diff options
| author | David Howells <dhowells@redhat.com> | 2012-05-11 05:56:56 -0400 |
|---|---|---|
| committer | David Howells <dhowells@redhat.com> | 2012-05-11 05:56:56 -0400 |
| commit | fd75815f727f157a05f4c96b5294a4617c0557da (patch) | |
| tree | b2e76abf176d37b5d810b0c813b8c0219754b88c /security/keys/internal.h | |
| parent | 31d5a79d7f3d436da176a78ebc12d53c06da402e (diff) | |
KEYS: Add invalidation support
Add support for invalidating a key - which renders it immediately invisible to
further searches and causes the garbage collector to immediately wake up,
remove it from keyrings and then destroy it when it's no longer referenced.
It's better not to do this with keyctl_revoke() as that marks the key to start
returning -EKEYREVOKED to searches when what is actually desired is to have the
key refetched.
To invalidate a key the caller must be granted SEARCH permission by the key.
This may be too strict. It may be better to also permit invalidation if the
caller has any of READ, WRITE or SETATTR permission.
The primary use for this is to evict keys that are cached in special keyrings,
such as the DNS resolver or an ID mapper.
Signed-off-by: David Howells <dhowells@redhat.com>
Diffstat (limited to 'security/keys/internal.h')
| -rw-r--r-- | security/keys/internal.h | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/security/keys/internal.h b/security/keys/internal.h index 65647f825584..f711b094ed41 100644 --- a/security/keys/internal.h +++ b/security/keys/internal.h | |||
| @@ -152,7 +152,8 @@ extern long join_session_keyring(const char *name); | |||
| 152 | extern struct work_struct key_gc_work; | 152 | extern struct work_struct key_gc_work; |
| 153 | extern unsigned key_gc_delay; | 153 | extern unsigned key_gc_delay; |
| 154 | extern void keyring_gc(struct key *keyring, time_t limit); | 154 | extern void keyring_gc(struct key *keyring, time_t limit); |
| 155 | extern void key_schedule_gc(time_t expiry_at); | 155 | extern void key_schedule_gc(time_t gc_at); |
| 156 | extern void key_schedule_gc_links(void); | ||
| 156 | extern void key_gc_keytype(struct key_type *ktype); | 157 | extern void key_gc_keytype(struct key_type *ktype); |
| 157 | 158 | ||
| 158 | extern int key_task_permission(const key_ref_t key_ref, | 159 | extern int key_task_permission(const key_ref_t key_ref, |
| @@ -197,6 +198,17 @@ extern struct key *request_key_auth_new(struct key *target, | |||
| 197 | extern struct key *key_get_instantiation_authkey(key_serial_t target_id); | 198 | extern struct key *key_get_instantiation_authkey(key_serial_t target_id); |
| 198 | 199 | ||
| 199 | /* | 200 | /* |
| 201 | * Determine whether a key is dead. | ||
| 202 | */ | ||
| 203 | static inline bool key_is_dead(struct key *key, time_t limit) | ||
| 204 | { | ||
| 205 | return | ||
| 206 | key->flags & ((1 << KEY_FLAG_DEAD) | | ||
| 207 | (1 << KEY_FLAG_INVALIDATED)) || | ||
| 208 | (key->expiry > 0 && key->expiry <= limit); | ||
| 209 | } | ||
| 210 | |||
| 211 | /* | ||
| 200 | * keyctl() functions | 212 | * keyctl() functions |
| 201 | */ | 213 | */ |
| 202 | extern long keyctl_get_keyring_ID(key_serial_t, int); | 214 | extern long keyctl_get_keyring_ID(key_serial_t, int); |
| @@ -225,6 +237,7 @@ extern long keyctl_reject_key(key_serial_t, unsigned, unsigned, key_serial_t); | |||
| 225 | extern long keyctl_instantiate_key_iov(key_serial_t, | 237 | extern long keyctl_instantiate_key_iov(key_serial_t, |
| 226 | const struct iovec __user *, | 238 | const struct iovec __user *, |
| 227 | unsigned, key_serial_t); | 239 | unsigned, key_serial_t); |
| 240 | extern long keyctl_invalidate_key(key_serial_t); | ||
| 228 | 241 | ||
| 229 | extern long keyctl_instantiate_key_common(key_serial_t, | 242 | extern long keyctl_instantiate_key_common(key_serial_t, |
| 230 | const struct iovec __user *, | 243 | const struct iovec __user *, |