diff options
author | David Howells <dhowells@redhat.com> | 2011-03-07 10:05:59 -0500 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2011-03-07 19:17:15 -0500 |
commit | b9fffa3877a3ebbe0a5ad5a247358e2f7df15b24 (patch) | |
tree | 0f58a92c2616b3663f88935290d32a4c90d57025 /security/keys | |
parent | 633e804e89464d3875e59de1959a53f9041d3094 (diff) |
KEYS: Add a key type op to permit the key description to be vetted
Add a key type operation to permit the key type to vet the description of a new
key that key_alloc() is about to allocate. The operation may reject the
description if it wishes with an error of its choosing. If it does this, the
key will not be allocated.
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/keys')
-rw-r--r-- | security/keys/key.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/security/keys/key.c b/security/keys/key.c index 1c2d43dc5107..8e315ef2e88e 100644 --- a/security/keys/key.c +++ b/security/keys/key.c | |||
@@ -249,6 +249,14 @@ struct key *key_alloc(struct key_type *type, const char *desc, | |||
249 | if (!desc || !*desc) | 249 | if (!desc || !*desc) |
250 | goto error; | 250 | goto error; |
251 | 251 | ||
252 | if (type->vet_description) { | ||
253 | ret = type->vet_description(desc); | ||
254 | if (ret < 0) { | ||
255 | key = ERR_PTR(ret); | ||
256 | goto error; | ||
257 | } | ||
258 | } | ||
259 | |||
252 | desclen = strlen(desc) + 1; | 260 | desclen = strlen(desc) + 1; |
253 | quotalen = desclen + type->def_datalen; | 261 | quotalen = desclen + type->def_datalen; |
254 | 262 | ||