diff options
author | David Howells <dhowells@redhat.com> | 2014-03-14 17:44:49 +0000 |
---|---|---|
committer | David Howells <dhowells@redhat.com> | 2014-03-14 17:44:49 +0000 |
commit | f5895943d91b41b0368830cdb6eaffb8eda0f4c8 (patch) | |
tree | 7f2306521dae27b9beb0be25942d27ee6d9a328a /security/keys/key.c | |
parent | c60f7d5a8e7c639de5d9dfe07e1e91d302d506e4 (diff) | |
download | linux-f5895943d91b41b0368830cdb6eaffb8eda0f4c8.tar.gz linux-f5895943d91b41b0368830cdb6eaffb8eda0f4c8.tar.bz2 linux-f5895943d91b41b0368830cdb6eaffb8eda0f4c8.zip |
KEYS: Move the flags representing required permission to linux/key.h
Move the flags representing required permission to linux/key.h as the perm
parameter of security_key_permission() is in terms of them - and not the
permissions mask flags used in key->perm.
Whilst we're at it:
(1) Rename them to be KEY_NEED_xxx rather than KEY_xxx to avoid collisions
with symbols in uapi/linux/input.h.
(2) Don't use key_perm_t for a mask of required permissions, but rather limit
it to the permissions mask attached to the key and arguments related
directly to that.
Signed-off-by: David Howells <dhowells@redhat.com>
Tested-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Diffstat (limited to 'security/keys/key.c')
-rw-r--r-- | security/keys/key.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/security/keys/key.c b/security/keys/key.c index 6e21c11e48bc..2048a110e7f1 100644 --- a/security/keys/key.c +++ b/security/keys/key.c @@ -714,7 +714,7 @@ static inline key_ref_t __key_update(key_ref_t key_ref, int ret; /* need write permission on the key to update it */ - ret = key_permission(key_ref, KEY_WRITE); + ret = key_permission(key_ref, KEY_NEED_WRITE); if (ret < 0) goto error; @@ -838,7 +838,7 @@ key_ref_t key_create_or_update(key_ref_t keyring_ref, /* if we're going to allocate a new key, we're going to have * to modify the keyring */ - ret = key_permission(keyring_ref, KEY_WRITE); + ret = key_permission(keyring_ref, KEY_NEED_WRITE); if (ret < 0) { key_ref = ERR_PTR(ret); goto error_link_end; @@ -928,7 +928,7 @@ int key_update(key_ref_t key_ref, const void *payload, size_t plen) key_check(key); /* the key must be writable */ - ret = key_permission(key_ref, KEY_WRITE); + ret = key_permission(key_ref, KEY_NEED_WRITE); if (ret < 0) goto error; |