Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 5d2787cf authored by David Howells's avatar David Howells
Browse files

KEYS: Add an alloc flag to convey the builtinness of a key



Add KEY_ALLOC_BUILT_IN to convey that a key should have KEY_FLAG_BUILTIN
set rather than setting it after the fact.

Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
Acked-by: default avatarMimi Zohar <zohar@linux.vnet.ibm.com>
parent 411a6f58
Loading
Loading
Loading
Loading
+2 −2
Original line number Diff line number Diff line
@@ -84,12 +84,12 @@ static __init int load_system_certificate_list(void)
					   ((KEY_POS_ALL & ~KEY_POS_SETATTR) |
					   KEY_USR_VIEW | KEY_USR_READ),
					   KEY_ALLOC_NOT_IN_QUOTA |
					   KEY_ALLOC_TRUSTED);
					   KEY_ALLOC_TRUSTED |
					   KEY_ALLOC_BUILT_IN);
		if (IS_ERR(key)) {
			pr_err("Problem loading in-kernel X.509 certificate (%ld)\n",
			       PTR_ERR(key));
		} else {
			set_bit(KEY_FLAG_BUILTIN, &key_ref_to_ptr(key)->flags);
			pr_notice("Loaded X.509 cert '%s'\n",
				  key_ref_to_ptr(key)->description);
			key_ref_put(key);
+1 −0
Original line number Diff line number Diff line
@@ -219,6 +219,7 @@ extern struct key *key_alloc(struct key_type *type,
#define KEY_ALLOC_QUOTA_OVERRUN	0x0001	/* add to quota, permit even if overrun */
#define KEY_ALLOC_NOT_IN_QUOTA	0x0002	/* not in quota */
#define KEY_ALLOC_TRUSTED	0x0004	/* Key should be flagged as trusted */
#define KEY_ALLOC_BUILT_IN	0x0008	/* Key is built into kernel */

extern void key_revoke(struct key *key);
extern void key_invalidate(struct key *key);
+2 −0
Original line number Diff line number Diff line
@@ -296,6 +296,8 @@ struct key *key_alloc(struct key_type *type, const char *desc,
		key->flags |= 1 << KEY_FLAG_IN_QUOTA;
	if (flags & KEY_ALLOC_TRUSTED)
		key->flags |= 1 << KEY_FLAG_TRUSTED;
	if (flags & KEY_ALLOC_BUILT_IN)
		key->flags |= 1 << KEY_FLAG_BUILTIN;

#ifdef KEY_DEBUGGING
	key->magic = KEY_DEBUG_MAGIC;