aboutsummaryrefslogtreecommitdiffstats
path: root/security/keys
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2011-03-07 10:05:59 -0500
committerJames Morris <jmorris@namei.org>2011-03-07 19:17:15 -0500
commitb9fffa3877a3ebbe0a5ad5a247358e2f7df15b24 (patch)
tree0f58a92c2616b3663f88935290d32a4c90d57025 /security/keys
parent633e804e89464d3875e59de1959a53f9041d3094 (diff)
KEYS: Add a key type op to permit the key description to be vetted
Add a key type operation to permit the key type to vet the description of a new key that key_alloc() is about to allocate. The operation may reject the description if it wishes with an error of its choosing. If it does this, the key will not be allocated. Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/keys')
-rw-r--r--security/keys/key.c8
1 files changed, 8 insertions, 0 deletions
diff --git a/security/keys/key.c b/security/keys/key.c
index 1c2d43dc5107..8e315ef2e88e 100644
--- a/security/keys/key.c
+++ b/security/keys/key.c
@@ -249,6 +249,14 @@ struct key *key_alloc(struct key_type *type, const char *desc,
249 if (!desc || !*desc) 249 if (!desc || !*desc)
250 goto error; 250 goto error;
251 251
252 if (type->vet_description) {
253 ret = type->vet_description(desc);
254 if (ret < 0) {
255 key = ERR_PTR(ret);
256 goto error;
257 }
258 }
259
252 desclen = strlen(desc) + 1; 260 desclen = strlen(desc) + 1;
253 quotalen = desclen + type->def_datalen; 261 quotalen = desclen + type->def_datalen;
254 262