KEYS: Add a key restriction struct

Key link restrictions require restriction-specific data as well as a
restriction-specific function pointer. As a first step toward replacing
the restrict_link pointer in struct key, define a more general
key_restriction structure that captures the required function, key, and
key type pointers. Key type modules should not be pinned on account of
this key type pointer because the pointer will be cleared by the garbage
collector if the key type is unregistered.

Signed-off-by: Mat Martineau <mathew.j.martineau@linux.intel.com>

diff --git a/include/linux/key.h b/include/linux/key.h
index c59d1008c4fc6cc8d24d80d16745d231294a77f9..a06649f3223d29d76469b4830a4ed220bd36ee86 100644 (file)
--- a/include/linux/key.h
+++ b/include/linux/key.h
@@ -132,6 +132,12 @@ typedef int (*key_restrict_link_func_t)(struct key *dest_keyring,
                                        const union key_payload *payload,
                                        struct key *restriction_key);
 
+struct key_restriction {
+       key_restrict_link_func_t check;
+       struct key *key;
+       struct key_type *keytype;
+};
+
 /*****************************************************************************/
 /*
  * authentication token / access credential / keyring