3 files changed, 10 insertions, 2 deletions

diff --git a/security/keys/encrypted.c b/security/keys/encrypted.c
index b1cba5b..e14c4be 100644
--- a/security/keys/encrypted.c
+++ b/security/keys/encrypted.c
@@ -708,6 +708,8 @@ static int encrypted_update(struct key *key, const void *data, size_t datalen)
 	char *new_master_desc = NULL;
 	int ret = 0;
 
+	if (test_bit(KEY_FLAG_NEGATIVE, &key->flags))
+		return -ENOKEY;
 	if (datalen <= 0 || datalen > 32767 || !data)
 		return -EINVAL;
 
diff --git a/security/keys/trusted.c b/security/keys/trusted.c
index 0c33e2e..7611f70 100644
--- a/security/keys/trusted.c
+++ b/security/keys/trusted.c
@@ -1002,12 +1002,15 @@ static void trusted_rcu_free(struct rcu_head *rcu)
  */
 static int trusted_update(struct key *key, const void *data, size_t datalen)
 {
-	struct trusted_key_payload *p = key->payload.data;
+	struct trusted_key_payload *p;
 	struct trusted_key_payload *new_p;
 	struct trusted_key_options *new_o;
 	char *datablob;
 	int ret = 0;
 
+	if (test_bit(KEY_FLAG_NEGATIVE, &key->flags))
+		return -ENOKEY;
+	p = key->payload.data;
 	if (!p->migratable)
 		return -EPERM;
 	if (datalen <= 0 || datalen > 32767 || !data)
diff --git a/security/keys/user_defined.c b/security/keys/user_defined.c
index 69ff52c..49ec881 100644
--- a/security/keys/user_defined.c
+++ b/security/keys/user_defined.c
@@ -97,7 +97,10 @@ int user_update(struct key *key, const void *data, size_t datalen)
 
 	if (ret == 0) {
 		/* attach the new data, displacing the old */
-		zap = key->payload.data;
+		if (!test_bit(KEY_FLAG_NEGATIVE, &key->flags))
+			zap = key->payload.data;
+		else
+			zap = NULL;
 		rcu_assign_pointer(key->payload.data, upayload);
 		key->expiry = 0;
 	}