summaryrefslogtreecommitdiff
path: root/include
diff options
context:
space:
mode:
authorJames Morris <james.l.morris@oracle.com>2014-04-14 05:42:49 +0400
committerJames Morris <james.l.morris@oracle.com>2014-04-14 05:42:49 +0400
commitb13cebe70775e67323e1c2eff20e1cd174e430a4 (patch)
tree80e5775c2ce5c90bdef8a2ce487fb70a179217af /include
parentecd740c6f2f092b90b95fa35f757973589eaaca2 (diff)
parentfffea214abf66a8672cfd6697fae65e743e22f11 (diff)
downloadlinux-b13cebe70775e67323e1c2eff20e1cd174e430a4.tar.xz
Merge tag 'keys-20140314' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs into next
Diffstat (limited to 'include')
-rw-r--r--include/linux/key.h11
-rw-r--r--include/linux/security.h6
2 files changed, 14 insertions, 3 deletions
diff --git a/include/linux/key.h b/include/linux/key.h
index 80d677483e31..cd0abb8c9c33 100644
--- a/include/linux/key.h
+++ b/include/linux/key.h
@@ -309,6 +309,17 @@ static inline key_serial_t key_serial(const struct key *key)
extern void key_set_timeout(struct key *, unsigned);
+/*
+ * The permissions required on a key that we're looking up.
+ */
+#define KEY_NEED_VIEW 0x01 /* Require permission to view attributes */
+#define KEY_NEED_READ 0x02 /* Require permission to read content */
+#define KEY_NEED_WRITE 0x04 /* Require permission to update / modify */
+#define KEY_NEED_SEARCH 0x08 /* Require permission to search (keyring) or find (key) */
+#define KEY_NEED_LINK 0x10 /* Require permission to link */
+#define KEY_NEED_SETATTR 0x20 /* Require permission to change attributes */
+#define KEY_NEED_ALL 0x3f /* All the above permissions */
+
/**
* key_is_instantiated - Determine if a key has been positively instantiated
* @key: The key to check.
diff --git a/include/linux/security.h b/include/linux/security.h
index 2fc42d191f79..6726006bc766 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -1708,7 +1708,7 @@ struct security_operations {
void (*key_free) (struct key *key);
int (*key_permission) (key_ref_t key_ref,
const struct cred *cred,
- key_perm_t perm);
+ unsigned perm);
int (*key_getsecurity)(struct key *key, char **_buffer);
#endif /* CONFIG_KEYS */
@@ -3030,7 +3030,7 @@ static inline int security_path_chroot(struct path *path)
int security_key_alloc(struct key *key, const struct cred *cred, unsigned long flags);
void security_key_free(struct key *key);
int security_key_permission(key_ref_t key_ref,
- const struct cred *cred, key_perm_t perm);
+ const struct cred *cred, unsigned perm);
int security_key_getsecurity(struct key *key, char **_buffer);
#else
@@ -3048,7 +3048,7 @@ static inline void security_key_free(struct key *key)
static inline int security_key_permission(key_ref_t key_ref,
const struct cred *cred,
- key_perm_t perm)
+ unsigned perm)
{
return 0;
}