diff options
-rw-r--r-- | include/linux/key.h | 2 | ||||
-rw-r--r-- | security/keys/key.c | 20 | ||||
-rw-r--r-- | security/keys/keyctl.c | 18 |
3 files changed, 24 insertions, 16 deletions
diff --git a/include/linux/key.h b/include/linux/key.h index 5253471cd2ea..be3995d1024a 100644 --- a/include/linux/key.h +++ b/include/linux/key.h @@ -276,6 +276,8 @@ static inline key_serial_t key_serial(const struct key *key) return key ? key->serial : 0; } +extern void key_set_timeout(struct key *, unsigned); + /** * key_is_instantiated - Determine if a key has been positively instantiated * @key: The key to check. diff --git a/security/keys/key.c b/security/keys/key.c index 7ada8019be1f..06783cffb3af 100644 --- a/security/keys/key.c +++ b/security/keys/key.c @@ -671,6 +671,26 @@ found_kernel_type: return ktype; } +void key_set_timeout(struct key *key, unsigned timeout) +{ + struct timespec now; + time_t expiry = 0; + + /* make the changes with the locks held to prevent races */ + down_write(&key->sem); + + if (timeout > 0) { + now = current_kernel_time(); + expiry = now.tv_sec + timeout; + } + + key->expiry = expiry; + key_schedule_gc(key->expiry + key_gc_delay); + + up_write(&key->sem); +} +EXPORT_SYMBOL_GPL(key_set_timeout); + /* * Unlock a key type locked by key_type_lookup(). */ diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c index 0b3f5d72af1c..0a4a21d73f6a 100644 --- a/security/keys/keyctl.c +++ b/security/keys/keyctl.c @@ -14,6 +14,7 @@ #include <linux/sched.h> #include <linux/slab.h> #include <linux/syscalls.h> +#include <linux/key.h> #include <linux/keyctl.h> #include <linux/fs.h> #include <linux/capability.h> @@ -1244,10 +1245,8 @@ error: */ long keyctl_set_timeout(key_serial_t id, unsigned timeout) { - struct timespec now; struct key *key, *instkey; key_ref_t key_ref; - time_t expiry; long ret; key_ref = lookup_user_key(id, KEY_LOOKUP_CREATE | KEY_LOOKUP_PARTIAL, @@ -1273,20 +1272,7 @@ long keyctl_set_timeout(key_serial_t id, unsigned timeout) okay: key = key_ref_to_ptr(key_ref); - - /* make the changes with the locks held to prevent races */ - down_write(&key->sem); - - expiry = 0; - if (timeout > 0) { - now = current_kernel_time(); - expiry = now.tv_sec + timeout; - } - - key->expiry = expiry; - key_schedule_gc(key->expiry + key_gc_delay); - - up_write(&key->sem); + key_set_timeout(key, timeout); key_put(key); ret = 0; |