __key_link(struct key *keyring, struct key *key) if (keyring->type != &key_type_keyring) goto error; - /* serialise link/link calls to prevent parallel calls causing a - * cycle when applied to two keyring in opposite orders */ - down_write(&keyring_serialise_link_sem); - - /* check that we aren't going to create a cycle adding one keyring to - * another */ + /* do some special keyring->keyring link checks */ if (key->type == &key_type_keyring) { + /* serialise link/link calls to prevent parallel calls causing + * a cycle when applied to two keyring in opposite orders */ + down_write(&keyring_serialise_link_sem); + + /* check that we aren't going to create a cycle adding one + * keyring to another */ ret = keyring_detect_cycle(keyring, key); if (ret < 0) goto error2; @@ -814,7 +815,8 @@ int __key_link(struct key *keyring, struct key *key) done: ret = 0; error2: - up_write(&keyring_serialise_link_sem); + if (key->type == &key_type_keyring) + up_write(&keyring_serialise_link_sem); error: return ret; -- cgit v1.2.3-18-g5258