Google Git
Sign in
kernel / pub / scm / libs / ell / ell / 8bb03f3899d05577b2b400021a7e65c5505657cc
commit8bb03f3899d05577b2b400021a7e65c5505657cc[log] [tgz]
authorMat Martineau <mathew.j.martineau@linux.intel.com>Tue Apr 18 17:24:17 2017 -0700
committerDenis Kenzior <denkenz@gmail.com>Wed Apr 19 11:46:43 2017 -0500
tree1f205b112dd0303f052d8c4472778749256a839d
parent0ec929c8e761d6657bbb9b4fc54ccabc02283e82 [diff]
key: Use keyring restriction keyctl

Now that the restricted keyring patches have been applied to keys-next
and are on track for the v4.12 merge window, ELL needs to be updated for
the final API.

There are two significant changes from the previous API:

1. Key restrictions are now applied in a separate step after a keyring
is created, not at creation time.

2. The first key added to an empty, "chain" restricted keyring no longer
bypasses the signature check.

The latter required a change to l_keyring_new() so that the root key
could be added to a keyring after it is created but before it is
restricted. There's a new l_keyring_restrict() function to restrict an
existing keyring.
3 files changed
tree: 1f205b112dd0303f052d8c4472778749256a839d
  1. doc/
  2. ell/
  3. examples/
  4. unit/
  5. .gitignore
  6. .mailmap
  7. acinclude.m4
  8. AUTHORS
  9. bootstrap
  10. bootstrap-configure
  11. ChangeLog
  12. configure.ac
  13. COPYING
  14. HACKING
  15. INSTALL
  16. Makefile.am
  17. README
  18. TODO