diff options
| author | David S. Miller <davem@davemloft.net> | 2011-01-25 01:09:35 +0300 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2011-01-25 01:09:35 +0300 |
| commit | 5bdc22a56549e7983c6b443298672641952ea035 (patch) | |
| tree | fbfd4e7453e4fd23dfef826d4610ed2aae47b36c /security/keys/permission.c | |
| parent | b6f4098897f30b7ea90a1c1edf35e9b20a9d828a (diff) | |
| parent | e92427b289d252cfbd4cb5282d92f4ce1a5bb1fb (diff) | |
| download | linux-5bdc22a56549e7983c6b443298672641952ea035.tar.xz | |
Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
Conflicts:
net/sched/sch_hfsc.c
net/sched/sch_htb.c
net/sched/sch_tbf.c
Diffstat (limited to 'security/keys/permission.c')
| -rw-r--r-- | security/keys/permission.c | 33 |
1 files changed, 17 insertions, 16 deletions
diff --git a/security/keys/permission.c b/security/keys/permission.c index 28645502cd0d..c35b5229e3cd 100644 --- a/security/keys/permission.c +++ b/security/keys/permission.c @@ -1,4 +1,4 @@ -/* permission.c: key permission determination +/* Key permission checking * * Copyright (C) 2005 Red Hat, Inc. All Rights Reserved. * Written by David Howells (dhowells@redhat.com) @@ -13,18 +13,19 @@ #include <linux/security.h> #include "internal.h" -/*****************************************************************************/ /** * key_task_permission - Check a key can be used - * @key_ref: The key to check - * @cred: The credentials to use - * @perm: The permissions to check for + * @key_ref: The key to check. + * @cred: The credentials to use. + * @perm: The permissions to check for. * * Check to see whether permission is granted to use a key in the desired way, * but permit the security modules to override. * - * The caller must hold either a ref on cred or must hold the RCU readlock or a - * spinlock. + * The caller must hold either a ref on cred or must hold the RCU readlock. + * + * Returns 0 if successful, -EACCES if access is denied based on the + * permissions bits or the LSM check. */ int key_task_permission(const key_ref_t key_ref, const struct cred *cred, key_perm_t perm) @@ -79,14 +80,16 @@ use_these_perms: /* let LSM be the final arbiter */ return security_key_permission(key_ref, cred, perm); - -} /* end key_task_permission() */ - +} EXPORT_SYMBOL(key_task_permission); -/*****************************************************************************/ -/* - * validate a key +/** + * key_validate - Validate a key. + * @key: The key to be validated. + * + * Check that a key is valid, returning 0 if the key is okay, -EKEYREVOKED if + * the key's type has been removed or if the key has been revoked or + * -EKEYEXPIRED if the key has expired. */ int key_validate(struct key *key) { @@ -111,7 +114,5 @@ int key_validate(struct key *key) error: return ret; - -} /* end key_validate() */ - +} EXPORT_SYMBOL(key_validate); |