[net-next-2.6.git] / include / linux / key-type.h

/* Definitions for key type implementations
 *
 * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
 * Written by David Howells (dhowells@redhat.com)
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public Licence
 * as published by the Free Software Foundation; either version
 * 2 of the Licence, or (at your option) any later version.
 */

#ifndef _LINUX_KEY_TYPE_H
#define _LINUX_KEY_TYPE_H

#include <linux/key.h>

#ifdef CONFIG_KEYS

/*
 * key under-construction record
 * - passed to the request_key actor if supplied
 */
struct key_construction {
	struct key	*key;	/* key being constructed */
	struct key	*authkey;/* authorisation for key being constructed */
};

typedef int (*request_key_actor_t)(struct key_construction *key,
				   const char *op, void *aux);

/*
 * kernel managed key type definition
 */
struct key_type {
	/* name of the type */
	const char *name;

	/* default payload length for quota precalculation (optional)
	 * - this can be used instead of calling key_payload_reserve(), that
	 *   function only needs to be called if the real datalen is different
	 */
	size_t def_datalen;

	/* instantiate a key of this type
	 * - this method should call key_payload_reserve() to determine if the
	 *   user's quota will hold the payload
	 */
	int (*instantiate)(struct key *key, const void *data, size_t datalen);

	/* update a key of this type (optional)
	 * - this method should call key_payload_reserve() to recalculate the
	 *   quota consumption
	 * - the key must be locked against read when modifying
	 */
	int (*update)(struct key *key, const void *data, size_t datalen);

	/* match a key against a description */
	int (*match)(const struct key *key, const void *desc);

	/* clear some of the data from a key on revokation (optional)
	 * - the key's semaphore will be write-locked by the caller
	 */
	void (*revoke)(struct key *key);

	/* clear the data from a key (optional) */
	void (*destroy)(struct key *key);

	/* describe a key */
	void (*describe)(const struct key *key, struct seq_file *p);

	/* read a key's data (optional)
	 * - permission checks will be done by the caller
	 * - the key's semaphore will be readlocked by the caller
	 * - should return the amount of data that could be read, no matter how
	 *   much is copied into the buffer
	 * - shouldn't do the copy if the buffer is NULL
	 */
	long (*read)(const struct key *key, char __user *buffer, size_t buflen);

	/* handle request_key() for this type instead of invoking
	 * /sbin/request-key (optional)
	 * - key is the key to instantiate
	 * - authkey is the authority to assume when instantiating this key
	 * - op is the operation to be done, usually "create"
	 * - the call must not return until the instantiation process has run
	 *   its course
	 */
	request_key_actor_t request_key;

	/* internal fields */
	struct list_head	link;		/* link in types list */
};

extern struct key_type key_type_keyring;

extern int register_key_type(struct key_type *ktype);
extern void unregister_key_type(struct key_type *ktype);

extern int key_payload_reserve(struct key *key, size_t datalen);
extern int key_instantiate_and_link(struct key *key,
				    const void *data,
				    size_t datalen,
				    struct key *keyring,
				    struct key *instkey);
extern int key_negate_and_link(struct key *key,
			       unsigned timeout,
			       struct key *keyring,
			       struct key *instkey);
extern void complete_request_key(struct key_construction *cons, int error);

#endif /* CONFIG_KEYS */
#endif /* _LINUX_KEY_TYPE_H */
Commit	Line	Data
76181c13 DH	1	/* Definitions for key type implementations
	2	*
	3	* Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
	4	* Written by David Howells (dhowells@redhat.com)
	5	*
	6	* This program is free software; you can redistribute it and/or
	7	* modify it under the terms of the GNU General Public Licence
	8	* as published by the Free Software Foundation; either version
	9	* 2 of the Licence, or (at your option) any later version.
	10	*/
	11
	12	#ifndef _LINUX_KEY_TYPE_H
	13	#define _LINUX_KEY_TYPE_H
	14
	15	#include <linux/key.h>
	16
	17	#ifdef CONFIG_KEYS
	18
	19	/*
	20	* key under-construction record
	21	* - passed to the request_key actor if supplied
	22	*/
	23	struct key_construction {
	24	struct key key; / key being constructed */
	25	struct key authkey;/ authorisation for key being constructed */
	26	};
	27
	28	typedef int (request_key_actor_t)(struct key_construction key,
	29	const char op, void aux);
	30
	31	/*
	32	* kernel managed key type definition
	33	*/
	34	struct key_type {
	35	/* name of the type */
	36	const char *name;
	37
	38	/* default payload length for quota precalculation (optional)
	39	* - this can be used instead of calling key_payload_reserve(), that
	40	* function only needs to be called if the real datalen is different
	41	*/
	42	size_t def_datalen;
	43
	44	/* instantiate a key of this type
	45	* - this method should call key_payload_reserve() to determine if the
	46	* user's quota will hold the payload
	47	*/
	48	int (instantiate)(struct key key, const void *data, size_t datalen);
	49
	50	/* update a key of this type (optional)
	51	* - this method should call key_payload_reserve() to recalculate the
	52	* quota consumption
	53	* - the key must be locked against read when modifying
	54	*/
	55	int (update)(struct key key, const void *data, size_t datalen);
	56
	57	/* match a key against a description */
	58	int (match)(const struct key key, const void *desc);
	59
	60	/* clear some of the data from a key on revokation (optional)
	61	* - the key's semaphore will be write-locked by the caller
	62	*/
	63	void (revoke)(struct key key);
	64
65	/* clear the data from a key (optional) */
66	void (destroy)(struct key key);
67
68	/* describe a key */
69	void (describe)(const struct key key, struct seq_file *p);
70
71	/* read a key's data (optional)
72	* - permission checks will be done by the caller
73	* - the key's semaphore will be readlocked by the caller
74	* - should return the amount of data that could be read, no matter how
75	* much is copied into the buffer
76	* - shouldn't do the copy if the buffer is NULL
77	*/
78	long (read)(const struct key key, char __user *buffer, size_t buflen);
79
80	/* handle request_key() for this type instead of invoking
81	* /sbin/request-key (optional)
82	* - key is the key to instantiate
83	* - authkey is the authority to assume when instantiating this key
84	* - op is the operation to be done, usually "create"
85	* - the call must not return until the instantiation process has run
86	* its course
87	*/
88	request_key_actor_t request_key;
89
90	/* internal fields */
91	struct list_head link; /* link in types list */
92	};
93
94	extern struct key_type key_type_keyring;
95
96	extern int register_key_type(struct key_type *ktype);
97	extern void unregister_key_type(struct key_type *ktype);
98
99	extern int key_payload_reserve(struct key *key, size_t datalen);
100	extern int key_instantiate_and_link(struct key *key,
101	const void *data,
102	size_t datalen,
103	struct key *keyring,
104	struct key *instkey);
105	extern int key_negate_and_link(struct key *key,
106	unsigned timeout,
107	struct key *keyring,
108	struct key *instkey);
109	extern void complete_request_key(struct key_construction *cons, int error);
110
111	#endif /* CONFIG_KEYS */
112	#endif /* _LINUX_KEY_TYPE_H */