xref: /openbmc/linux/security/keys/sysctl.c (revision f79e4d5f92a129a1159c973735007d4ddc8541f3)
1 /* Key management controls
2  *
3  * Copyright (C) 2008 Red Hat, Inc. All Rights Reserved.
4  * Written by David Howells (dhowells@redhat.com)
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU General Public Licence
8  * as published by the Free Software Foundation; either version
9  * 2 of the Licence, or (at your option) any later version.
10  */
11 
12 #include <linux/key.h>
13 #include <linux/sysctl.h>
14 #include "internal.h"
15 
16 static const int zero, one = 1, max = INT_MAX;
17 
18 struct ctl_table key_sysctls[] = {
19 	{
20 		.procname = "maxkeys",
21 		.data = &key_quota_maxkeys,
22 		.maxlen = sizeof(unsigned),
23 		.mode = 0644,
24 		.proc_handler = proc_dointvec_minmax,
25 		.extra1 = (void *) &one,
26 		.extra2 = (void *) &max,
27 	},
28 	{
29 		.procname = "maxbytes",
30 		.data = &key_quota_maxbytes,
31 		.maxlen = sizeof(unsigned),
32 		.mode = 0644,
33 		.proc_handler = proc_dointvec_minmax,
34 		.extra1 = (void *) &one,
35 		.extra2 = (void *) &max,
36 	},
37 	{
38 		.procname = "root_maxkeys",
39 		.data = &key_quota_root_maxkeys,
40 		.maxlen = sizeof(unsigned),
41 		.mode = 0644,
42 		.proc_handler = proc_dointvec_minmax,
43 		.extra1 = (void *) &one,
44 		.extra2 = (void *) &max,
45 	},
46 	{
47 		.procname = "root_maxbytes",
48 		.data = &key_quota_root_maxbytes,
49 		.maxlen = sizeof(unsigned),
50 		.mode = 0644,
51 		.proc_handler = proc_dointvec_minmax,
52 		.extra1 = (void *) &one,
53 		.extra2 = (void *) &max,
54 	},
55 	{
56 		.procname = "gc_delay",
57 		.data = &key_gc_delay,
58 		.maxlen = sizeof(unsigned),
59 		.mode = 0644,
60 		.proc_handler = proc_dointvec_minmax,
61 		.extra1 = (void *) &zero,
62 		.extra2 = (void *) &max,
63 	},
64 #ifdef CONFIG_PERSISTENT_KEYRINGS
65 	{
66 		.procname = "persistent_keyring_expiry",
67 		.data = &persistent_keyring_expiry,
68 		.maxlen = sizeof(unsigned),
69 		.mode = 0644,
70 		.proc_handler = proc_dointvec_minmax,
71 		.extra1 = (void *) &zero,
72 		.extra2 = (void *) &max,
73 	},
74 #endif
75 	{ }
76 };
77