LU-17612 gss: always try to unlink key in error

In case of error in context negotiation carried out in userspace,
always try to unlink key to avoid leaking it.

Test-Parameters: trivial
Test-Parameters: kerberos=true testlist=sanity-krb5
Test-Parameters: testgroup=review-dne-selinux-ssk-part-2
Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
Change-Id: Ic771f1e4f1b6474caaa89f63c3b02678e163d3d3
Reviewed-on: https://review.whamcloud.com/c/fs/lustre-release/+/54316
Tested-by: jenkins <devops@whamcloud.com>
Tested-by: Maloo <maloo@whamcloud.com>
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
Reviewed-by: Aurelien Degremont <adegremont@nvidia.com>
Reviewed-by: Oleg Drokin <green@whamcloud.com>

diff --git a/lustre/utils/gss/lgss_keyring.c b/lustre/utils/gss/lgss_keyring.c
index 825d1c3..c9bd249 100644 (file)
--- a/lustre/utils/gss/lgss_keyring.c
+++ b/lustre/utils/gss/lgss_keyring.c
@@ -610,7 +610,7 @@ static int error_kernel_key(key_serial_t keyid, int rpc_error, int gss_error,
        int seqwin = 0;
        char *p, *end;
        char buf[32];
-       int rc;
+       int rc, rc2;
 
        logmsg(LL_TRACE, "revoking kernel key %08x\n", keyid);
 
@@ -633,15 +633,17 @@ static int error_kernel_key(key_serial_t keyid, int rpc_error, int gss_error,
        WRITE_BYTES(&p, end, gss_error);
 
        rc = do_keyctl_update("revok", keyid, buf, p - buf);
-       if (rc)
-               goto out;
-       rc = keyctl_unlink(keyid, inst_keyring);
-       if (rc)
+       /* no matter if revoking key was successful or not, always try unlink */
+       rc2 = keyctl_unlink(keyid, inst_keyring);
+       if (rc2) {
                logmsg(LL_ERR, "unlink key %08x from %d: %s\n",
                       keyid, inst_keyring, strerror(errno));
-       else
+               if (!rc)
+                       rc = rc2;
+       } else {
                logmsg(LL_INFO, "key %08x: unlinked from %d\n",
                       keyid, inst_keyring);
+       }
 
 out:
        if (child == 0)