From: Dave Jiang <dave.jiang@intel.com>
To: dan.j.williams@intel.com
Cc: alison.schofield@intel.com, keescook@chromium.org,
linux-nvdimm@lists.01.org, ebiggers3@gmail.com,
dhowells@redhat.com, keyrings@vger.kernel.org
Subject: [PATCH v9 04/12] keys: export lookup_user_key to external users
Date: Tue, 25 Sep 2018 16:38:07 -0700 [thread overview]
Message-ID: <153791868767.70158.10181541227949997641.stgit@djiang5-desk3.ch.intel.com> (raw)
In-Reply-To: <153791805740.70158.12896535066689316343.stgit@djiang5-desk3.ch.intel.com>
Export lookup_user_key() symbol in order to allow nvdimm passphrase
update to retrieve user injected keys.
Signed-off-by: Dave Jiang <dave.jiang@intel.com>
Acked-by: David Howells <dhowells at redhat.com>
---
include/linux/key.h | 3 +++
security/keys/internal.h | 2 --
security/keys/process_keys.c | 1 +
3 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/include/linux/key.h b/include/linux/key.h
index e58ee10f6e58..7099985e35a9 100644
--- a/include/linux/key.h
+++ b/include/linux/key.h
@@ -346,6 +346,9 @@ static inline key_serial_t key_serial(const struct key *key)
extern void key_set_timeout(struct key *, unsigned);
+extern key_ref_t lookup_user_key(key_serial_t id, unsigned long flags,
+ key_perm_t perm);
+
/*
* The permissions required on a key that we're looking up.
*/
diff --git a/security/keys/internal.h b/security/keys/internal.h
index 9f8208dc0e55..9968b21a76dd 100644
--- a/security/keys/internal.h
+++ b/security/keys/internal.h
@@ -158,8 +158,6 @@ extern struct key *request_key_and_link(struct key_type *type,
extern bool lookup_user_key_possessed(const struct key *key,
const struct key_match_data *match_data);
-extern key_ref_t lookup_user_key(key_serial_t id, unsigned long flags,
- key_perm_t perm);
#define KEY_LOOKUP_CREATE 0x01
#define KEY_LOOKUP_PARTIAL 0x02
#define KEY_LOOKUP_FOR_UNLINK 0x04
diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c
index d5b25e535d3a..ec4fd4531224 100644
--- a/security/keys/process_keys.c
+++ b/security/keys/process_keys.c
@@ -755,6 +755,7 @@ key_ref_t lookup_user_key(key_serial_t id, unsigned long lflags,
put_cred(ctx.cred);
goto try_again;
}
+EXPORT_SYMBOL(lookup_user_key);
/*
* Join the named keyring as the session keyring if possible else attempt to
_______________________________________________
Linux-nvdimm mailing list
Linux-nvdimm@lists.01.org
https://lists.01.org/mailman/listinfo/linux-nvdimm
next prev parent reply other threads:[~2018-09-25 23:38 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-09-25 23:37 [PATCH v9 00/12] Adding security support for nvdimm Dave Jiang
2018-09-25 23:37 ` [PATCH v9 01/12] nfit: add support for Intel DSM 1.7 commands Dave Jiang
2018-09-25 23:37 ` [PATCH v9 02/12] libnvdimm: create keyring to store security keys Dave Jiang
2018-09-25 23:38 ` [PATCH v9 03/12] nfit/libnvdimm: store dimm id as a member to struct nvdimm Dave Jiang
2018-09-25 23:38 ` Dave Jiang [this message]
2018-09-25 23:38 ` [PATCH v9 05/12] nfit/libnvdimm: add unlock of nvdimm support for Intel DIMMs Dave Jiang
2018-09-26 0:33 ` Dan Williams
2018-09-25 23:38 ` [PATCH v9 06/12] nfit/libnvdimm: add set passphrase support for Intel nvdimms Dave Jiang
2018-09-26 0:42 ` Dan Williams
2018-09-25 23:38 ` [PATCH v9 07/12] nfit/libnvdimm: add disable passphrase support to Intel nvdimm Dave Jiang
2018-09-25 23:38 ` [PATCH v9 08/12] nfit/libnvdimm: add freeze security " Dave Jiang
2018-09-25 23:38 ` [PATCH v9 09/12] nfit/libnvdimm: add support for issue secure erase DSM " Dave Jiang
2018-09-26 1:04 ` Dan Williams
2018-09-25 23:38 ` [PATCH v9 10/12] nfit_test: add context to dimm_dev for nfit_test Dave Jiang
2018-09-25 23:38 ` [PATCH v9 11/12] nfit_test: add test support for Intel nvdimm security DSMs Dave Jiang
2018-09-25 23:38 ` [PATCH v9 12/12] libnvdimm: add documentation for nvdimm security support Dave Jiang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=153791868767.70158.10181541227949997641.stgit@djiang5-desk3.ch.intel.com \
--to=dave.jiang@intel.com \
--cc=alison.schofield@intel.com \
--cc=dan.j.williams@intel.com \
--cc=dhowells@redhat.com \
--cc=ebiggers3@gmail.com \
--cc=keescook@chromium.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-nvdimm@lists.01.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).