KEYS: Add a key restriction struct

Key link restrictions require restriction-specific data as well as a restriction-specific function pointer. As a first step toward replacing the restrict_link pointer in struct key, define a more general key_restriction structure that captures the required function, key, and key type pointers. Key type modules should not be pinned on account of this key type pointer because the pointer will be cleared by the garbage collector if the key type is unregistered. Signed-off-by: Mat Martineau <[email protected]>
josf · Apr 3, 2017 · e9cc0f6 · e9cc0f6
1 parent aaf66c8
commit e9cc0f6
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/include/linux/key.h b/include/linux/key.h
@@ -132,6 +132,12 @@ typedef int (*key_restrict_link_func_t)(struct key *dest_keyring,
 					const union key_payload *payload,
 					struct key *restriction_key);
 
+struct key_restriction {
+	key_restrict_link_func_t check;
+	struct key *key;
+	struct key_type *keytype;
+};
+
 /*****************************************************************************/
 /*
  * authentication token / access credential / keyring