certs: don't try to update blacklist keys

[sfrench/cifs-2.6.git] / certs / blacklist.c

diff --git a/certs/blacklist.c b/certs/blacklist.c
index 6e260c4b6a1932a635a7f057b3c9c1443cf48323..675dd7a8f07abc150838d051d440e4d5f877a3c0 100644 (file)
--- a/certs/blacklist.c
+++ b/certs/blacklist.c
@@ -183,16 +183,19 @@ static int mark_raw_hash_blacklisted(const char *hash)
 {
        key_ref_t key;
 
-       key = key_create_or_update(make_key_ref(blacklist_keyring, true),
-                                  "blacklist",
-                                  hash,
-                                  NULL,
-                                  0,
-                                  BLACKLIST_KEY_PERM,
-                                  KEY_ALLOC_NOT_IN_QUOTA |
-                                  KEY_ALLOC_BUILT_IN);
+       key = key_create(make_key_ref(blacklist_keyring, true),
+                        "blacklist",
+                        hash,
+                        NULL,
+                        0,
+                        BLACKLIST_KEY_PERM,
+                        KEY_ALLOC_NOT_IN_QUOTA |
+                        KEY_ALLOC_BUILT_IN);
        if (IS_ERR(key)) {
-               pr_err("Problem blacklisting hash %s: %pe\n", hash, key);
+               if (PTR_ERR(key) == -EEXIST)
+                       pr_warn("Duplicate blacklisted hash %s\n", hash);
+               else
+                       pr_err("Problem blacklisting hash %s: %pe\n", hash, key);
                return PTR_ERR(key);
        }
        return 0;