From: David Howells Date: Wed, 2 Sep 2009 08:13:50 +0000 (+0100) Subject: KEYS: Allow keyctl_revoke() on keys that have SETATTR but not WRITE perm [try #6] X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=0c2c9a3fc77e8b60d43d9bd2ca46eb4dddb0ff76;p=GitHub%2FLineageOS%2FG12%2Fandroid_kernel_amlogic_linux-4.9.git KEYS: Allow keyctl_revoke() on keys that have SETATTR but not WRITE perm [try #6] Allow keyctl_revoke() to operate on keys that have SETATTR but not WRITE permission, rather than only on keys that have WRITE permission. Signed-off-by: David Howells Acked-by: Serge Hallyn Signed-off-by: James Morris --- diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c index b85ace218395..1160b644dace 100644 --- a/security/keys/keyctl.c +++ b/security/keys/keyctl.c @@ -343,7 +343,13 @@ long keyctl_revoke_key(key_serial_t id) key_ref = lookup_user_key(id, 0, KEY_WRITE); if (IS_ERR(key_ref)) { ret = PTR_ERR(key_ref); - goto error; + if (ret != -EACCES) + goto error; + key_ref = lookup_user_key(id, 0, KEY_SETATTR); + if (IS_ERR(key_ref)) { + ret = PTR_ERR(key_ref); + goto error; + } } key_revoke(key_ref_to_ptr(key_ref));