KEYS: Call the IMA hook to measure keys

[linux-2.6-microblaze.git] / security / keys / key.c

diff --git a/security/keys/key.c b/security/keys/key.c
index 764f4c5..718bf72 100644 (file)
--- a/security/keys/key.c
+++ b/security/keys/key.c
@@ -13,6 +13,7 @@
 #include <linux/security.h>
 #include <linux/workqueue.h>
 #include <linux/random.h>
+#include <linux/ima.h>
 #include <linux/err.h>
 #include "internal.h"
 
@@ -936,6 +937,9 @@ key_ref_t key_create_or_update(key_ref_t keyring_ref,
                goto error_link_end;
        }
 
+       ima_post_key_create_or_update(keyring, key, payload, plen,
+                                     flags, true);
+
        key_ref = make_key_ref(key, is_key_possessed(keyring_ref));
 
 error_link_end:
@@ -965,6 +969,12 @@ error:
        }
 
        key_ref = __key_update(key_ref, &prep);
+
+       if (!IS_ERR(key_ref))
+               ima_post_key_create_or_update(keyring, key,
+                                             payload, plen,
+                                             flags, false);
+
        goto error_free_prep;
 }
 EXPORT_SYMBOL(key_create_or_update);