From b9fffa3877a3ebbe0a5ad5a247358e2f7df15b24 Mon Sep 17 00:00:00 2001 From: David Howells Date: Mon, 7 Mar 2011 15:05:59 +0000 Subject: KEYS: Add a key type op to permit the key description to be vetted Add a key type operation to permit the key type to vet the description of a new key that key_alloc() is about to allocate. The operation may reject the description if it wishes with an error of its choosing. If it does this, the key will not be allocated. Signed-off-by: David Howells Reviewed-by: Mimi Zohar Signed-off-by: James Morris --- security/keys/key.c | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'security/keys') diff --git a/security/keys/key.c b/security/keys/key.c index 1c2d43dc510..8e315ef2e88 100644 --- a/security/keys/key.c +++ b/security/keys/key.c @@ -249,6 +249,14 @@ struct key *key_alloc(struct key_type *type, const char *desc, if (!desc || !*desc) goto error; + if (type->vet_description) { + ret = type->vet_description(desc); + if (ret < 0) { + key = ERR_PTR(ret); + goto error; + } + } + desclen = strlen(desc) + 1; quotalen = desclen + type->def_datalen; -- cgit v1.2.3-70-g09d2