| /security/keys/ |
| D | keyring.c | 78 static int keyring_instantiate(struct key *keyring,
80 static void keyring_revoke(struct key *keyring);
81 static void keyring_destroy(struct key *keyring);
82 static void keyring_describe(const struct key *keyring, struct seq_file *m);
83 static long keyring_read(const struct key *keyring,
109 static void keyring_publish_name(struct key *keyring) in keyring_publish_name() argument
113 if (keyring->description) { in keyring_publish_name()
114 bucket = keyring_hash(keyring->description); in keyring_publish_name()
121 list_add_tail(&keyring->type_data.link, in keyring_publish_name()
148 static int keyring_instantiate(struct key *keyring, in keyring_instantiate() argument
[all …]
|
| D | process_keys.c | 139 struct key *keyring; in install_thread_keyring_to_cred() local
144 keyring = keyring_alloc("_tid", new->uid, new->gid, new, in install_thread_keyring_to_cred()
147 if (IS_ERR(keyring)) in install_thread_keyring_to_cred()
148 return PTR_ERR(keyring); in install_thread_keyring_to_cred()
150 new->thread_keyring = keyring; in install_thread_keyring_to_cred()
185 struct key *keyring; in install_process_keyring_to_cred() local
190 keyring = keyring_alloc("_pid", new->uid, new->gid, new, in install_process_keyring_to_cred()
193 if (IS_ERR(keyring)) in install_process_keyring_to_cred()
194 return PTR_ERR(keyring); in install_process_keyring_to_cred()
196 new->process_keyring = keyring; in install_process_keyring_to_cred()
[all …]
|
| D | key.c | 408 struct key *keyring, in __key_instantiate_and_link() argument
415 key_check(keyring); in __key_instantiate_and_link()
436 if (keyring) in __key_instantiate_and_link()
478 struct key *keyring, in key_instantiate_and_link() argument
496 if (keyring) { in key_instantiate_and_link()
497 ret = __key_link_begin(keyring, &key->index_key, &edit); in key_instantiate_and_link()
502 ret = __key_instantiate_and_link(key, &prep, keyring, authkey, &edit); in key_instantiate_and_link()
504 if (keyring) in key_instantiate_and_link()
505 __key_link_end(keyring, &key->index_key, edit); in key_instantiate_and_link()
539 struct key *keyring, in key_reject_and_link() argument
[all …]
|
| D | internal.h | 91 extern int __key_link_begin(struct key *keyring,
94 extern int __key_link_check_live_key(struct key *keyring, struct key *key);
96 extern void __key_link_end(struct key *keyring,
103 extern struct key *keyring_search_instkey(struct key *keyring,
106 extern int iterate_over_keyring(const struct key *keyring,
167 extern void keyring_gc(struct key *keyring, time_t limit);
|
| D | request_key.c | 58 struct key *keyring = info->data; in umh_keys_init() local
60 return install_session_keyring_to_cred(cred, keyring); in umh_keys_init()
68 struct key *keyring = info->data; in umh_keys_cleanup() local
69 key_put(keyring); in umh_keys_cleanup()
100 struct key *key = cons->key, *authkey = cons->authkey, *keyring, in call_sbin_request_key() local
117 keyring = keyring_alloc(desc, cred->fsuid, cred->fsgid, cred, in call_sbin_request_key()
121 if (IS_ERR(keyring)) { in call_sbin_request_key()
122 ret = PTR_ERR(keyring); in call_sbin_request_key()
127 ret = key_link(keyring, authkey); in call_sbin_request_key()
175 ret = call_usermodehelper_keys(argv[0], argv, envp, keyring, in call_sbin_request_key()
[all …]
|
| D | Makefile | 11 keyring.o \
|
| D | Kconfig | 16 Furthermore, a special type of key is available that acts as keyring:
36 A particular keyring may be accessed by either the user whose keyring
|
| /security/integrity/ |
| D | digsig.c | 24 static struct key *keyring[INTEGRITY_KEYRING_MAX]; variable
42 if (!keyring[id]) { in integrity_digsig_verify()
43 keyring[id] = in integrity_digsig_verify()
45 if (IS_ERR(keyring[id])) { in integrity_digsig_verify()
46 int err = PTR_ERR(keyring[id]); in integrity_digsig_verify()
48 keyring[id] = NULL; in integrity_digsig_verify()
56 return digsig_verify(keyring[id], sig + 1, siglen - 1, in integrity_digsig_verify()
59 return asymmetric_verify(keyring[id], sig, siglen, in integrity_digsig_verify()
71 keyring[id] = keyring_alloc(keyring_name[id], KUIDT_INIT(0), in integrity_init_keyring()
77 if (!IS_ERR(keyring[id])) in integrity_init_keyring()
[all …]
|
| D | digsig_asymmetric.c | 26 static struct key *request_asymmetric_key(struct key *keyring, uint32_t keyid) in request_asymmetric_key() argument
35 if (keyring) { in request_asymmetric_key()
38 kref = keyring_search(make_key_ref(keyring, 1), in request_asymmetric_key()
67 int asymmetric_verify(struct key *keyring, const char *sig, in asymmetric_verify() argument
86 key = request_asymmetric_key(keyring, __be32_to_cpu(hdr->keyid)); in asymmetric_verify()
|
| D | integrity.h | 150 int asymmetric_verify(struct key *keyring, const char *sig,
153 static inline int asymmetric_verify(struct key *keyring, const char *sig, in asymmetric_verify() argument
|
| D | Kconfig | 28 to "lock" certain keyring to prevent adding new keys.
|
| /security/integrity/ima/ |
| D | Kconfig | 126 bool "Require all keys on the .ima keyring be signed"
133 keyring be signed by a key on the system trusted keyring.
|