From: Zhang Tianxing zhangtianxing3@huawei.com
hulk inclusion category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I4O25G CVE: NA
--------------------------------
This reverts commit 44313f67cf0a250d08efe9c87e3cea8bbe8138f0.
Signed-off-by: Zhang Tianxing zhangtianxing3@huawei.com Acked-by: Xie XiuQi xiexiuqi@huawei.com Acked-by: Xiu Jianfengxiujianfeng@huawei.com Signed-off-by: Zheng Zengkai zhengzengkai@huawei.com --- crypto/asymmetric_keys/asymmetric_type.c | 20 ++++---------------- include/linux/key-type.h | 1 - security/keys/keyring.c | 10 +--------- 3 files changed, 5 insertions(+), 26 deletions(-)
diff --git a/crypto/asymmetric_keys/asymmetric_type.c b/crypto/asymmetric_keys/asymmetric_type.c index 177429bc5c7b..33e77d846caa 100644 --- a/crypto/asymmetric_keys/asymmetric_type.c +++ b/crypto/asymmetric_keys/asymmetric_type.c @@ -249,15 +249,9 @@ static bool asymmetric_key_cmp(const struct key *key, { const struct asymmetric_key_ids *kids = asymmetric_key_ids(key); const struct asymmetric_key_id *match_id = match_data->preparsed; - bool match;
- match = asymmetric_match_key_ids(kids, match_id, - asymmetric_key_id_same); - - if (match_data->domain_tag) - match &= key->index_key.domain_tag == match_data->domain_tag; - - return match; + return asymmetric_match_key_ids(kids, match_id, + asymmetric_key_id_same); }
/* @@ -268,15 +262,9 @@ static bool asymmetric_key_cmp_partial(const struct key *key, { const struct asymmetric_key_ids *kids = asymmetric_key_ids(key); const struct asymmetric_key_id *match_id = match_data->preparsed; - bool match; - - match = asymmetric_match_key_ids(kids, match_id, - asymmetric_key_id_partial); - - if (match_data->domain_tag) - match &= key->index_key.domain_tag == match_data->domain_tag;
- return match; + return asymmetric_match_key_ids(kids, match_id, + asymmetric_key_id_partial); }
/* diff --git a/include/linux/key-type.h b/include/linux/key-type.h index c8ea26ab242c..2ab2d6d6aeab 100644 --- a/include/linux/key-type.h +++ b/include/linux/key-type.h @@ -55,7 +55,6 @@ struct key_match_data { unsigned lookup_type; /* Type of lookup for this search. */ #define KEYRING_SEARCH_LOOKUP_DIRECT 0x0000 /* Direct lookup by description. */ #define KEYRING_SEARCH_LOOKUP_ITERATE 0x0001 /* Iterative search. */ - struct key_tag *domain_tag; /* Key domain tag */ };
/* diff --git a/security/keys/keyring.c b/security/keys/keyring.c index 7e45e534035f..12583241ff63 100644 --- a/security/keys/keyring.c +++ b/security/keys/keyring.c @@ -565,13 +565,7 @@ int restrict_link_reject(struct key *keyring, bool key_default_cmp(const struct key *key, const struct key_match_data *match_data) { - bool match; - - match = strcmp(key->description, match_data->raw_data) == 0; - if (match_data->domain_tag) - match &= key->index_key.domain_tag == match_data->domain_tag; - - return match; + return strcmp(key->description, match_data->raw_data) == 0; }
/* @@ -963,8 +957,6 @@ key_ref_t keyring_search_tag(key_ref_t keyring,
if (recurse) ctx.flags |= KEYRING_SEARCH_RECURSE; - if (domain_tag) - ctx.match_data.domain_tag = domain_tag; if (type->match_preparse) { ret = type->match_preparse(&ctx.match_data); if (ret < 0)