diff options
Diffstat (limited to 'security/keys/internal.h')
-rw-r--r-- | security/keys/internal.h | 26 |
1 files changed, 14 insertions, 12 deletions
diff --git a/security/keys/internal.h b/security/keys/internal.h index 56a133d8f37d..edfa50dbd6f5 100644 --- a/security/keys/internal.h +++ b/security/keys/internal.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* internal.h: authentication token and access key management internal defs | 1 | /* Authentication token and access key management internal defs |
2 | * | 2 | * |
3 | * Copyright (C) 2003-5, 2007 Red Hat, Inc. All Rights Reserved. | 3 | * Copyright (C) 2003-5, 2007 Red Hat, Inc. All Rights Reserved. |
4 | * Written by David Howells (dhowells@redhat.com) | 4 | * Written by David Howells (dhowells@redhat.com) |
@@ -35,10 +35,12 @@ extern struct key_type key_type_user; | |||
35 | 35 | ||
36 | /*****************************************************************************/ | 36 | /*****************************************************************************/ |
37 | /* | 37 | /* |
38 | * keep track of keys for a user | 38 | * Keep track of keys for a user. |
39 | * - this needs to be separate to user_struct to avoid a refcount-loop | 39 | * |
40 | * (user_struct pins some keyrings which pin this struct) | 40 | * This needs to be separate to user_struct to avoid a refcount-loop |
41 | * - this also keeps track of keys under request from userspace for this UID | 41 | * (user_struct pins some keyrings which pin this struct). |
42 | * | ||
43 | * We also keep track of keys under request from userspace for this UID here. | ||
42 | */ | 44 | */ |
43 | struct key_user { | 45 | struct key_user { |
44 | struct rb_node node; | 46 | struct rb_node node; |
@@ -62,7 +64,7 @@ extern struct key_user *key_user_lookup(uid_t uid, | |||
62 | extern void key_user_put(struct key_user *user); | 64 | extern void key_user_put(struct key_user *user); |
63 | 65 | ||
64 | /* | 66 | /* |
65 | * key quota limits | 67 | * Key quota limits. |
66 | * - root has its own separate limits to everyone else | 68 | * - root has its own separate limits to everyone else |
67 | */ | 69 | */ |
68 | extern unsigned key_quota_root_maxkeys; | 70 | extern unsigned key_quota_root_maxkeys; |
@@ -146,13 +148,13 @@ extern unsigned key_gc_delay; | |||
146 | extern void keyring_gc(struct key *keyring, time_t limit); | 148 | extern void keyring_gc(struct key *keyring, time_t limit); |
147 | extern void key_schedule_gc(time_t expiry_at); | 149 | extern void key_schedule_gc(time_t expiry_at); |
148 | 150 | ||
149 | /* | ||
150 | * check to see whether permission is granted to use a key in the desired way | ||
151 | */ | ||
152 | extern int key_task_permission(const key_ref_t key_ref, | 151 | extern int key_task_permission(const key_ref_t key_ref, |
153 | const struct cred *cred, | 152 | const struct cred *cred, |
154 | key_perm_t perm); | 153 | key_perm_t perm); |
155 | 154 | ||
155 | /* | ||
156 | * Check to see whether permission is granted to use a key in the desired way. | ||
157 | */ | ||
156 | static inline int key_permission(const key_ref_t key_ref, key_perm_t perm) | 158 | static inline int key_permission(const key_ref_t key_ref, key_perm_t perm) |
157 | { | 159 | { |
158 | return key_task_permission(key_ref, current_cred(), perm); | 160 | return key_task_permission(key_ref, current_cred(), perm); |
@@ -168,7 +170,7 @@ static inline int key_permission(const key_ref_t key_ref, key_perm_t perm) | |||
168 | #define KEY_ALL 0x3f /* all the above permissions */ | 170 | #define KEY_ALL 0x3f /* all the above permissions */ |
169 | 171 | ||
170 | /* | 172 | /* |
171 | * request_key authorisation | 173 | * Authorisation record for request_key(). |
172 | */ | 174 | */ |
173 | struct request_key_auth { | 175 | struct request_key_auth { |
174 | struct key *target_key; | 176 | struct key *target_key; |
@@ -188,7 +190,7 @@ extern struct key *request_key_auth_new(struct key *target, | |||
188 | extern struct key *key_get_instantiation_authkey(key_serial_t target_id); | 190 | extern struct key *key_get_instantiation_authkey(key_serial_t target_id); |
189 | 191 | ||
190 | /* | 192 | /* |
191 | * keyctl functions | 193 | * keyctl() functions |
192 | */ | 194 | */ |
193 | extern long keyctl_get_keyring_ID(key_serial_t, int); | 195 | extern long keyctl_get_keyring_ID(key_serial_t, int); |
194 | extern long keyctl_join_session_keyring(const char __user *); | 196 | extern long keyctl_join_session_keyring(const char __user *); |
@@ -214,7 +216,7 @@ extern long keyctl_get_security(key_serial_t keyid, char __user *buffer, | |||
214 | extern long keyctl_session_to_parent(void); | 216 | extern long keyctl_session_to_parent(void); |
215 | 217 | ||
216 | /* | 218 | /* |
217 | * debugging key validation | 219 | * Debugging key validation |
218 | */ | 220 | */ |
219 | #ifdef KEY_DEBUGGING | 221 | #ifdef KEY_DEBUGGING |
220 | extern void __key_check(const struct key *); | 222 | extern void __key_check(const struct key *); |