KEYS: Add a key type op to permit the key description to be vetted Add a key type operation to permit the key type to vet the description of a new key that key_alloc() is about to allocate. The operation may reject the description if it wishes with an error of its choosing. If it does this, the key will not be allocated. Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>

commit: b9fffa3877a3ebbe0a5ad5a247358e2f7df15b24 [log] [tgz]
author: David Howells <dhowells@redhat.com> Mon Mar 07 15:05:59 2011 +0000
committer: James Morris <jmorris@namei.org> Tue Mar 08 11:17:15 2011 +1100
tree: 0f58a92c2616b3663f88935290d32a4c90d57025
parent: 633e804e89464d3875e59de1959a53f9041d3094 [diff] [blame]
diff --git a/Documentation/keys.txt b/Documentation/keys.txt
index e4dbbdb..cf68d1f 100644
--- a/Documentation/keys.txt
+++ b/Documentation/keys.txt

@@ -1062,6 +1062,13 @@
      viable.
 
 
+ (*) int (*vet_description)(const char *description);
+
+     This optional method is called to vet a key description.  If the key type
+     doesn't approve of the key description, it may return an error, otherwise
+     it should return 0.
+
+
  (*) int (*instantiate)(struct key *key, const void *data, size_t datalen);
 
      This method is called to attach a payload to a key during construction.
commit	b9fffa3877a3ebbe0a5ad5a247358e2f7df15b24	[log] [tgz]
author	David Howells <dhowells@redhat.com>	Mon Mar 07 15:05:59 2011 +0000
committer	James Morris <jmorris@namei.org>	Tue Mar 08 11:17:15 2011 +1100
tree	0f58a92c2616b3663f88935290d32a4c90d57025
parent	633e804e89464d3875e59de1959a53f9041d3094 [diff] [blame]