keys: Network namespace domain tag

Create key domain tags for network namespaces and make it possible to automatically tag keys that are used by networked services (e.g. AF_RXRPC, AFS, DNS) with the default network namespace if not set by the caller. This allows keys with the same description but in different namespaces to coexist within a keyring. Signed-off-by: David Howells <dhowells@redhat.com> cc: netdev@vger.kernel.org cc: linux-nfs@vger.kernel.org cc: linux-cifs@vger.kernel.org cc: linux-afs@lists.infradead.org
author: David Howells <dhowells@redhat.com> 2019-06-26 21:02:33 +0100
committer: David Howells <dhowells@redhat.com> 2019-06-26 21:02:33 +0100
commit: 9b242610514fe387ef957bce05e1fdd3efd60359 (patch)
tree: 57917a3649c3a4b0bd66a54fbab24c4ca644ab56 /include/linux/key-type.h
parent: keys: Garbage collect keys for which the domain has been removed (diff)
download: linux-dev-9b242610514fe387ef957bce05e1fdd3efd60359.tar.xz
linux-dev-9b242610514fe387ef957bce05e1fdd3efd60359.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/include/linux/key-type.h b/include/linux/key-type.h
index e49d1de0614e..2148a6bf58f1 100644
--- a/include/linux/key-type.h
+++ b/include/linux/key-type.h
@@ -74,6 +74,9 @@ struct key_type {
 	 */
 	size_t def_datalen;
 
+	unsigned int flags;
+#define KEY_TYPE_NET_DOMAIN	0x00000001 /* Keys of this type have a net namespace domain */
+
 	/* vet a description */
 	int (*vet_description)(const char *description);
author	David Howells <dhowells@redhat.com>	2019-06-26 21:02:33 +0100
committer	David Howells <dhowells@redhat.com>	2019-06-26 21:02:33 +0100
commit	9b242610514fe387ef957bce05e1fdd3efd60359 (patch)
tree	57917a3649c3a4b0bd66a54fbab24c4ca644ab56 /include/linux/key-type.h
parent	keys: Garbage collect keys for which the domain has been removed (diff)
download	linux-dev-9b242610514fe387ef957bce05e1fdd3efd60359.tar.xz linux-dev-9b242610514fe387ef957bce05e1fdd3efd60359.zip