summaryrefslogtreecommitdiff
path: root/include/crypto/public_key.h
diff options
context:
space:
mode:
authorMat Martineau <mathew.j.martineau@linux.intel.com>2016-08-30 21:33:13 +0300
committerMat Martineau <mathew.j.martineau@linux.intel.com>2017-04-03 20:24:56 +0300
commitaaf66c883813f0078e3dafe7d20d1461321ac14f (patch)
tree5198162cc55309f8653a0a333c2cbdffc64debad /include/crypto/public_key.h
parent469ff8f7d46d75b36de68a0411a2ce80109ad00b (diff)
downloadlinux-aaf66c883813f0078e3dafe7d20d1461321ac14f.tar.xz
KEYS: Split role of the keyring pointer for keyring restrict functions
The first argument to the restrict_link_func_t functions was a keyring pointer. These functions are called by the key subsystem with this argument set to the destination keyring, but restrict_link_by_signature expects a pointer to the relevant trusted keyring. Restrict functions may need something other than a single struct key pointer to allow or reject key linkage, so the data used to make that decision (such as the trust keyring) is moved to a new, fourth argument. The first argument is now always the destination keyring. Signed-off-by: Mat Martineau <mathew.j.martineau@linux.intel.com>
Diffstat (limited to 'include/crypto/public_key.h')
-rw-r--r--include/crypto/public_key.h5
1 files changed, 3 insertions, 2 deletions
diff --git a/include/crypto/public_key.h b/include/crypto/public_key.h
index 882ca0e1e7a5..ec0262fa08f8 100644
--- a/include/crypto/public_key.h
+++ b/include/crypto/public_key.h
@@ -50,9 +50,10 @@ struct key;
struct key_type;
union key_payload;
-extern int restrict_link_by_signature(struct key *trust_keyring,
+extern int restrict_link_by_signature(struct key *dest_keyring,
const struct key_type *type,
- const union key_payload *payload);
+ const union key_payload *payload,
+ struct key *trust_keyring);
extern int verify_signature(const struct key *key,
const struct public_key_signature *sig);