diff options
| author | David Howells <dhowells@redhat.com> | 2011-03-07 10:05:59 -0500 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2011-03-07 19:17:15 -0500 |
| commit | b9fffa3877a3ebbe0a5ad5a247358e2f7df15b24 (patch) | |
| tree | 0f58a92c2616b3663f88935290d32a4c90d57025 /security | |
| parent | 633e804e89464d3875e59de1959a53f9041d3094 (diff) | |
KEYS: Add a key type op to permit the key description to be vetted
Add a key type operation to permit the key type to vet the description of a new
key that key_alloc() is about to allocate. The operation may reject the
description if it wishes with an error of its choosing. If it does this, the
key will not be allocated.
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security')
| -rw-r--r-- | security/keys/key.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/security/keys/key.c b/security/keys/key.c index 1c2d43dc5107..8e315ef2e88e 100644 --- a/security/keys/key.c +++ b/security/keys/key.c | |||
| @@ -249,6 +249,14 @@ struct key *key_alloc(struct key_type *type, const char *desc, | |||
| 249 | if (!desc || !*desc) | 249 | if (!desc || !*desc) |
| 250 | goto error; | 250 | goto error; |
| 251 | 251 | ||
| 252 | if (type->vet_description) { | ||
| 253 | ret = type->vet_description(desc); | ||
| 254 | if (ret < 0) { | ||
| 255 | key = ERR_PTR(ret); | ||
| 256 | goto error; | ||
| 257 | } | ||
| 258 | } | ||
| 259 | |||
| 252 | desclen = strlen(desc) + 1; | 260 | desclen = strlen(desc) + 1; |
| 253 | quotalen = desclen + type->def_datalen; | 261 | quotalen = desclen + type->def_datalen; |
| 254 | 262 | ||