mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-09-30 06:10:56 +00:00
KEYS: Add an alloc flag to convey the builtinness of a key
Add KEY_ALLOC_BUILT_IN to convey that a key should have KEY_FLAG_BUILTIN set rather than setting it after the fact. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
This commit is contained in:
parent
411a6f585c
commit
5d2787cf0b
3 changed files with 5 additions and 2 deletions
|
@ -84,12 +84,12 @@ static __init int load_system_certificate_list(void)
|
||||||
((KEY_POS_ALL & ~KEY_POS_SETATTR) |
|
((KEY_POS_ALL & ~KEY_POS_SETATTR) |
|
||||||
KEY_USR_VIEW | KEY_USR_READ),
|
KEY_USR_VIEW | KEY_USR_READ),
|
||||||
KEY_ALLOC_NOT_IN_QUOTA |
|
KEY_ALLOC_NOT_IN_QUOTA |
|
||||||
KEY_ALLOC_TRUSTED);
|
KEY_ALLOC_TRUSTED |
|
||||||
|
KEY_ALLOC_BUILT_IN);
|
||||||
if (IS_ERR(key)) {
|
if (IS_ERR(key)) {
|
||||||
pr_err("Problem loading in-kernel X.509 certificate (%ld)\n",
|
pr_err("Problem loading in-kernel X.509 certificate (%ld)\n",
|
||||||
PTR_ERR(key));
|
PTR_ERR(key));
|
||||||
} else {
|
} else {
|
||||||
set_bit(KEY_FLAG_BUILTIN, &key_ref_to_ptr(key)->flags);
|
|
||||||
pr_notice("Loaded X.509 cert '%s'\n",
|
pr_notice("Loaded X.509 cert '%s'\n",
|
||||||
key_ref_to_ptr(key)->description);
|
key_ref_to_ptr(key)->description);
|
||||||
key_ref_put(key);
|
key_ref_put(key);
|
||||||
|
|
|
@ -219,6 +219,7 @@ extern struct key *key_alloc(struct key_type *type,
|
||||||
#define KEY_ALLOC_QUOTA_OVERRUN 0x0001 /* add to quota, permit even if overrun */
|
#define KEY_ALLOC_QUOTA_OVERRUN 0x0001 /* add to quota, permit even if overrun */
|
||||||
#define KEY_ALLOC_NOT_IN_QUOTA 0x0002 /* not in quota */
|
#define KEY_ALLOC_NOT_IN_QUOTA 0x0002 /* not in quota */
|
||||||
#define KEY_ALLOC_TRUSTED 0x0004 /* Key should be flagged as trusted */
|
#define KEY_ALLOC_TRUSTED 0x0004 /* Key should be flagged as trusted */
|
||||||
|
#define KEY_ALLOC_BUILT_IN 0x0008 /* Key is built into kernel */
|
||||||
|
|
||||||
extern void key_revoke(struct key *key);
|
extern void key_revoke(struct key *key);
|
||||||
extern void key_invalidate(struct key *key);
|
extern void key_invalidate(struct key *key);
|
||||||
|
|
|
@ -296,6 +296,8 @@ struct key *key_alloc(struct key_type *type, const char *desc,
|
||||||
key->flags |= 1 << KEY_FLAG_IN_QUOTA;
|
key->flags |= 1 << KEY_FLAG_IN_QUOTA;
|
||||||
if (flags & KEY_ALLOC_TRUSTED)
|
if (flags & KEY_ALLOC_TRUSTED)
|
||||||
key->flags |= 1 << KEY_FLAG_TRUSTED;
|
key->flags |= 1 << KEY_FLAG_TRUSTED;
|
||||||
|
if (flags & KEY_ALLOC_BUILT_IN)
|
||||||
|
key->flags |= 1 << KEY_FLAG_BUILTIN;
|
||||||
|
|
||||||
#ifdef KEY_DEBUGGING
|
#ifdef KEY_DEBUGGING
|
||||||
key->magic = KEY_DEBUG_MAGIC;
|
key->magic = KEY_DEBUG_MAGIC;
|
||||||
|
|
Loading…
Reference in a new issue