Loading crypto/asymmetric_keys/Kconfig +0 −1 Original line number Original line Diff line number Diff line Loading @@ -22,7 +22,6 @@ config ASYMMETRIC_PUBLIC_KEY_SUBTYPE config PUBLIC_KEY_ALGO_RSA config PUBLIC_KEY_ALGO_RSA tristate "RSA public-key algorithm" tristate "RSA public-key algorithm" select MPILIB_EXTRA select MPILIB select MPILIB help help This option enables support for the RSA algorithm (PKCS#1, RFC3447). This option enables support for the RSA algorithm (PKCS#1, RFC3447). Loading fs/nfs/idmap.c +2 −0 Original line number Original line Diff line number Diff line Loading @@ -284,6 +284,8 @@ static struct key *nfs_idmap_request_key(const char *name, size_t namelen, desc, "", 0, idmap); desc, "", 0, idmap); mutex_unlock(&idmap->idmap_mutex); mutex_unlock(&idmap->idmap_mutex); } } if (!IS_ERR(rkey)) set_bit(KEY_FLAG_ROOT_CAN_INVAL, &rkey->flags); kfree(desc); kfree(desc); return rkey; return rkey; Loading include/linux/key.h +1 −0 Original line number Original line Diff line number Diff line Loading @@ -171,6 +171,7 @@ struct key { #define KEY_FLAG_TRUSTED 8 /* set if key is trusted */ #define KEY_FLAG_TRUSTED 8 /* set if key is trusted */ #define KEY_FLAG_TRUSTED_ONLY 9 /* set if keyring only accepts links to trusted keys */ #define KEY_FLAG_TRUSTED_ONLY 9 /* set if keyring only accepts links to trusted keys */ #define KEY_FLAG_BUILTIN 10 /* set if key is builtin */ #define KEY_FLAG_BUILTIN 10 /* set if key is builtin */ #define KEY_FLAG_ROOT_CAN_INVAL 11 /* set if key can be invalidated by root without permission */ /* the key type and key description string /* the key type and key description string * - the desc is used to match a key against search criteria * - the desc is used to match a key against search criteria Loading lib/Kconfig +2 −1 Original line number Original line Diff line number Diff line Loading @@ -451,7 +451,8 @@ config MPILIB config SIGNATURE config SIGNATURE tristate tristate depends on KEYS && CRYPTO depends on KEYS select CRYPTO select CRYPTO_SHA1 select CRYPTO_SHA1 select MPILIB select MPILIB help help Loading net/dns_resolver/dns_query.c +1 −0 Original line number Original line Diff line number Diff line Loading @@ -129,6 +129,7 @@ int dns_query(const char *type, const char *name, size_t namelen, } } down_read(&rkey->sem); down_read(&rkey->sem); set_bit(KEY_FLAG_ROOT_CAN_INVAL, &rkey->flags); rkey->perm |= KEY_USR_VIEW; rkey->perm |= KEY_USR_VIEW; ret = key_validate(rkey); ret = key_validate(rkey); Loading Loading
crypto/asymmetric_keys/Kconfig +0 −1 Original line number Original line Diff line number Diff line Loading @@ -22,7 +22,6 @@ config ASYMMETRIC_PUBLIC_KEY_SUBTYPE config PUBLIC_KEY_ALGO_RSA config PUBLIC_KEY_ALGO_RSA tristate "RSA public-key algorithm" tristate "RSA public-key algorithm" select MPILIB_EXTRA select MPILIB select MPILIB help help This option enables support for the RSA algorithm (PKCS#1, RFC3447). This option enables support for the RSA algorithm (PKCS#1, RFC3447). Loading
fs/nfs/idmap.c +2 −0 Original line number Original line Diff line number Diff line Loading @@ -284,6 +284,8 @@ static struct key *nfs_idmap_request_key(const char *name, size_t namelen, desc, "", 0, idmap); desc, "", 0, idmap); mutex_unlock(&idmap->idmap_mutex); mutex_unlock(&idmap->idmap_mutex); } } if (!IS_ERR(rkey)) set_bit(KEY_FLAG_ROOT_CAN_INVAL, &rkey->flags); kfree(desc); kfree(desc); return rkey; return rkey; Loading
include/linux/key.h +1 −0 Original line number Original line Diff line number Diff line Loading @@ -171,6 +171,7 @@ struct key { #define KEY_FLAG_TRUSTED 8 /* set if key is trusted */ #define KEY_FLAG_TRUSTED 8 /* set if key is trusted */ #define KEY_FLAG_TRUSTED_ONLY 9 /* set if keyring only accepts links to trusted keys */ #define KEY_FLAG_TRUSTED_ONLY 9 /* set if keyring only accepts links to trusted keys */ #define KEY_FLAG_BUILTIN 10 /* set if key is builtin */ #define KEY_FLAG_BUILTIN 10 /* set if key is builtin */ #define KEY_FLAG_ROOT_CAN_INVAL 11 /* set if key can be invalidated by root without permission */ /* the key type and key description string /* the key type and key description string * - the desc is used to match a key against search criteria * - the desc is used to match a key against search criteria Loading
lib/Kconfig +2 −1 Original line number Original line Diff line number Diff line Loading @@ -451,7 +451,8 @@ config MPILIB config SIGNATURE config SIGNATURE tristate tristate depends on KEYS && CRYPTO depends on KEYS select CRYPTO select CRYPTO_SHA1 select CRYPTO_SHA1 select MPILIB select MPILIB help help Loading
net/dns_resolver/dns_query.c +1 −0 Original line number Original line Diff line number Diff line Loading @@ -129,6 +129,7 @@ int dns_query(const char *type, const char *name, size_t namelen, } } down_read(&rkey->sem); down_read(&rkey->sem); set_bit(KEY_FLAG_ROOT_CAN_INVAL, &rkey->flags); rkey->perm |= KEY_USR_VIEW; rkey->perm |= KEY_USR_VIEW; ret = key_validate(rkey); ret = key_validate(rkey); Loading
David Howells <dhowells@redhat.com>David Howells <dhowells@redhat.com>