KEYS: testing wrong bit for KEY_FLAG_REVOKED
Dan Carpenter [Tue, 6 Mar 2012 13:32:16 +0000 (13:32 +0000)]
The test for "if (cred->request_key_auth->flags & KEY_FLAG_REVOKED) {"
should actually testing that the (1 << KEY_FLAG_REVOKED) bit is set.
The current code actually checks for KEY_FLAG_DEAD.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>

security/keys/process_keys.c

index 1068cb1..be7ecb2 100644 (file)
@@ -657,7 +657,8 @@ try_again:
                        goto error;
 
                down_read(&cred->request_key_auth->sem);
-               if (cred->request_key_auth->flags & KEY_FLAG_REVOKED) {
+               if (test_bit(KEY_FLAG_REVOKED,
+                            &cred->request_key_auth->flags)) {
                        key_ref = ERR_PTR(-EKEYREVOKED);
                        key = NULL;
                } else {