summaryrefslogtreecommitdiff
path: root/security/keys/internal.h
diff options
context:
space:
mode:
authorMat Martineau <mathew.j.martineau@linux.intel.com>2016-08-31 16:05:43 -0700
committerMat Martineau <mathew.j.martineau@linux.intel.com>2017-04-04 14:10:10 -0700
commit2b6aa412ff23a02ac777ad307249c60a839cfd25 (patch)
tree317dced64727a10b3ce09ca84ac8e153c7dabf77 /security/keys/internal.h
parente9cc0f689a7c0c9be6fed6861b3a3f49ad0e7a52 (diff)
KEYS: Use structure to capture key restriction function and data
Replace struct key's restrict_link function pointer with a pointer to the new struct key_restriction. The structure contains pointers to the restriction function as well as relevant data for evaluating the restriction. The garbage collector checks restrict_link->keytype when key types are unregistered. Restrictions involving a removed key type are converted to use restrict_link_reject so that restrictions cannot be removed by unregistering key types. Signed-off-by: Mat Martineau <mathew.j.martineau@linux.intel.com>
Diffstat (limited to 'security/keys/internal.h')
-rw-r--r--security/keys/internal.h2
1 files changed, 2 insertions, 0 deletions
diff --git a/security/keys/internal.h b/security/keys/internal.h
index 6bee06ae026d..24762ae9a198 100644
--- a/security/keys/internal.h
+++ b/security/keys/internal.h
@@ -168,6 +168,8 @@ extern void key_change_session_keyring(struct callback_head *twork);
extern struct work_struct key_gc_work;
extern unsigned key_gc_delay;
extern void keyring_gc(struct key *keyring, time_t limit);
+extern void keyring_restriction_gc(struct key *keyring,
+ struct key_type *dead_type);
extern void key_schedule_gc(time_t gc_at);
extern void key_schedule_gc_links(void);
extern void key_gc_keytype(struct key_type *ktype);