KEYS: Split role of the keyring pointer for keyring restrict functions

The first argument to the restrict_link_func_t functions was a keyring pointer. These functions are called by the key subsystem with this argument set to the destination keyring, but restrict_link_by_signature expects a pointer to the relevant trusted keyring. Restrict functions may need something other than a single struct key pointer to allow or reject key linkage, so the data used to make that decision (such as the trust keyring) is moved to a new, fourth argument. The first argument is now always the destination keyring. Signed-off-by: Mat Martineau <mathew.j.martineau@linux.intel.com>
author: Mat Martineau <mathew.j.martineau@linux.intel.com> 2016-08-30 11:33:13 -0700
committer: Mat Martineau <mathew.j.martineau@linux.intel.com> 2017-04-03 10:24:56 -0700
commit: aaf66c883813f0078e3dafe7d20d1461321ac14f (patch)
tree: 5198162cc55309f8653a0a333c2cbdffc64debad /security/keys
parent: 469ff8f7d46d75b36de68a0411a2ce80109ad00b (diff)
2 files changed, 7 insertions, 4 deletions
diff --git a/security/keys/key.c b/security/keys/key.c
index 08dfa13f6a85..27fc1bb40034 100644
--- a/security/keys/key.c
+++ b/security/keys/key.c
@@ -499,7 +499,7 @@ int key_instantiate_and_link(struct key *key,
 	if (keyring) {
 		if (keyring->restrict_link) {
 			ret = keyring->restrict_link(keyring, key->type,
-						     &prep.payload);
+						     &prep.payload, NULL);
 			if (ret < 0)
 				goto error;
 		}
@@ -851,7 +851,8 @@ key_ref_t key_create_or_update(key_ref_t keyring_ref,
 	index_key.desc_len = strlen(index_key.description);
 
 	if (restrict_link) {
-		ret = restrict_link(keyring, index_key.type, &prep.payload);
+		ret = restrict_link(keyring, index_key.type, &prep.payload,
+				    NULL);
 		if (ret < 0) {
 			key_ref = ERR_PTR(ret);
 			goto error_free_prep;
diff --git a/security/keys/keyring.c b/security/keys/keyring.c
index 1b29ac759bf7..2ccc66ec35d7 100644
--- a/security/keys/keyring.c
+++ b/security/keys/keyring.c
@@ -517,6 +517,7 @@ EXPORT_SYMBOL(keyring_alloc);
  * @keyring: The keyring being added to.
  * @type: The type of key being added.
  * @payload: The payload of the key intended to be added.
+ * @data: Additional data for evaluating restriction.
  *
  * Reject the addition of any links to a keyring.  It can be overridden by
  * passing KEY_ALLOC_BYPASS_RESTRICTION to key_instantiate_and_link() when
@@ -527,7 +528,8 @@ EXPORT_SYMBOL(keyring_alloc);
  */
 int restrict_link_reject(struct key *keyring,
 			 const struct key_type *type,
-			 const union key_payload *payload)
+			 const union key_payload *payload,
+			 struct key *restriction_key)
 {
 	return -EPERM;
 }
@@ -1220,7 +1222,7 @@ static int __key_link_check_restriction(struct key *keyring, struct key *key)
 {
 	if (!keyring->restrict_link)
 		return 0;
-	return keyring->restrict_link(keyring, key->type, &key->payload);
+	return keyring->restrict_link(keyring, key->type, &key->payload, NULL);
 }
 
 /**
author	Mat Martineau <mathew.j.martineau@linux.intel.com>	2016-08-30 11:33:13 -0700
committer	Mat Martineau <mathew.j.martineau@linux.intel.com>	2017-04-03 10:24:56 -0700
commit	aaf66c883813f0078e3dafe7d20d1461321ac14f (patch)
tree	5198162cc55309f8653a0a333c2cbdffc64debad /security/keys
parent	469ff8f7d46d75b36de68a0411a2ce80109ad00b (diff)