diff options
author | David Howells <dhowells@redhat.com> | 2013-09-24 10:35:16 +0100 |
---|---|---|
committer | David Howells <dhowells@redhat.com> | 2013-09-24 10:35:16 +0100 |
commit | d0a059cac6523b23ad7d743dec8783705aab1668 (patch) | |
tree | f36c92dd61d579c0787ba7278e431852d1455f27 | |
parent | 4bdf0bc300314141e5475e145acb8b5ad846f00d (diff) |
KEYS: Search for auth-key by name rather than target key ID
Search for auth-key by name rather than by target key ID as, in a future
patch, we'll by searching directly by index key in preference to iteration
over all keys.
Signed-off-by: David Howells <dhowells@redhat.com>
-rw-r--r-- | security/keys/request_key_auth.c | 21 |
1 files changed, 7 insertions, 14 deletions
diff --git a/security/keys/request_key_auth.c b/security/keys/request_key_auth.c index 8d09852854ca..7495a93b4b90 100644 --- a/security/keys/request_key_auth.c +++ b/security/keys/request_key_auth.c @@ -18,6 +18,7 @@ #include <linux/slab.h> #include <asm/uaccess.h> #include "internal.h" +#include <keys/user-type.h> static int request_key_auth_instantiate(struct key *, struct key_preparsed_payload *); @@ -222,33 +223,25 @@ error_alloc: } /* - * See if an authorisation key is associated with a particular key. - */ -static int key_get_instantiation_authkey_match(const struct key *key, - const void *_id) -{ - struct request_key_auth *rka = key->payload.data; - key_serial_t id = (key_serial_t)(unsigned long) _id; - - return rka->target_key->serial == id; -} - -/* * Search the current process's keyrings for the authorisation key for * instantiation of a key. */ struct key *key_get_instantiation_authkey(key_serial_t target_id) { + char description[16]; struct keyring_search_context ctx = { .index_key.type = &key_type_request_key_auth, + .index_key.description = description, .cred = current_cred(), - .match = key_get_instantiation_authkey_match, - .match_data = (void *)(unsigned long)target_id, + .match = user_match, + .match_data = description, .flags = KEYRING_SEARCH_LOOKUP_DIRECT, }; struct key *authkey; key_ref_t authkey_ref; + sprintf(description, "%x", target_id); + authkey_ref = search_process_keyrings(&ctx); if (IS_ERR(authkey_ref)) { |