summaryrefslogtreecommitdiff
path: root/include/linux/key-type.h
diff options
context:
space:
mode:
authorMat Martineau <mathew.j.martineau@linux.intel.com>2016-05-06 15:38:17 -0700
committerMat Martineau <mathew.j.martineau@linux.intel.com>2017-04-04 14:10:11 -0700
commitefba797b977c99bc6e0c301299272c80fb8b287f (patch)
tree746410c0909fee9a126c418df1dd51b85a3a94ec /include/linux/key-type.h
parent2b6aa412ff23a02ac777ad307249c60a839cfd25 (diff)
KEYS: Add an optional lookup_restriction hook to key_type
The restrict_link functions used to validate keys as they are linked to a keyring can be associated with specific key types. Each key type may be loaded (or not) at runtime, so lookup of restrict_link functions needs to be part of the key type implementation to ensure that the requested keys can be examined. Signed-off-by: Mat Martineau <mathew.j.martineau@linux.intel.com>
Diffstat (limited to 'include/linux/key-type.h')
-rw-r--r--include/linux/key-type.h8
1 files changed, 8 insertions, 0 deletions
diff --git a/include/linux/key-type.h b/include/linux/key-type.h
index eaee981c5558..8496cf64575c 100644
--- a/include/linux/key-type.h
+++ b/include/linux/key-type.h
@@ -147,6 +147,14 @@ struct key_type {
*/
request_key_actor_t request_key;
+ /* Look up a keyring access restriction (optional)
+ *
+ * - NULL is a valid return value (meaning the requested restriction
+ * is known but will never block addition of a key)
+ * - should return -EINVAL if the restriction is unknown
+ */
+ struct key_restriction *(*lookup_restriction)(const char *params);
+
/* internal fields */
struct list_head link; /* link in types list */
struct lock_class_key lock_class; /* key->sem lock class */