diff options
author | David Howells <dhowells@redhat.com> | 2014-07-18 19:56:34 +0200 |
---|---|---|
committer | David Howells <dhowells@redhat.com> | 2014-07-22 22:46:08 +0200 |
commit | 7dfa0ca6a95de65b7a7760630cdbd7d30f204bfa (patch) | |
tree | e97786b11796e13f91b205dbb8adb3727e88789d /security | |
parent | KEYS: struct key_preparsed_payload should have two payload pointers (diff) | |
download | linux-7dfa0ca6a95de65b7a7760630cdbd7d30f204bfa.tar.xz linux-7dfa0ca6a95de65b7a7760630cdbd7d30f204bfa.zip |
KEYS: Allow expiry time to be set when preparsing a key
Allow a key type's preparsing routine to set the expiry time for a key.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Steve Dickson <steved@redhat.com>
Acked-by: Jeff Layton <jlayton@primarydata.com>
Reviewed-by: Sage Weil <sage@redhat.com>
Diffstat (limited to 'security')
-rw-r--r-- | security/keys/key.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/security/keys/key.c b/security/keys/key.c index 03620a35a4dc..755fb02df5af 100644 --- a/security/keys/key.c +++ b/security/keys/key.c @@ -437,6 +437,11 @@ static int __key_instantiate_and_link(struct key *key, /* disable the authorisation key */ if (authkey) key_revoke(authkey); + + if (prep->expiry != TIME_T_MAX) { + key->expiry = prep->expiry; + key_schedule_gc(prep->expiry + key_gc_delay); + } } } @@ -479,6 +484,7 @@ int key_instantiate_and_link(struct key *key, prep.data = data; prep.datalen = datalen; prep.quotalen = key->type->def_datalen; + prep.expiry = TIME_T_MAX; if (key->type->preparse) { ret = key->type->preparse(&prep); if (ret < 0) @@ -811,6 +817,7 @@ key_ref_t key_create_or_update(key_ref_t keyring_ref, prep.datalen = plen; prep.quotalen = index_key.type->def_datalen; prep.trusted = flags & KEY_ALLOC_TRUSTED; + prep.expiry = TIME_T_MAX; if (index_key.type->preparse) { ret = index_key.type->preparse(&prep); if (ret < 0) { @@ -941,6 +948,7 @@ int key_update(key_ref_t key_ref, const void *payload, size_t plen) prep.data = payload; prep.datalen = plen; prep.quotalen = key->type->def_datalen; + prep.expiry = TIME_T_MAX; if (key->type->preparse) { ret = key->type->preparse(&prep); if (ret < 0) |