KEYS: Split role of the keyring pointer for keyring restrict functions
The first argument to the restrict_link_func_t functions was a keyring
pointer. These functions are called by the key subsystem with this
argument set to the destination keyring, but restrict_link_by_signature
expects a pointer to the relevant trusted keyring.
Restrict functions may need something other than a single struct key
pointer to allow or reject key linkage, so the data used to make that
decision (such as the trust keyring) is moved to a new, fourth
argument. The first argument is now always the destination keyring.
Signed-off-by: Mat Martineau <mathew.j.martineau@linux.intel.com>
diff --git a/include/linux/key.h b/include/linux/key.h
index 3bb3270..c59d100 100644
--- a/include/linux/key.h
+++ b/include/linux/key.h
@@ -127,9 +127,10 @@ static inline bool is_key_possessed(const key_ref_t key_ref)
return (unsigned long) key_ref & 1UL;
}
-typedef int (*key_restrict_link_func_t)(struct key *keyring,
+typedef int (*key_restrict_link_func_t)(struct key *dest_keyring,
const struct key_type *type,
- const union key_payload *payload);
+ const union key_payload *payload,
+ struct key *restriction_key);
/*****************************************************************************/
/*
@@ -309,7 +310,8 @@ extern struct key *keyring_alloc(const char *description, kuid_t uid, kgid_t gid
extern int restrict_link_reject(struct key *keyring,
const struct key_type *type,
- const union key_payload *payload);
+ const union key_payload *payload,
+ struct key *restriction_key);
extern int keyring_clear(struct key *keyring);