summaryrefslogtreecommitdiff
path: root/security/keys/internal.h
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2019-06-26 21:02:32 +0100
committerDavid Howells <dhowells@redhat.com>2019-06-26 21:02:32 +0100
commit218e6424e711ceee31eeba93212fed8ee92d6a11 (patch)
tree62358ec392304d17294f73779a1a13591468de7b /security/keys/internal.h
parent3b6e4de05e9ee2e2f94e4a3fe14d945e2418d9a8 (diff)
keys: Garbage collect keys for which the domain has been removed
If a key operation domain (such as a network namespace) has been removed then attempt to garbage collect all the keys that use it. Signed-off-by: David Howells <dhowells@redhat.com>
Diffstat (limited to 'security/keys/internal.h')
-rw-r--r--security/keys/internal.h3
1 files changed, 2 insertions, 1 deletions
diff --git a/security/keys/internal.h b/security/keys/internal.h
index d3a9439e2386..5a561f5f199e 100644
--- a/security/keys/internal.h
+++ b/security/keys/internal.h
@@ -209,7 +209,8 @@ static inline bool key_is_dead(const struct key *key, time64_t limit)
return
key->flags & ((1 << KEY_FLAG_DEAD) |
(1 << KEY_FLAG_INVALIDATED)) ||
- (key->expiry > 0 && key->expiry <= limit);
+ (key->expiry > 0 && key->expiry <= limit) ||
+ key->domain_tag->removed;
}
/*