KEYS: Add a 'trusted' flag and a 'trusted only' flag
authorDavid Howells <dhowells@redhat.com>
Fri, 30 Aug 2013 15:07:37 +0000 (16:07 +0100)
committerDavid Howells <dhowells@redhat.com>
Wed, 25 Sep 2013 16:17:01 +0000 (17:17 +0100)
commit008643b86c5f33c115c84ccdda1725cac3ad50ad
tree951ea0d3d7b84ce3570da17f03f45a53f3e4b35d
parentb56e5a17b6b9acd16997960504b9940d0d7984e7
KEYS: Add a 'trusted' flag and a 'trusted only' flag

Add KEY_FLAG_TRUSTED to indicate that a key either comes from a trusted source
or had a cryptographic signature chain that led back to a trusted key the
kernel already possessed.

Add KEY_FLAGS_TRUSTED_ONLY to indicate that a keyring will only accept links to
keys marked with KEY_FLAGS_TRUSTED.

Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
include/linux/key-type.h
include/linux/key.h
kernel/system_keyring.c
security/keys/key.c
security/keys/keyring.c