commit 2b6aa412ff23a02ac777ad307249c60a839cfd25
author Mat Martineau <mathew.j.martineau@linux.intel.com> Wed Aug 31 16:05:43 2016 -0700
committer Mat Martineau <mathew.j.martineau@linux.intel.com> Tue Apr 04 14:10:10 2017 -0700
tree 317dced64727a10b3ce09ca84ac8e153c7dabf77
parent e9cc0f689a7c0c9be6fed6861b3a3f49ad0e7a52

KEYS: Use structure to capture key restriction function and data

Replace struct key's restrict_link function pointer with a pointer to
the new struct key_restriction. The structure contains pointers to the
restriction function as well as relevant data for evaluating the
restriction.

The garbage collector checks restrict_link->keytype when key types are
unregistered. Restrictions involving a removed key type are converted
to use restrict_link_reject so that restrictions cannot be removed by
unregistering key types.

Signed-off-by: Mat Martineau <mathew.j.martineau@linux.intel.com>

security/integrity/digsig.c

diff --git a/security/integrity/digsig.c b/security/integrity/digsig.c
index 106e855..06554c4 100644
--- a/security/integrity/digsig.c
+++ b/security/integrity/digsig.c
@@ -81,18 +81,25 @@ int integrity_digsig_verify(const unsigned int id, const char *sig, int siglen,
 int __init integrity_init_keyring(const unsigned int id)
 {
 	const struct cred *cred = current_cred();
+	struct key_restriction *restriction;
 	int err = 0;
 
 	if (!init_keyring)
 		return 0;
 
+	restriction = kzalloc(sizeof(struct key_restriction), GFP_KERNEL);
+	if (!restriction)
+		return -ENOMEM;
+
+	restriction->check = restrict_link_to_ima;
+
 	keyring[id] = keyring_alloc(keyring_name[id], KUIDT_INIT(0),
 				    KGIDT_INIT(0), cred,
 				    ((KEY_POS_ALL & ~KEY_POS_SETATTR) |
 				     KEY_USR_VIEW | KEY_USR_READ |
 				     KEY_USR_WRITE | KEY_USR_SEARCH),
 				    KEY_ALLOC_NOT_IN_QUOTA,
-				    restrict_link_to_ima, NULL);
+				    restriction, NULL);
 	if (IS_ERR(keyring[id])) {
 		err = PTR_ERR(keyring[id]);
 		pr_info("Can't allocate %s keyring (%d)\n",