[RFC 11/12] keys/mktme: Add a new key service type for memory encryption keys
David Howells
dhowells at redhat.com
Tue Sep 11 23:01:51 UTC 2018
Alison Schofield <alison.schofield at intel.com> wrote:
> If a preparse routine handles all the above, then if any of the
> above failures occur, the key service has less backing out to do.
> Is that the point?
Yes. Ideally, ->instantiate() would never fail.
> How do I make the connection between the preparse and the instantiate?
> Do I just put what I need to remember about this key request in the
> payload.data during preparse, so I can examine it again during
> instantiate?
Have a look at user_preparse(). It attaches the contribution to the supplied
key_preparsed_payload struct, which is then passed to ->instantiate() and
->update() as appropriate. generic_key_instantiate() is used by the user key
type.
David
More information about the Linux-security-module-archive
mailing list