xref: /openbmc/linux/include/keys/system_keyring.h (revision e5f586c763a079349398e2b0c7c271386193ac34)
1 /* System keyring containing trusted public keys.
2  *
3  * Copyright (C) 2013 Red Hat, Inc. All Rights Reserved.
4  * Written by David Howells (dhowells@redhat.com)
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU General Public Licence
8  * as published by the Free Software Foundation; either version
9  * 2 of the Licence, or (at your option) any later version.
10  */
11 
12 #ifndef _KEYS_SYSTEM_KEYRING_H
13 #define _KEYS_SYSTEM_KEYRING_H
14 
15 #include <linux/key.h>
16 
17 #ifdef CONFIG_SYSTEM_TRUSTED_KEYRING
18 
19 extern int restrict_link_by_builtin_trusted(struct key *keyring,
20 					    const struct key_type *type,
21 					    const union key_payload *payload);
22 
23 #else
24 #define restrict_link_by_builtin_trusted restrict_link_reject
25 #endif
26 
27 #ifdef CONFIG_SECONDARY_TRUSTED_KEYRING
28 extern int restrict_link_by_builtin_and_secondary_trusted(
29 	struct key *keyring,
30 	const struct key_type *type,
31 	const union key_payload *payload);
32 #else
33 #define restrict_link_by_builtin_and_secondary_trusted restrict_link_by_builtin_trusted
34 #endif
35 
36 #ifdef CONFIG_IMA_BLACKLIST_KEYRING
37 extern struct key *ima_blacklist_keyring;
38 
39 static inline struct key *get_ima_blacklist_keyring(void)
40 {
41 	return ima_blacklist_keyring;
42 }
43 #else
44 static inline struct key *get_ima_blacklist_keyring(void)
45 {
46 	return NULL;
47 }
48 #endif /* CONFIG_IMA_BLACKLIST_KEYRING */
49 
50 
51 #endif /* _KEYS_SYSTEM_KEYRING_H */
52