[PATCH v5 1/7] encrypted_keys: avoid dumping the master key if the request fails

Roberto Sassu <roberto.sassu@xxxxxxxxx> · Mon, 27 Jun 2011 13:45:39 +0200

Do not dump the master key if an error is encountered during the request.

Signed-off-by: Roberto Sassu <roberto.sassu@xxxxxxxxx>
Acked-by: Gianluca Ramunno <ramunno@xxxxxxxxx>
---
 security/keys/encrypted.c |    8 +++++---
 1 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/security/keys/encrypted.c b/security/keys/encrypted.c
index b1cba5b..37cd913 100644
--- a/security/keys/encrypted.c
+++ b/security/keys/encrypted.c
@@ -378,11 +378,13 @@ static struct key *request_master_key(struct encrypted_key_payload *epayload,
 	} else
 		goto out;
 
-	if (IS_ERR(mkey))
+	if (IS_ERR(mkey)) {
 		pr_info("encrypted_key: key %s not found",
 			epayload->master_desc);
-	if (mkey)
-		dump_master_key(*master_key, *master_keylen);
+		goto out;
+	}
+
+	dump_master_key(*master_key, *master_keylen);
 out:
 	return mkey;
 }
-- 
1.7.4.4

Attachment:
smime.p7s

Description: S/MIME cryptographic signature




