aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--security/keys/compat.c4
-rw-r--r--security/keys/encrypted_defined.c1
-rw-r--r--security/keys/key.c80
-rw-r--r--security/keys/keyctl.c77
-rw-r--r--security/keys/keyring.c64
-rw-r--r--security/keys/permission.c8
-rw-r--r--security/keys/proc.c7
-rw-r--r--security/keys/process_keys.c23
-rw-r--r--security/keys/request_key_auth.c32
-rw-r--r--security/keys/user_defined.c32
10 files changed, 80 insertions, 248 deletions
diff --git a/security/keys/compat.c b/security/keys/compat.c
index 792c0a611a6d..3cedf6305179 100644
--- a/security/keys/compat.c
+++ b/security/keys/compat.c
@@ -14,7 +14,6 @@
#include <linux/compat.h>
#include "internal.h"
-/*****************************************************************************/
/*
* the key control system call, 32-bit compatibility version for 64-bit archs
* - this should only be called if the 64-bit arch uses weird pointers in
@@ -88,5 +87,4 @@ asmlinkage long compat_sys_keyctl(u32 option,
default:
return -EOPNOTSUPP;
}
-
-} /* end compat_sys_keyctl() */
+}
diff --git a/security/keys/encrypted_defined.c b/security/keys/encrypted_defined.c
index 32d27c858388..28791a65740e 100644
--- a/security/keys/encrypted_defined.c
+++ b/security/keys/encrypted_defined.c
@@ -888,7 +888,6 @@ static int __init init_encrypted(void)
out:
encrypted_shash_release();
return ret;
-
}
static void __exit cleanup_encrypted(void)
diff --git a/security/keys/key.c b/security/keys/key.c
index c1eac8084ade..3a92d7365870 100644
--- a/security/keys/key.c
+++ b/security/keys/key.c
@@ -56,7 +56,6 @@ void __key_check(const struct key *key)
}
#endif
-/*****************************************************************************/
/*
* get the key quota record for a user, allocating a new record if one doesn't
* already exist
@@ -130,10 +129,8 @@ struct key_user *key_user_lookup(uid_t uid, struct user_namespace *user_ns)
kfree(candidate);
out:
return user;
+}
-} /* end key_user_lookup() */
-
-/*****************************************************************************/
/*
* dispose of a user structure
*/
@@ -146,10 +143,8 @@ void key_user_put(struct key_user *user)
kfree(user);
}
+}
-} /* end key_user_put() */
-
-/*****************************************************************************/
/*
* assign a key the next unique serial number
* - these are assigned randomly to avoid security issues through covert
@@ -211,10 +206,8 @@ serial_exists:
if (key->serial < xkey->serial)
goto attempt_insertion;
}
+}
-} /* end key_alloc_serial() */
-
-/*****************************************************************************/
/*
* allocate a key of the specified type
* - update the user's quota to reflect the existence of the key
@@ -344,12 +337,10 @@ no_quota:
key_user_put(user);
key = ERR_PTR(-EDQUOT);
goto error;
-
-} /* end key_alloc() */
+}
EXPORT_SYMBOL(key_alloc);
-/*****************************************************************************/
/*
* reserve an amount of quota for the key's payload
*/
@@ -384,12 +375,10 @@ int key_payload_reserve(struct key *key, size_t datalen)
key->datalen = datalen;
return ret;
-
-} /* end key_payload_reserve() */
+}
EXPORT_SYMBOL(key_payload_reserve);
-/*****************************************************************************/
/*
* instantiate a key and link it into the target keyring atomically
* - called with the target keyring's semaphore writelocked
@@ -441,10 +430,8 @@ static int __key_instantiate_and_link(struct key *key,
wake_up_bit(&key->flags, KEY_FLAG_USER_CONSTRUCT);
return ret;
+}
-} /* end __key_instantiate_and_link() */
-
-/*****************************************************************************/
/*
* instantiate a key and link it into the target keyring atomically
*/
@@ -471,12 +458,10 @@ int key_instantiate_and_link(struct key *key,
__key_link_end(keyring, key->type, prealloc);
return ret;
-
-} /* end key_instantiate_and_link() */
+}
EXPORT_SYMBOL(key_instantiate_and_link);
-/*****************************************************************************/
/*
* negatively instantiate a key and link it into the target keyring atomically
*/
@@ -535,12 +520,10 @@ int key_negate_and_link(struct key *key,
wake_up_bit(&key->flags, KEY_FLAG_USER_CONSTRUCT);
return ret == 0 ? link_ret : ret;
-
-} /* end key_negate_and_link() */
+}
EXPORT_SYMBOL(key_negate_and_link);
-/*****************************************************************************/
/*
* do cleaning up in process context so that we don't have to disable
* interrupts all over the place
@@ -601,10 +584,8 @@ static void key_cleanup(struct work_struct *work)
/* there may, of course, be more than one key to destroy */
goto go_again;
+}
-} /* end key_cleanup() */
-
-/*****************************************************************************/
/*
* dispose of a reference to a key
* - when all the references are gone, we schedule the cleanup task to come and
@@ -618,12 +599,10 @@ void key_put(struct key *key)
if (atomic_dec_and_test(&key->usage))
schedule_work(&key_cleanup_task);
}
-
-} /* end key_put() */
+}
EXPORT_SYMBOL(key_put);
-/*****************************************************************************/
/*
* find a key by its serial number
*/
@@ -664,10 +643,8 @@ struct key *key_lookup(key_serial_t id)
error:
spin_unlock(&key_serial_lock);
