1 /* System keyring containing trusted public keys. 2 * 3 * Copyright (C) 2013 Red Hat, Inc. All Rights Reserved. 4 * Written by David Howells (dhowells@redhat.com) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public Licence 8 * as published by the Free Software Foundation; either version 9 * 2 of the Licence, or (at your option) any later version. 10 */ 11 12 #ifndef _KEYS_SYSTEM_KEYRING_H 13 #define _KEYS_SYSTEM_KEYRING_H 14 15 #ifdef CONFIG_SYSTEM_TRUSTED_KEYRING 16 17 #include <linux/key.h> 18 #include <crypto/public_key.h> 19 20 extern struct key *system_trusted_keyring; 21 static inline struct key *get_system_trusted_keyring(void) 22 { 23 return system_trusted_keyring; 24 } 25 #else 26 static inline struct key *get_system_trusted_keyring(void) 27 { 28 return NULL; 29 } 30 #endif 31 32 #ifdef CONFIG_SYSTEM_DATA_VERIFICATION 33 extern int system_verify_data(const void *data, unsigned long len, 34 const void *raw_pkcs7, size_t pkcs7_len, 35 enum key_being_used_for usage); 36 #endif 37 38 #ifdef CONFIG_IMA_MOK_KEYRING 39 extern struct key *ima_mok_keyring; 40 extern struct key *ima_blacklist_keyring; 41 42 static inline struct key *get_ima_mok_keyring(void) 43 { 44 return ima_mok_keyring; 45 } 46 static inline struct key *get_ima_blacklist_keyring(void) 47 { 48 return ima_blacklist_keyring; 49 } 50 #else 51 static inline struct key *get_ima_mok_keyring(void) 52 { 53 return NULL; 54 } 55 static inline struct key *get_ima_blacklist_keyring(void) 56 { 57 return NULL; 58 } 59 #endif /* CONFIG_IMA_MOK_KEYRING */ 60 61 62 #endif /* _KEYS_SYSTEM_KEYRING_H */ 63