security/keys/sysctl.c

   1 // SPDX-License-Identifier: GPL-2.0-or-later
   2 /* Key management controls
   3  *
   4  * Copyright (C) 2008 Red Hat, Inc. All Rights Reserved.
   5  * Written by David Howells (dhowells@redhat.com)
   6  */
   7
   8 #include <linux/key.h>
   9 #include <linux/sysctl.h>
  10 #include "internal.h"
  11
  12 static const int zero, one = 1, max = INT_MAX;
  13
  14 struct ctl_table key_sysctls[] = {
  15         {
  16                 .procname = "maxkeys",
  17                 .data = &key_quota_maxkeys,
  18                 .maxlen = sizeof(unsigned),
  19                 .mode = 0644,
  20                 .proc_handler = proc_dointvec_minmax,
  21                 .extra1 = (void *) &one,
  22                 .extra2 = (void *) &max,
  23         },
  24         {
  25                 .procname = "maxbytes",
  26                 .data = &key_quota_maxbytes,
  27                 .maxlen = sizeof(unsigned),
  28                 .mode = 0644,
  29                 .proc_handler = proc_dointvec_minmax,
  30                 .extra1 = (void *) &one,
  31                 .extra2 = (void *) &max,
  32         },
  33         {
  34                 .procname = "root_maxkeys",
  35                 .data = &key_quota_root_maxkeys,
  36                 .maxlen = sizeof(unsigned),
  37                 .mode = 0644,
  38                 .proc_handler = proc_dointvec_minmax,
  39                 .extra1 = (void *) &one,
  40                 .extra2 = (void *) &max,
  41         },
  42         {
  43                 .procname = "root_maxbytes",
  44                 .data = &key_quota_root_maxbytes,
  45                 .maxlen = sizeof(unsigned),
  46                 .mode = 0644,
  47                 .proc_handler = proc_dointvec_minmax,
  48                 .extra1 = (void *) &one,
  49                 .extra2 = (void *) &max,
  50         },
  51         {
  52                 .procname = "gc_delay",
  53                 .data = &key_gc_delay,
  54                 .maxlen = sizeof(unsigned),
  55                 .mode = 0644,
  56                 .proc_handler = proc_dointvec_minmax,
  57                 .extra1 = (void *) &zero,
  58                 .extra2 = (void *) &max,
  59         },
  60 #ifdef CONFIG_PERSISTENT_KEYRINGS
  61         {
  62                 .procname = "persistent_keyring_expiry",
  63                 .data = &persistent_keyring_expiry,
  64                 .maxlen = sizeof(unsigned),
  65                 .mode = 0644,
  66                 .proc_handler = proc_dointvec_minmax,
  67                 .extra1 = (void *) &zero,
  68                 .extra2 = (void *) &max,
  69         },
  70 #endif
  71         { }
  72 };