diff options
| author | Mat Martineau <mathew.j.martineau@linux.intel.com> | 2016-08-30 14:33:13 -0400 |
|---|---|---|
| committer | Mat Martineau <mathew.j.martineau@linux.intel.com> | 2017-04-03 13:24:56 -0400 |
| commit | aaf66c883813f0078e3dafe7d20d1461321ac14f (patch) | |
| tree | 5198162cc55309f8653a0a333c2cbdffc64debad /certs | |
| parent | 469ff8f7d46d75b36de68a0411a2ce80109ad00b (diff) | |
KEYS: Split role of the keyring pointer for keyring restrict functions
The first argument to the restrict_link_func_t functions was a keyring
pointer. These functions are called by the key subsystem with this
argument set to the destination keyring, but restrict_link_by_signature
expects a pointer to the relevant trusted keyring.
Restrict functions may need something other than a single struct key
pointer to allow or reject key linkage, so the data used to make that
decision (such as the trust keyring) is moved to a new, fourth
argument. The first argument is now always the destination keyring.
Signed-off-by: Mat Martineau <mathew.j.martineau@linux.intel.com>
Diffstat (limited to 'certs')
| -rw-r--r-- | certs/system_keyring.c | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/certs/system_keyring.c b/certs/system_keyring.c index 50979d6dcecd..e39cce68dcfa 100644 --- a/certs/system_keyring.c +++ b/certs/system_keyring.c | |||
| @@ -32,11 +32,13 @@ extern __initconst const unsigned long system_certificate_list_size; | |||
| 32 | * Restrict the addition of keys into a keyring based on the key-to-be-added | 32 | * Restrict the addition of keys into a keyring based on the key-to-be-added |
| 33 | * being vouched for by a key in the built in system keyring. | 33 | * being vouched for by a key in the built in system keyring. |
| 34 | */ | 34 | */ |
| 35 | int restrict_link_by_builtin_trusted(struct key *keyring, | 35 | int restrict_link_by_builtin_trusted(struct key *dest_keyring, |
| 36 | const struct key_type *type, | 36 | const struct key_type *type, |
| 37 | const union key_payload *payload) | 37 | const union key_payload *payload, |
| 38 | struct key *restriction_key) | ||
| 38 | { | 39 | { |
| 39 | return restrict_link_by_signature(builtin_trusted_keys, type, payload); | 40 | return restrict_link_by_signature(dest_keyring, type, payload, |
| 41 | builtin_trusted_keys); | ||
| 40 | } | 42 | } |
| 41 | 43 | ||
| 42 | #ifdef CONFIG_SECONDARY_TRUSTED_KEYRING | 44 | #ifdef CONFIG_SECONDARY_TRUSTED_KEYRING |
| @@ -49,20 +51,22 @@ int restrict_link_by_builtin_trusted(struct key *keyring, | |||
| 49 | * keyrings. | 51 | * keyrings. |
| 50 | */ | 52 | */ |
| 51 | int restrict_link_by_builtin_and_secondary_trusted( | 53 | int restrict_link_by_builtin_and_secondary_trusted( |
| 52 | struct key *keyring, | 54 | struct key *dest_keyring, |
| 53 | const struct key_type *type, | 55 | const struct key_type *type, |
| 54 | const union key_payload *payload) | 56 | const union key_payload *payload, |
| 57 | struct key *restrict_key) | ||
| 55 | { | 58 | { |
| 56 | /* If we have a secondary trusted keyring, then that contains a link | 59 | /* If we have a secondary trusted keyring, then that contains a link |
| 57 | * through to the builtin keyring and the search will follow that link. | 60 | * through to the builtin keyring and the search will follow that link. |
| 58 | */ | 61 | */ |
| 59 | if (type == &key_type_keyring && | 62 | if (type == &key_type_keyring && |
| 60 | keyring == secondary_trusted_keys && | 63 | dest_keyring == secondary_trusted_keys && |
| 61 | payload == &builtin_trusted_keys->payload) | 64 | payload == &builtin_trusted_keys->payload) |
| 62 | /* Allow the builtin keyring to be added to the secondary */ | 65 | /* Allow the builtin keyring to be added to the secondary */ |
| 63 | return 0; | 66 | return 0; |
| 64 | 67 | ||
| 65 | return restrict_link_by_signature(secondary_trusted_keys, type, payload); | 68 | return restrict_link_by_signature(dest_keyring, type, payload, |
| 69 | secondary_trusted_keys); | ||
| 66 | } | 70 | } |
| 67 | #endif | 71 | #endif |
| 68 | 72 | ||