summaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2011-03-07 18:05:59 +0300
committerJames Morris <jmorris@namei.org>2011-03-08 03:17:15 +0300
commitb9fffa3877a3ebbe0a5ad5a247358e2f7df15b24 (patch)
tree0f58a92c2616b3663f88935290d32a4c90d57025 /security
parent633e804e89464d3875e59de1959a53f9041d3094 (diff)
downloadlinux-b9fffa3877a3ebbe0a5ad5a247358e2f7df15b24.tar.xz
KEYS: Add a key type op to permit the key description to be vetted
Add a key type operation to permit the key type to vet the description of a new key that key_alloc() is about to allocate. The operation may reject the description if it wishes with an error of its choosing. If it does this, the key will not be allocated. Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security')
-rw-r--r--security/keys/key.c8
1 files changed, 8 insertions, 0 deletions
diff --git a/security/keys/key.c b/security/keys/key.c
index 1c2d43dc5107..8e315ef2e88e 100644
--- a/security/keys/key.c
+++ b/security/keys/key.c
@@ -249,6 +249,14 @@ struct key *key_alloc(struct key_type *type, const char *desc,
if (!desc || !*desc)
goto error;
+ if (type->vet_description) {
+ ret = type->vet_description(desc);
+ if (ret < 0) {
+ key = ERR_PTR(ret);
+ goto error;
+ }
+ }
+
desclen = strlen(desc) + 1;
quotalen = desclen + type->def_datalen;