xref: /openbmc/linux/security/keys/sysctl.c (revision d7955ce4)
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /* Key management controls
3  *
4  * Copyright (C) 2008 Red Hat, Inc. All Rights Reserved.
5  * Written by David Howells (dhowells@redhat.com)
6  */
7 
8 #include <linux/key.h>
9 #include <linux/sysctl.h>
10 #include "internal.h"
11 
12 struct ctl_table key_sysctls[] = {
13 	{
14 		.procname = "maxkeys",
15 		.data = &key_quota_maxkeys,
16 		.maxlen = sizeof(unsigned),
17 		.mode = 0644,
18 		.proc_handler = proc_dointvec_minmax,
19 		.extra1 = (void *) SYSCTL_ONE,
20 		.extra2 = (void *) SYSCTL_INT_MAX,
21 	},
22 	{
23 		.procname = "maxbytes",
24 		.data = &key_quota_maxbytes,
25 		.maxlen = sizeof(unsigned),
26 		.mode = 0644,
27 		.proc_handler = proc_dointvec_minmax,
28 		.extra1 = (void *) SYSCTL_ONE,
29 		.extra2 = (void *) SYSCTL_INT_MAX,
30 	},
31 	{
32 		.procname = "root_maxkeys",
33 		.data = &key_quota_root_maxkeys,
34 		.maxlen = sizeof(unsigned),
35 		.mode = 0644,
36 		.proc_handler = proc_dointvec_minmax,
37 		.extra1 = (void *) SYSCTL_ONE,
38 		.extra2 = (void *) SYSCTL_INT_MAX,
39 	},
40 	{
41 		.procname = "root_maxbytes",
42 		.data = &key_quota_root_maxbytes,
43 		.maxlen = sizeof(unsigned),
44 		.mode = 0644,
45 		.proc_handler = proc_dointvec_minmax,
46 		.extra1 = (void *) SYSCTL_ONE,
47 		.extra2 = (void *) SYSCTL_INT_MAX,
48 	},
49 	{
50 		.procname = "gc_delay",
51 		.data = &key_gc_delay,
52 		.maxlen = sizeof(unsigned),
53 		.mode = 0644,
54 		.proc_handler = proc_dointvec_minmax,
55 		.extra1 = (void *) SYSCTL_ZERO,
56 		.extra2 = (void *) SYSCTL_INT_MAX,
57 	},
58 #ifdef CONFIG_PERSISTENT_KEYRINGS
59 	{
60 		.procname = "persistent_keyring_expiry",
61 		.data = &persistent_keyring_expiry,
62 		.maxlen = sizeof(unsigned),
63 		.mode = 0644,
64 		.proc_handler = proc_dointvec_minmax,
65 		.extra1 = (void *) SYSCTL_ZERO,
66 		.extra2 = (void *) SYSCTL_INT_MAX,
67 	},
68 #endif
69 	{ }
70 };
71 
72 static int __init init_security_keys_sysctls(void)
73 {
74 	register_sysctl_init("kernel/keys", key_sysctls);
75 	return 0;
76 }
77 early_initcall(init_security_keys_sysctls);
78