search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Committer: Michael Beasley <mike@snafu.setup>
[mikesnafu-overlay.git] / include / linux / key-type.h
blob65833d4d59988788ffa432211d3a18f0609fd220
1 /* Definitions for key type implementations
2 *
3 * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
4 * Written by David Howells (dhowells@redhat.com)
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public Licence
8 * as published by the Free Software Foundation; either version
9 * 2 of the Licence, or (at your option) any later version.
10 */
11
12 #ifndef _LINUX_KEY_TYPE_H
13 #define _LINUX_KEY_TYPE_H
14
15 #include <linux/key.h>
16
17 #ifdef CONFIG_KEYS
18
19 /*
20 * key under-construction record
21 * - passed to the request_key actor if supplied
22 */
23 struct key_construction {
24 struct key *key; /* key being constructed */
25 struct key *authkey;/* authorisation for key being constructed */
26 };
27
28 typedef int (*request_key_actor_t)(struct key_construction *key,
29 const char *op, void *aux);
30
31 /*
32 * kernel managed key type definition
33 */
34 struct key_type {
35 /* name of the type */
36 const char *name;
37
38 /* default payload length for quota precalculation (optional)
39 * - this can be used instead of calling key_payload_reserve(), that
40 * function only needs to be called if the real datalen is different
41 */
42 size_t def_datalen;
43
44 /* instantiate a key of this type
45 * - this method should call key_payload_reserve() to determine if the
46 * user's quota will hold the payload
47 */
48 int (*instantiate)(struct key *key, const void *data, size_t datalen);
49
50 /* update a key of this type (optional)
51 * - this method should call key_payload_reserve() to recalculate the
52 * quota consumption
53 * - the key must be locked against read when modifying
54 */
55 int (*update)(struct key *key, const void *data, size_t datalen);
56
57 /* match a key against a description */
58 int (*match)(const struct key *key, const void *desc);
59
60 /* clear some of the data from a key on revokation (optional)
61 * - the key's semaphore will be write-locked by the caller
62 */
63 void (*revoke)(struct key *key);
64
65 /* clear the data from a key (optional) */
66 void (*destroy)(struct key *key);
67
68 /* describe a key */
69 void (*describe)(const struct key *key, struct seq_file *p);
70
71 /* read a key's data (optional)
72 * - permission checks will be done by the caller
73 * - the key's semaphore will be readlocked by the caller
74 * - should return the amount of data that could be read, no matter how
75 * much is copied into the buffer
76 * - shouldn't do the copy if the buffer is NULL
77 */
78 long (*read)(const struct key *key, char __user *buffer, size_t buflen);
79
80 /* handle request_key() for this type instead of invoking
81 * /sbin/request-key (optional)
82 * - key is the key to instantiate
83 * - authkey is the authority to assume when instantiating this key
84 * - op is the operation to be done, usually "create"
85 * - the call must not return until the instantiation process has run
86 * its course
87 */
88 request_key_actor_t request_key;
89
90 /* internal fields */
91 struct list_head link; /* link in types list */
92 };
93
94 extern struct key_type key_type_keyring;
95
96 extern int register_key_type(struct key_type *ktype);
97 extern void unregister_key_type(struct key_type *ktype);
98
99 extern int key_payload_reserve(struct key *key, size_t datalen);
100 extern int key_instantiate_and_link(struct key *key,
101 const void *data,
102 size_t datalen,
103 struct key *keyring,
104 struct key *instkey);
105 extern int key_negate_and_link(struct key *key,
106 unsigned timeout,
107 struct key *keyring,
108 struct key *instkey);
109 extern void complete_request_key(struct key_construction *cons, int error);
110
111 #endif /* CONFIG_KEYS */
112 #endif /* _LINUX_KEY_TYPE_H */
mah project overlay