The patch titled
Keys: allow in-kernel key requestor to pass auxiliary data to upcaller [try #2]
has been added to the -mm tree. Its filename is
keys-allow-in-kernel-key-requestor-to-pass-auxiliary-data-to-upcaller-try-2.patch
See http://www.zip.com.au/~akpm/linux/patches/stuff/added-to-mm.txt to find
out what to do about this
------------------------------------------------------
Subject: Keys: allow in-kernel key requestor to pass auxiliary data to upcaller [try #2]
From: David Howells <dhowells@xxxxxxxxxx>
The proposed NFS key type uses its own method of passing key requests to
userspace (upcalling) rather than invoking /sbin/request-key. This is
because the responsible userspace daemon should already be running and will
be contacted through rpc_pipefs.
This patch permits the NFS filesystem to pass auxiliary data to the upcall
operation (struct key_type::request_key) so that the upcaller can use a
pre-existing communications channel more easily.
In [try #2] I've renamed the new function to request_key_with_auxdata().
Signed-off-by: David Howells <dhowells@xxxxxxxxxx>
Acked-By: Kevin Coffman <kwc@xxxxxxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxx>
---
Documentation/keys-request-key.txt | 14 +++++++-------
Documentation/keys.txt | 23 ++++++++++++-----------
include/linux/key.h | 8 ++++----
security/keys/request_key.c | 12 ++++++------
4 files changed, 29 insertions(+), 28 deletions(-)
diff -puN Documentation/keys-request-key.txt~keys-allow-in-kernel-key-requestor-to-pass-auxiliary-data-to-upcaller-try-2 Documentation/keys-request-key.txt
--- a/Documentation/keys-request-key.txt~keys-allow-in-kernel-key-requestor-to-pass-auxiliary-data-to-upcaller-try-2
+++ a/Documentation/keys-request-key.txt
@@ -15,10 +15,10 @@ request_key*():
or:
- struct key *request_key2(const struct key_type *type,
- const char *description,
- const char *callout_string,
- void *aux);
+ struct key *request_key_with_auxdata(const struct key_type *type,
+ const char *description,
+ const char *callout_string,
+ void *aux);
Or by userspace invoking the request_key system call:
@@ -32,9 +32,9 @@ does not need to link the key to a keyri
destroyed. The kernel interface returns a pointer directly to the key, and
it's up to the caller to destroy the key.
-The request_key2() call is like the request_key() call in the kernel, except
-that it permits auxiliary data to be passed to the upcaller (the default is
-NULL). This is only useful for those key types that define their own upcall
+The request_key_with_auxdata() call is like the in-kernel request_key() call,
+except that it permits auxiliary data to be passed to the upcaller (the default
+is NULL). This is only useful for those key types that define their own upcall
mechanism rather than using /sbin/request-key.
The userspace interface links the key to a keyring associated with the process
diff -puN Documentation/keys.txt~keys-allow-in-kernel-key-requestor-to-pass-auxiliary-data-to-upcaller-try-2 Documentation/keys.txt
--- a/Documentation/keys.txt~keys-allow-in-kernel-key-requestor-to-pass-auxiliary-data-to-upcaller-try-2
+++ a/Documentation/keys.txt
@@ -782,10 +782,10 @@ payload contents" for more information.
(*) To search for a key, passing auxiliary data to the upcaller, call:
- struct key *request_key2(const struct key_type *type,
- const char *description,
- const char *callout_string,
- void *aux);
+ struct key *request_key_with_auxdata(const struct key_type *type,
+ const char *description,
+ const char *callout_string,
+ void *aux);
This is identical to request_key(), except that the auxiliary data is
passed to the key_type->request_key() op if it exists.
@@ -1045,13 +1045,14 @@ The structure has a number of fields, so
(*) int (*request_key)(struct key *key, struct key *authkey, const char *op,
void *aux);
- This method is optional. If provided, request_key() and request_key2()
- will invoke this function rather than upcalling to /sbin/request-key to
- operate upon a key of this type.
-
- The aux parameter is as passed to request_key2() or is NULL otherwise.
- Also passed are the key to be operated upon, the authorisation key for
- this operation and the operation type (currently only "create").
+ This method is optional. If provided, request_key() and
+ request_key_with_auxdata() will invoke this function rather than
+ upcalling to /sbin/request-key to operate upon a key of this type.
+
+ The aux parameter is as passed to request_key_with_auxdata() or is NULL
+ otherwise. Also passed are the key to be operated upon, the
+ authorisation key for this operation and the operation type (currently
+ only "create").
This function should return only when the upcall is complete. Upon return
the authorisation key will be revoked, and the target key will be
diff -puN include/linux/key.h~keys-allow-in-kernel-key-requestor-to-pass-auxiliary-data-to-upcaller-try-2 include/linux/key.h
--- a/include/linux/key.h~keys-allow-in-kernel-key-requestor-to-pass-auxiliary-data-to-upcaller-try-2
+++ a/include/linux/key.h
@@ -286,10 +286,10 @@ extern struct key *request_key(struct ke
const char *description,
const char *callout_info);
-extern struct key *request_key2(struct key_type *type,
- const char *description,
- const char *callout_info,
- void *aux);
+extern struct key *request_key_with_auxdata(struct key_type *type,
+ const char *description,
+ const char *callout_info,
+ void *aux);
extern int key_validate(struct key *key);
diff -puN security/keys/request_key.c~keys-allow-in-kernel-key-requestor-to-pass-auxiliary-data-to-upcaller-try-2 security/keys/request_key.c
--- a/security/keys/request_key.c~keys-allow-in-kernel-key-requestor-to-pass-auxiliary-data-to-upcaller-try-2
+++ a/security/keys/request_key.c
@@ -509,14 +509,14 @@ EXPORT_SYMBOL(request_key);
* - check the list of keys being created or updated
* - call out to userspace for a key if supplementary info was provided
*/
-struct key *request_key2(struct key_type *type,
- const char *description,
- const char *callout_info,
- void *aux)
+struct key *request_key_with_auxdata(struct key_type *type,
+ const char *description,
+ const char *callout_info,
+ void *aux)
{
return request_key_and_link(type, description, callout_info, aux,
NULL, KEY_ALLOC_IN_QUOTA);
-} /* end request_key2() */
+} /* end request_key_with_auxdata() */
-EXPORT_SYMBOL(request_key2);
+EXPORT_SYMBOL(request_key_with_auxdata);
_
Patches currently in -mm which might be from dhowells@xxxxxxxxxx are
origin.patch
gfs2-get_sb_dev-fix.patch
destroy-the-dentries-contributed-by-a-superblock-on-unmounting.patch
destroy-the-dentries-contributed-by-a-superblock-on-unmounting-fix.patch
keys-allow-in-kernel-key-requestor-to-pass-auxiliary-data-to-upcaller.patch
keys-allow-in-kernel-key-requestor-to-pass-auxiliary-data-to-upcaller-try-2.patch
ecryptfs-get_sb_dev-fix.patch
reiser4-get_sb_dev-fix.patch
mutex-subsystem-synchro-test-module.patch
-
To unsubscribe from this list: send the line "unsubscribe mm-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
