Eric Biggers <ebiggers3@xxxxxxxxx> wrote: > Therefore, change find_key_to_update() to return NULL if the found key > is uninstantiated, so that add_key() replaces the key rather than > instantiating it. This seems to be better than fixing __key_update() to > call __key_instantiate_and_link(), since given all the bugs noted above > as well as that the existing behavior was undocumented and > keyctl_instantiate() is supposed to be used instead, I doubt anyone was > relying on the existing behavior. keyctl_instantiate() can only be called from an upcall. It can't be called in the same context as keyctl_update(). I would be okay with making key_update() wait for completion of construction in this case. David