Merge tag 'keys-next-20151021' of...

					const struct public_key_signature *sig);

	};

Asymmetric keys point to this with their type_data[0] member.

Asymmetric keys point to this with their payload[asym_subtype] member.

The owner and name fields should be set to the owning module and the name of

the subtype.  Currently, the name is only used for print statements.

	struct key_preparsed_payload {

		char		*description;

		void		*type_data[2];

		void		*payload;

		void		*payload[4];

		const void	*data;

		size_t		datalen;

		size_t		quotalen;

     not theirs.

     If the parser is happy with the blob, it should propose a description for

     the key and attach it to ->description, ->type_data[0] should be set to

     point to the subtype to be used, ->payload should be set to point to the

     initialised data for that subtype, ->type_data[1] should point to a hex

     fingerprint and quotalen should be updated to indicate how much quota this

     key should account for.

     When clearing up, the data attached to ->type_data[1] and ->description

     will be kfree()'d and the data attached to ->payload will be passed to the

     subtype's ->destroy() method to be disposed of.  A module reference for

     the subtype pointed to by ->type_data[0] will be put.

     the key and attach it to ->description, ->payload[asym_subtype] should be

     set to point to the subtype to be used, ->payload[asym_crypto] should be

     set to point to the initialised data for that subtype,

     ->payload[asym_key_ids] should point to one or more hex fingerprints and

     quotalen should be updated to indicate how much quota this key should

     account for.

     When clearing up, the data attached to ->payload[asym_key_ids] and

     ->description will be kfree()'d and the data attached to

     ->payload[asm_crypto] will be passed to the subtype's ->destroy() method

     to be disposed of.  A module reference for the subtype pointed to by

     ->payload[asym_subtype] will be put.

     If the data format is not recognised, -EBADMSG should be returned.  If it

NOTES ON ACCESSING PAYLOAD CONTENTS

===================================

The simplest payload is just a number in key->payload.value. In this case,

there's no need to indulge in RCU or locking when accessing the payload.

The simplest payload is just data stored in key->payload directly.  In this

case, there's no need to indulge in RCU or locking when accessing the payload.

More complex payload contents must be allocated and a pointer to them set in

key->payload.data. One of the following ways must be selected to access the

data:

More complex payload contents must be allocated and pointers to them set in the

key->payload.data[] array.  One of the following ways must be selected to

access the data:

 (1) Unmodifiable key type.

     the payload. key->datalen cannot be relied upon to be consistent with the

     payload just dereferenced if the key's semaphore is not held.

     Note that key->payload.data[0] has a shadow that is marked for __rcu

     usage.  This is called key->payload.rcu_data0.  The following accessors

     wrap the RCU calls to this element:

	rcu_assign_keypointer(struct key *key, void *data);

	void *rcu_dereference_key(struct key *key);

===================

DEFINING A KEY TYPE

	struct key_preparsed_payload {

		char		*description;

		void		*type_data[2];

		void		*payload;

		union key_payload payload;

		const void	*data;

		size_t		datalen;

		size_t		quotalen;

     attached as a string to the description field.  This will be used for the

     key description if the caller of add_key() passes NULL or "".

     The method can attach anything it likes to type_data[] and payload.  These

     are merely passed along to the instantiate() or update() operations.  If

     set, the expiry time will be applied to the key if it is instantiated from

     this data.

     The method can attach anything it likes to payload.  This is merely passed

     along to the instantiate() or update() operations.  If set, the expiry

     time will be applied to the key if it is instantiated from this data.

     The method should return 0 if successful or a negative error code

     otherwise.

 (*) void (*free_preparse)(struct key_preparsed_payload *prep);

     This method is only required if the preparse() method is provided,

     otherwise it is unused.  It cleans up anything attached to the

     description, type_data and payload fields of the key_preparsed_payload

     struct as filled in by the preparse() method.  It will always be called

     after preparse() returns successfully, even if instantiate() or update()

     succeed.

     otherwise it is unused.  It cleans up anything attached to the description

     and payload fields of the key_preparsed_payload struct as filled in by the

     preparse() method.  It will always be called after preparse() returns

     successfully, even if instantiate() or update() succeed.

 (*) int (*instantiate)(struct key *key, struct key_preparsed_payload *prep);

     It is safe to sleep in this method.

     generic_key_instantiate() is provided to simply copy the data from

     prep->payload.data[] to key->payload.data[], with RCU-safe assignment on

     the first element.  It will then clear prep->payload.data[] so that the

     free_preparse method doesn't release the data.

 (*) int (*update)(struct key *key, const void *data, size_t datalen);

#

# Generated files

#

x509_certificate_list

extern int __asymmetric_key_hex_to_key_id(const char *id,

					  struct asymmetric_key_id *match_id,

					  size_t hexlen);

static inline

const struct asymmetric_key_ids *asymmetric_key_ids(const struct key *key)

{

	return key->type_data.p[1];

}

	return ret;

}

/*

 * Clean up the key ID list

 */

static void asymmetric_key_free_kids(struct asymmetric_key_ids *kids)

{

	int i;

	if (kids) {

		for (i = 0; i < ARRAY_SIZE(kids->id); i++)

			kfree(kids->id[i]);

		kfree(kids);

	}

}

/*

 * Clean up the preparse data

 */

static void asymmetric_key_free_preparse(struct key_preparsed_payload *prep)

{

	struct asymmetric_key_subtype *subtype = prep->type_data[0];

	struct asymmetric_key_ids *kids = prep->type_data[1];

	int i;

	struct asymmetric_key_subtype *subtype = prep->payload.data[asym_subtype];

	struct asymmetric_key_ids *kids = prep->payload.data[asym_key_ids];

	pr_devel("==>%s()\n", __func__);

	if (subtype) {

		subtype->destroy(prep->payload[0]);

		subtype->destroy(prep->payload.data[asym_crypto]);

		module_put(subtype->owner);

	}

	if (kids) {

		for (i = 0; i < ARRAY_SIZE(kids->id); i++)

			kfree(kids->id[i]);

		kfree(kids);

	}

	asymmetric_key_free_kids(kids);

	kfree(prep->description);

}

static void asymmetric_key_destroy(struct key *key)

{

	struct asymmetric_key_subtype *subtype = asymmetric_key_subtype(key);

	struct asymmetric_key_ids *kids = key->type_data.p[1];

	struct asymmetric_key_ids *kids = key->payload.data[asym_key_ids];

	void *data = key->payload.data[asym_crypto];

	key->payload.data[asym_crypto] = NULL;

	key->payload.data[asym_subtype] = NULL;

	key->payload.data[asym_key_ids] = NULL;

	if (subtype) {

		subtype->destroy(key->payload.data);

		subtype->destroy(data);

		module_put(subtype->owner);

		key->type_data.p[0] = NULL;

	}

	if (kids) {

		kfree(kids->id[0]);

		kfree(kids->id[1]);

		kfree(kids);

		key->type_data.p[1] = NULL;

	}

	asymmetric_key_free_kids(kids);

}

struct key_type key_type_asymmetric = {