[PATCH v1 1/6] KEYS: Helper function to check if the given keyring is builtin_trusted_keys

Lakshmi Ramasubramanian nramas at linux.microsoft.com
Wed Oct 23 00:18:13 UTC 2019


Helper function to check if the given keyring is
the builtin_trusted_keys keyring.

This function is used by ima to determine if a key is
added to the builtin_trusted_keys keyring.

Signed-off-by: Lakshmi Ramasubramanian <nramas at linux.microsoft.com>
---
 certs/system_keyring.c        | 5 +++++
 include/keys/system_keyring.h | 2 ++
 2 files changed, 7 insertions(+)

diff --git a/certs/system_keyring.c b/certs/system_keyring.c
index 1eba08a1af82..5533c7f92fef 100644
--- a/certs/system_keyring.c
+++ b/certs/system_keyring.c
@@ -283,3 +283,8 @@ void __init set_platform_trusted_keys(struct key *keyring)
 	platform_trusted_keys = keyring;
 }
 #endif
+
+inline bool is_builtin_trusted_keyring(struct key *keyring)
+{
+	return (keyring == builtin_trusted_keys);
+}
diff --git a/include/keys/system_keyring.h b/include/keys/system_keyring.h
index c1a96fdf598b..2bc0aaa07f05 100644
--- a/include/keys/system_keyring.h
+++ b/include/keys/system_keyring.h
@@ -66,4 +66,6 @@ static inline void set_platform_trusted_keys(struct key *keyring)
 }
 #endif
 
+extern bool is_builtin_trusted_keyring(struct key *keyring);
+
 #endif /* _KEYS_SYSTEM_KEYRING_H */
-- 
2.17.1



More information about the Linux-security-module-archive mailing list