diff options
| author | David Howells <dhowells@redhat.com> | 2017-04-05 00:33:00 +0300 |
|---|---|---|
| committer | David Howells <dhowells@redhat.com> | 2017-04-05 00:33:00 +0300 |
| commit | f0df90cd7cf2f4a8195c3fff0d2f4c85088fd39c (patch) | |
| tree | bb473a491f791be1c0f9c42b66c4b700ff151d74 /security/keys/internal.h | |
| parent | 73cdd29044e081d56ef6b3186d22cdf25d9dd333 (diff) | |
| parent | 8e323a02e866014091180443ccb186fee1e3d30d (diff) | |
| download | linux-f0df90cd7cf2f4a8195c3fff0d2f4c85088fd39c.tar.xz | |
Merge branch 'keyctl-restrict' of git://git.kernel.org/pub/scm/linux/kernel/git/martineau/linux into keys-next
To quote Mat Martineau:
"""
Keyrings recently acquired the ability to validate keys before they are
linked using kernel internal APIs. This patch set enables configuration
of restricted keyrings from userspace.
These patches apply to linux-fs/keys-misc and are also available here:
https://git.kernel.org/cgit/linux/kernel/git/martineau/linux.git/log/?h=keyctl-restrict
v13: Detect and avoid cycles in restriction references, and change
restrictions to store a single key pointer rather than arbitrary data.
v12: Rework the KEYCTL_RESTRICT_KEYRING command to take an additional
parameter, renamed some functions based on feedback, and dropped an
unnecessary locking change (patch 1 in previous set).
v11: Configure restrictions using KEYCTL_RESTRICT_KEYRING instead of
using a keyring payload at creation time. Make the garbage collector
aware of restrictions.
v10: Fixups from maintainer feedback. Added some missing documentation.
v9: Rebased on linux-fs/keys-misc (v4.9-rc5)
v8: Add option to look for signing keys within the destination keyring.
Fix a consistency issue with keyring locking and restriction checks.
v7: Rework key restriction payload syntax. Move key-type-specific payload
parsing to the key-type. Attach more restriction information to keyrings
(restriction function, data, and data free) so future restrictions are not
limited to storing a key ID to use for key validation. Validate key before
using it to verify another key. Modify key type locking model to allow key
type lookup during keyring creation.
v6: Return error if only restrict_key is supplied, address misc. review
comments.
v5: Fixed signature bypass problem in patch 3/6
v4: Added userspace restriction options based on builtin keyrings.
restrict_link_by_signature implementation is no longer modified. Split
up v3's patch 2/5 to isolate the change to key.h.
v3: Updated commit message for patch 2/5 (restrict_link_by_signature_indirect)
v2: Payload is now preparsed
"""
Signed-off-by: David Howells <dhowells@redhat.com>
Diffstat (limited to 'security/keys/internal.h')
| -rw-r--r-- | security/keys/internal.h | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/security/keys/internal.h b/security/keys/internal.h index 6bee06ae026d..6ce016314897 100644 --- a/security/keys/internal.h +++ b/security/keys/internal.h @@ -168,6 +168,8 @@ extern void key_change_session_keyring(struct callback_head *twork); extern struct work_struct key_gc_work; extern unsigned key_gc_delay; extern void keyring_gc(struct key *keyring, time_t limit); +extern void keyring_restriction_gc(struct key *keyring, + struct key_type *dead_type); extern void key_schedule_gc(time_t gc_at); extern void key_schedule_gc_links(void); extern void key_gc_keytype(struct key_type *ktype); @@ -250,6 +252,9 @@ struct iov_iter; extern long keyctl_instantiate_key_common(key_serial_t, struct iov_iter *, key_serial_t); +extern long keyctl_restrict_keyring(key_serial_t id, + const char __user *_type, + const char __user *_restriction); #ifdef CONFIG_PERSISTENT_KEYRINGS extern long keyctl_get_persistent(uid_t, key_serial_t); extern unsigned persistent_keyring_expiry; |