summaryrefslogtreecommitdiffstats
path: root/security/keys
diff options
context:
space:
mode:
authorMat Martineau <mathew.j.martineau@linux.intel.com>2016-08-30 11:33:13 -0700
committerMat Martineau <mathew.j.martineau@linux.intel.com>2017-04-03 10:24:56 -0700
commitaaf66c883813f0078e3dafe7d20d1461321ac14f (patch)
tree5198162cc55309f8653a0a333c2cbdffc64debad /security/keys
parent469ff8f7d46d75b36de68a0411a2ce80109ad00b (diff)
downloadlinux-aaf66c883813f0078e3dafe7d20d1461321ac14f.tar.gz
linux-aaf66c883813f0078e3dafe7d20d1461321ac14f.tar.bz2
linux-aaf66c883813f0078e3dafe7d20d1461321ac14f.zip
KEYS: Split role of the keyring pointer for keyring restrict functions
The first argument to the restrict_link_func_t functions was a keyring pointer. These functions are called by the key subsystem with this argument set to the destination keyring, but restrict_link_by_signature expects a pointer to the relevant trusted keyring. Restrict functions may need something other than a single struct key pointer to allow or reject key linkage, so the data used to make that decision (such as the trust keyring) is moved to a new, fourth argument. The first argument is now always the destination keyring. Signed-off-by: Mat Martineau <mathew.j.martineau@linux.intel.com>
Diffstat (limited to 'security/keys')
-rw-r--r--security/keys/key.c5
-rw-r--r--security/keys/keyring.c6
2 files changed, 7 insertions, 4 deletions
diff --git a/security/keys/key.c b/security/keys/key.c
index 08dfa13f6a85..27fc1bb40034 100644
--- a/security/keys/key.c
+++ b/security/keys/key.c
@@ -499,7 +499,7 @@ int key_instantiate_and_link(struct key *key,
if (keyring) {
if (keyring->restrict_link) {
ret = keyring->restrict_link(keyring, key->type,
- &prep.payload);
+ &prep.payload, NULL);
if (ret < 0)
goto error;
}
@@ -851,7 +851,8 @@ key_ref_t key_create_or_update(key_ref_t keyring_ref,
index_key.desc_len = strlen(index_key.description);
if (restrict_link) {
- ret = restrict_link(keyring, index_key.type, &prep.payload);
+ ret = restrict_link(keyring, index_key.type, &prep.payload,
+ NULL);
if (ret < 0) {
key_ref = ERR_PTR(ret);
goto error_free_prep;
diff --git a/security/keys/keyring.c b/security/keys/keyring.c
index 1b29ac759bf7..2ccc66ec35d7 100644
--- a/security/keys/keyring.c
+++ b/security/keys/keyring.c
@@ -517,6 +517,7 @@ EXPORT_SYMBOL(keyring_alloc);
* @keyring: The keyring being added to.
* @type: The type of key being added.
* @payload: The payload of the key intended to be added.
+ * @data: Additional data for evaluating restriction.
*
* Reject the addition of any links to a keyring. It can be overridden by
* passing KEY_ALLOC_BYPASS_RESTRICTION to key_instantiate_and_link() when
@@ -527,7 +528,8 @@ EXPORT_SYMBOL(keyring_alloc);
*/
int restrict_link_reject(struct key *keyring,
const struct key_type *type,
- const union key_payload *payload)
+ const union key_payload *payload,
+ struct key *restriction_key)
{
return -EPERM;
}
@@ -1220,7 +1222,7 @@ static int __key_link_check_restriction(struct key *keyring, struct key *key)
{
if (!keyring->restrict_link)
return 0;
- return keyring->restrict_link(keyring, key->type, &key->payload);
+ return keyring->restrict_link(keyring, key->type, &key->payload, NULL);
}
/**