Fix module blacklist patch to not leak a reference to the blacklist keyring
This commit is contained in:
parent
e12c503006
commit
23aad7f77f
@ -62,7 +62,7 @@ Summary: The Linux kernel
|
||||
# For non-released -rc kernels, this will be appended after the rcX and
|
||||
# gitX tags, so a 3 here would become part of release "0.rcX.gitX.3"
|
||||
#
|
||||
%global baserelease 1
|
||||
%global baserelease 2
|
||||
%global fedora_build %{baserelease}
|
||||
|
||||
# base_sublevel is the kernel version we're starting with and patching
|
||||
@ -2317,7 +2317,10 @@ fi
|
||||
# ||----w |
|
||||
# || ||
|
||||
%changelog
|
||||
* Tue Oct 30 2012 Josh Boyer <jwboyer@gmail.com> - 3.7.0-0.rc3.git0.1
|
||||
* Tue Oct 30 2012 Josh Boyer <jwboyer@redhat.com>
|
||||
- Fix module blacklist patch to not leak a reference to the blacklist keyring
|
||||
|
||||
* Tue Oct 30 2012 Josh Boyer <jwboyer@redhat.com> - 3.7.0-0.rc3.git0.1
|
||||
- Disable debugging options.
|
||||
- Linux v3.7-rc3
|
||||
- enable CONFIG_MEDIA_{USB,PCI}_SUPPORT (rhbz 870457)
|
||||
|
@ -1118,7 +1118,7 @@ index ea1b1df..602aa24 100644
|
||||
+ if (!IS_ERR(blacklist)) {
|
||||
+ /* module is signed with a cert in the blacklist. reject */
|
||||
+ pr_err("Module key '%s' is in blacklist\n", id);
|
||||
+ /*key_put(blacklist);*/
|
||||
+ key_ref_put(blacklist);
|
||||
+ kfree(id);
|
||||
+ return ERR_PTR(-EKEYREJECTED);
|
||||
+ }
|
||||
@ -1227,7 +1227,7 @@ index 0000000..049669d
|
||||
+#include <keys/asymmetric-type.h>
|
||||
+#include "module-internal.h"
|
||||
+
|
||||
+static void *get_cert_list(efi_char16_t *name, efi_guid_t *guid, unsigned long *size)
|
||||
+static __init void *get_cert_list(efi_char16_t *name, efi_guid_t *guid, unsigned long *size)
|
||||
+{
|
||||
+ efi_status_t status;
|
||||
+ unsigned long lsize = 4;
|
||||
|
Loading…
Reference in New Issue
Block a user