KEYS: Split role of the keyring pointer for keyring restrict functions
The first argument to the restrict_link_func_t functions was a keyring
pointer. These functions are called by the key subsystem with this
argument set to the destination keyring, but restrict_link_by_signature
expects a pointer to the relevant trusted keyring.
Restrict functions may need something other than a single struct key
pointer to allow or reject key linkage, so the data used to make that
decision (such as the trust keyring) is moved to a new, fourth
argument. The first argument is now always the destination keyring.
Signed-off-by: 
Mat Martineau <mathew.j.martineau@linux.intel.com>
Showing
- Documentation/security/keys.txt 4 additions, 4 deletionsDocumentation/security/keys.txt
- certs/system_keyring.c 11 additions, 7 deletionscerts/system_keyring.c
- crypto/asymmetric_keys/restrict.c 5 additions, 3 deletionscrypto/asymmetric_keys/restrict.c
- include/crypto/public_key.h 3 additions, 2 deletionsinclude/crypto/public_key.h
- include/keys/system_keyring.h 4 additions, 2 deletionsinclude/keys/system_keyring.h
- include/linux/key.h 5 additions, 3 deletionsinclude/linux/key.h
- security/keys/key.c 3 additions, 2 deletionssecurity/keys/key.c
- security/keys/keyring.c 4 additions, 2 deletionssecurity/keys/keyring.c
Loading
Please register or sign in to comment