Commit 14409624 authored by Krzysztof Struczynski's avatar Krzysztof Struczynski Committed by Zheng Zengkai
Browse files

keys: Allow to set key domain tag separately from the key type 

hulk inclusion
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I49KW1


CVE: NA

--------------------------------

Add KEY_ALLOC_DOMAIN_* flags so that the key domain tag can be
specified on the key creation. This is done to separate the
key domain setting from the key type.

If applied to the keyring, it will set the requested domain tag for
every key added to that keyring.

IMA uses the existing key_type_asymmetric for appraisal, but also has
to specify the key domain to bind appraisal key with the ima namespace.

Signed-off-by: default avatarKrzysztof Struczynski <krzysztof.struczynski@huawei.com>
Reviewed-by: default avatarZhang Tianxing <zhangtianxing3@huawei.com>
Signed-off-by: default avatarZheng Zengkai <zhengzengkai@huawei.com>
parent 44313f67
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment