1b4d0d230SThomas Gleixner // SPDX-License-Identifier: GPL-2.0-or-later
20b77f5bfSDavid Howells /* Key management controls
30b77f5bfSDavid Howells *
40b77f5bfSDavid Howells * Copyright (C) 2008 Red Hat, Inc. All Rights Reserved.
50b77f5bfSDavid Howells * Written by David Howells (dhowells@redhat.com)
60b77f5bfSDavid Howells */
70b77f5bfSDavid Howells
80b77f5bfSDavid Howells #include <linux/key.h>
90b77f5bfSDavid Howells #include <linux/sysctl.h>
100b77f5bfSDavid Howells #include "internal.h"
110b77f5bfSDavid Howells
12*0de030b3STom Rix static struct ctl_table key_sysctls[] = {
130b77f5bfSDavid Howells {
140b77f5bfSDavid Howells .procname = "maxkeys",
150b77f5bfSDavid Howells .data = &key_quota_maxkeys,
160b77f5bfSDavid Howells .maxlen = sizeof(unsigned),
170b77f5bfSDavid Howells .mode = 0644,
186d456111SEric W. Biederman .proc_handler = proc_dointvec_minmax,
19eec4844fSMatteo Croce .extra1 = (void *) SYSCTL_ONE,
20eec4844fSMatteo Croce .extra2 = (void *) SYSCTL_INT_MAX,
210b77f5bfSDavid Howells },
220b77f5bfSDavid Howells {
230b77f5bfSDavid Howells .procname = "maxbytes",
240b77f5bfSDavid Howells .data = &key_quota_maxbytes,
250b77f5bfSDavid Howells .maxlen = sizeof(unsigned),
260b77f5bfSDavid Howells .mode = 0644,
276d456111SEric W. Biederman .proc_handler = proc_dointvec_minmax,
28eec4844fSMatteo Croce .extra1 = (void *) SYSCTL_ONE,
29eec4844fSMatteo Croce .extra2 = (void *) SYSCTL_INT_MAX,
300b77f5bfSDavid Howells },
310b77f5bfSDavid Howells {
320b77f5bfSDavid Howells .procname = "root_maxkeys",
330b77f5bfSDavid Howells .data = &key_quota_root_maxkeys,
340b77f5bfSDavid Howells .maxlen = sizeof(unsigned),
350b77f5bfSDavid Howells .mode = 0644,
366d456111SEric W. Biederman .proc_handler = proc_dointvec_minmax,
37eec4844fSMatteo Croce .extra1 = (void *) SYSCTL_ONE,
38eec4844fSMatteo Croce .extra2 = (void *) SYSCTL_INT_MAX,
390b77f5bfSDavid Howells },
400b77f5bfSDavid Howells {
410b77f5bfSDavid Howells .procname = "root_maxbytes",
420b77f5bfSDavid Howells .data = &key_quota_root_maxbytes,
430b77f5bfSDavid Howells .maxlen = sizeof(unsigned),
440b77f5bfSDavid Howells .mode = 0644,
456d456111SEric W. Biederman .proc_handler = proc_dointvec_minmax,
46eec4844fSMatteo Croce .extra1 = (void *) SYSCTL_ONE,
47eec4844fSMatteo Croce .extra2 = (void *) SYSCTL_INT_MAX,
485d135440SDavid Howells },
495d135440SDavid Howells {
505d135440SDavid Howells .procname = "gc_delay",
515d135440SDavid Howells .data = &key_gc_delay,
525d135440SDavid Howells .maxlen = sizeof(unsigned),
535d135440SDavid Howells .mode = 0644,
546d456111SEric W. Biederman .proc_handler = proc_dointvec_minmax,
55eec4844fSMatteo Croce .extra1 = (void *) SYSCTL_ZERO,
56eec4844fSMatteo Croce .extra2 = (void *) SYSCTL_INT_MAX,
570b77f5bfSDavid Howells },
58f36f8c75SDavid Howells #ifdef CONFIG_PERSISTENT_KEYRINGS
59f36f8c75SDavid Howells {
60f36f8c75SDavid Howells .procname = "persistent_keyring_expiry",
61f36f8c75SDavid Howells .data = &persistent_keyring_expiry,
62f36f8c75SDavid Howells .maxlen = sizeof(unsigned),
63f36f8c75SDavid Howells .mode = 0644,
64f36f8c75SDavid Howells .proc_handler = proc_dointvec_minmax,
65eec4844fSMatteo Croce .extra1 = (void *) SYSCTL_ZERO,
66eec4844fSMatteo Croce .extra2 = (void *) SYSCTL_INT_MAX,
67f36f8c75SDavid Howells },
68f36f8c75SDavid Howells #endif
695cdb3555SEric W. Biederman { }
700b77f5bfSDavid Howells };
7128898e26SLuis Chamberlain
init_security_keys_sysctls(void)7228898e26SLuis Chamberlain static int __init init_security_keys_sysctls(void)
7328898e26SLuis Chamberlain {
7428898e26SLuis Chamberlain register_sysctl_init("kernel/keys", key_sysctls);
7528898e26SLuis Chamberlain return 0;
7628898e26SLuis Chamberlain }
7728898e26SLuis Chamberlain early_initcall(init_security_keys_sysctls);
78