aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2014-07-18 13:56:34 -0400
committerDavid Howells <dhowells@redhat.com>2014-07-22 16:46:08 -0400
commit7dfa0ca6a95de65b7a7760630cdbd7d30f204bfa (patch)
treee97786b11796e13f91b205dbb8adb3727e88789d /security
parentfc7c70e0b6b637bbf6cf8b9cee547d5ae83899c9 (diff)
KEYS: Allow expiry time to be set when preparsing a key
Allow a key type's preparsing routine to set the expiry time for a key. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Steve Dickson <steved@redhat.com> Acked-by: Jeff Layton <jlayton@primarydata.com> Reviewed-by: Sage Weil <sage@redhat.com>
Diffstat (limited to 'security')
-rw-r--r--security/keys/key.c8
1 files changed, 8 insertions, 0 deletions
diff --git a/security/keys/key.c b/security/keys/key.c
index 03620a35a4dc..755fb02df5af 100644
--- a/security/keys/key.c
+++ b/security/keys/key.c
@@ -437,6 +437,11 @@ static int __key_instantiate_and_link(struct key *key,
437 /* disable the authorisation key */ 437 /* disable the authorisation key */
438 if (authkey) 438 if (authkey)
439 key_revoke(authkey); 439 key_revoke(authkey);
440
441 if (prep->expiry != TIME_T_MAX) {
442 key->expiry = prep->expiry;
443 key_schedule_gc(prep->expiry + key_gc_delay);
444 }
440 } 445 }
441 } 446 }
442 447
@@ -479,6 +484,7 @@ int key_instantiate_and_link(struct key *key,
479 prep.data = data; 484 prep.data = data;
480 prep.datalen = datalen; 485 prep.datalen = datalen;
481 prep.quotalen = key->type->def_datalen; 486 prep.quotalen = key->type->def_datalen;
487 prep.expiry = TIME_T_MAX;
482 if (key->type->preparse) { 488 if (key->type->preparse) {
483 ret = key->type->preparse(&prep); 489 ret = key->type->preparse(&prep);
484 if (ret < 0) 490 if (ret < 0)
@@ -811,6 +817,7 @@ key_ref_t key_create_or_update(key_ref_t keyring_ref,
811 prep.datalen = plen; 817 prep.datalen = plen;
812 prep.quotalen = index_key.type->def_datalen; 818 prep.quotalen = index_key.type->def_datalen;
813 prep.trusted = flags & KEY_ALLOC_TRUSTED; 819 prep.trusted = flags & KEY_ALLOC_TRUSTED;
820 prep.expiry = TIME_T_MAX;
814 if (index_key.type->preparse) { 821 if (index_key.type->preparse) {
815 ret = index_key.type->preparse(&prep); 822 ret = index_key.type->preparse(&prep);
816 if (ret < 0) { 823 if (ret < 0) {
@@ -941,6 +948,7 @@ int key_update(key_ref_t key_ref, const void *payload, size_t plen)
941 prep.data = payload; 948 prep.data = payload;
942 prep.datalen = plen; 949 prep.datalen = plen;
943 prep.quotalen = key->type->def_datalen; 950 prep.quotalen = key->type->def_datalen;
951 prep.expiry = TIME_T_MAX;
944 if (key->type->preparse) { 952 if (key->type->preparse) {
945 ret = key->type->preparse(&prep); 953 ret = key->type->preparse(&prep);
946 if (ret < 0) 954 if (ret < 0)