summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2020-05-12 14:03:53 +0100
committerDavid Howells <dhowells@redhat.com>2020-06-02 17:22:31 +0100
commitb6f61c31464940513ef4eccb3a030a405b4256d6 (patch)
tree96a2e83c12c0e7e2f4c1119461c55987165cb2e8
parent521fd61c84a19b31dfbaa8dde3d2577e4e115d12 (diff)
keys: Implement update for the big_key type
Implement the ->update op for the big_key type. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Jason A. Donenfeld <Jason@zx2c4.com>
-rw-r--r--include/keys/big_key-type.h1
-rw-r--r--security/keys/big_key.c19
2 files changed, 19 insertions, 1 deletions
diff --git a/include/keys/big_key-type.h b/include/keys/big_key-type.h
index 3fee04f81439..988d90d77f53 100644
--- a/include/keys/big_key-type.h
+++ b/include/keys/big_key-type.h
@@ -18,5 +18,6 @@ extern void big_key_revoke(struct key *key);
extern void big_key_destroy(struct key *key);
extern void big_key_describe(const struct key *big_key, struct seq_file *m);
extern long big_key_read(const struct key *key, char *buffer, size_t buflen);
+extern int big_key_update(struct key *key, struct key_preparsed_payload *prep);
#endif /* _KEYS_BIG_KEY_TYPE_H */
diff --git a/security/keys/big_key.c b/security/keys/big_key.c
index d43f3daab2b8..dd708e8f13c0 100644
--- a/security/keys/big_key.c
+++ b/security/keys/big_key.c
@@ -47,7 +47,7 @@ struct key_type key_type_big_key = {
.destroy = big_key_destroy,
.describe = big_key_describe,
.read = big_key_read,
- /* no ->update(); don't add it without changing chacha20poly1305's nonce */
+ .update = big_key_update,
};
/*
@@ -192,6 +192,23 @@ void big_key_destroy(struct key *key)
}
/*
+ * Update a big key
+ */
+int big_key_update(struct key *key, struct key_preparsed_payload *prep)
+{
+ int ret;
+
+ ret = key_payload_reserve(key, prep->datalen);
+ if (ret < 0)
+ return ret;
+
+ if (key_is_positive(key))
+ big_key_destroy(key);
+
+ return generic_key_instantiate(key, prep);
+}
+
+/*
* describe the big_key key
*/
void big_key_describe(const struct key *key, struct seq_file *m)