diff options
| author | David Howells <dhowells@redhat.com> | 2014-07-18 13:56:34 -0400 |
|---|---|---|
| committer | David Howells <dhowells@redhat.com> | 2014-07-22 16:46:08 -0400 |
| commit | 7dfa0ca6a95de65b7a7760630cdbd7d30f204bfa (patch) | |
| tree | e97786b11796e13f91b205dbb8adb3727e88789d /security | |
| parent | fc7c70e0b6b637bbf6cf8b9cee547d5ae83899c9 (diff) | |
KEYS: Allow expiry time to be set when preparsing a key
Allow a key type's preparsing routine to set the expiry time for a key.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Steve Dickson <steved@redhat.com>
Acked-by: Jeff Layton <jlayton@primarydata.com>
Reviewed-by: Sage Weil <sage@redhat.com>
Diffstat (limited to 'security')
| -rw-r--r-- | security/keys/key.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/security/keys/key.c b/security/keys/key.c index 03620a35a4dc..755fb02df5af 100644 --- a/security/keys/key.c +++ b/security/keys/key.c | |||
| @@ -437,6 +437,11 @@ static int __key_instantiate_and_link(struct key *key, | |||
| 437 | /* disable the authorisation key */ | 437 | /* disable the authorisation key */ |
| 438 | if (authkey) | 438 | if (authkey) |
| 439 | key_revoke(authkey); | 439 | key_revoke(authkey); |
| 440 | |||
| 441 | if (prep->expiry != TIME_T_MAX) { | ||
| 442 | key->expiry = prep->expiry; | ||
| 443 | key_schedule_gc(prep->expiry + key_gc_delay); | ||
| 444 | } | ||
| 440 | } | 445 | } |
| 441 | } | 446 | } |
| 442 | 447 | ||
| @@ -479,6 +484,7 @@ int key_instantiate_and_link(struct key *key, | |||
| 479 | prep.data = data; | 484 | prep.data = data; |
| 480 | prep.datalen = datalen; | 485 | prep.datalen = datalen; |
| 481 | prep.quotalen = key->type->def_datalen; | 486 | prep.quotalen = key->type->def_datalen; |
| 487 | prep.expiry = TIME_T_MAX; | ||
| 482 | if (key->type->preparse) { | 488 | if (key->type->preparse) { |
| 483 | ret = key->type->preparse(&prep); | 489 | ret = key->type->preparse(&prep); |
| 484 | if (ret < 0) | 490 | if (ret < 0) |
| @@ -811,6 +817,7 @@ key_ref_t key_create_or_update(key_ref_t keyring_ref, | |||
| 811 | prep.datalen = plen; | 817 | prep.datalen = plen; |
| 812 | prep.quotalen = index_key.type->def_datalen; | 818 | prep.quotalen = index_key.type->def_datalen; |
| 813 | prep.trusted = flags & KEY_ALLOC_TRUSTED; | 819 | prep.trusted = flags & KEY_ALLOC_TRUSTED; |
| 820 | prep.expiry = TIME_T_MAX; | ||
| 814 | if (index_key.type->preparse) { | 821 | if (index_key.type->preparse) { |
| 815 | ret = index_key.type->preparse(&prep); | 822 | ret = index_key.type->preparse(&prep); |
| 816 | if (ret < 0) { | 823 | if (ret < 0) { |
| @@ -941,6 +948,7 @@ int key_update(key_ref_t key_ref, const void *payload, size_t plen) | |||
| 941 | prep.data = payload; | 948 | prep.data = payload; |
| 942 | prep.datalen = plen; | 949 | prep.datalen = plen; |
| 943 | prep.quotalen = key->type->def_datalen; | 950 | prep.quotalen = key->type->def_datalen; |
| 951 | prep.expiry = TIME_T_MAX; | ||
| 944 | if (key->type->preparse) { | 952 | if (key->type->preparse) { |
| 945 | ret = key->type->preparse(&prep); | 953 | ret = key->type->preparse(&prep); |
| 946 | if (ret < 0) | 954 | if (ret < 0) |