return key;
+}
-} /* end key_lookup() */
-
-/*****************************************************************************/
/*
* find and lock the specified key type against removal
* - we return with the sem readlocked
@@ -690,20 +667,16 @@ struct key_type *key_type_lookup(const char *type)
found_kernel_type:
return ktype;
+}
-} /* end key_type_lookup() */
-
-/*****************************************************************************/
/*
* unlock a key type
*/
void key_type_put(struct key_type *ktype)
{
up_read(&key_types_sem);
+}
-} /* end key_type_put() */
-
-/*****************************************************************************/
/*
* attempt to update an existing key
* - the key has an incremented refcount
@@ -742,10 +715,8 @@ error:
key_put(key);
key_ref = ERR_PTR(ret);
goto out;
+}
-} /* end __key_update() */
-
-/*****************************************************************************/
/*
* search the specified keyring for a key of the same description; if one is
* found, update it, otherwise add a new one
@@ -855,12 +826,10 @@ key_ref_t key_create_or_update(key_ref_t keyring_ref,
key_ref = __key_update(key_ref, payload, plen);
goto error;
-
-} /* end key_create_or_update() */
+}
EXPORT_SYMBOL(key_create_or_update);
-/*****************************************************************************/
/*
* update a key
*/
@@ -891,12 +860,10 @@ int key_update(key_ref_t key_ref, const void *payload, size_t plen)
error:
return ret;
-
-} /* end key_update() */
+}
EXPORT_SYMBOL(key_update);
-/*****************************************************************************/
/*
* revoke a key
*/
@@ -926,12 +893,10 @@ void key_revoke(struct key *key)
}
up_write(&key->sem);
-
-} /* end key_revoke() */
+}
EXPORT_SYMBOL(key_revoke);
-/*****************************************************************************/
/*
* register a type of key
*/
@@ -956,12 +921,10 @@ int register_key_type(struct key_type *ktype)
out:
up_write(&key_types_sem);
return ret;
-
-} /* end register_key_type() */
+}
EXPORT_SYMBOL(register_key_type);
-/*****************************************************************************/
/*
* unregister a type of key
*/
@@ -1010,12 +973,10 @@ void unregister_key_type(struct key_type *ktype)
up_write(&key_types_sem);
key_schedule_gc(0);
-
-} /* end unregister_key_type() */
+}
EXPORT_SYMBOL(unregister_key_type);
-/*****************************************************************************/
/*
* initialise the key management stuff
*/
@@ -1037,5 +998,4 @@ void __init key_init(void)
rb_insert_color(&root_key_user.node,
&key_user_tree);
-
-} /* end key_init() */
+}
diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c
index 60924f6a52db..83ec98b7e98d 100644
--- a/security/keys/keyctl.c
+++ b/security/keys/keyctl.c
@@ -46,7 +46,6 @@ static int key_get_type_from_user(char *type,
return 0;
}
-/*****************************************************************************/
/*
* extract the description of a new key from userspace and either add it as a
* new key to the specified keyring or update a matching key in that keyring
@@ -132,10 +131,8 @@ SYSCALL_DEFINE5(add_key, const char __user *, _type,
kfree(description);
error:
return ret;
+}
-} /* end sys_add_key() */
-
-/*****************************************************************************/
/*
* search the process keyrings for a matching key
* - nested keyrings may also be searched if they have Search permission
@@ -222,10 +219,8 @@ error2:
kfree(description);
error:
return ret;
+}
-} /* end sys_request_key() */
-
-/*****************************************************************************/
/*
* get the ID of the specified process keyring
* - the keyring must have search permission to be found
@@ -251,7 +246,6 @@ error:
} /* end keyctl_get_keyring_ID() */
-/*****************************************************************************/
/*
* join the session keyring
* - implements keyctl(KEYCTL_JOIN_SESSION_KEYRING)
@@ -277,10 +271,8 @@ long keyctl_join_session_keyring(const char __user *_name)
error:
return ret;
+}
-} /* end keyctl_join_session_keyring() */
-
-/*****************************************************************************/
/*
* update a key's data payload
* - the key must be writable
@@ -326,10 +318,8 @@ error2:
kfree(payload);
error:
return ret;
+}
-} /* end keyctl_update_key() */
-
-/*****************************************************************************/
/*
* revoke a key
* - the key must be writable
@@ -358,10 +348,8 @@ long keyctl_revoke_key(key_serial_t id)
key_ref_put(key_ref);
error:
return ret;
+}
-} /* end keyctl_revoke_key() */
-
-/*****************************************************************************/
/*
* clear the specified process keyring
* - the keyring must be writable
@@ -383,10 +371,8 @@ long keyctl_keyring_clear(key_serial_t ringid)
key_ref_put(keyring_ref);
error:
return ret;
+}
-} /* end keyctl_keyring_clear() */
-
-/*****************************************************************************/
/*
* link a key into a keyring
* - the keyring must be writable
@@ -417,10 +403,8 @@ error2:
key_ref_put(keyring_ref);
error:
return ret;
+}
-} /* end keyctl_keyring_link() */
-
-/*****************************************************************************/
/*
* unlink the first attachment of a key from a keyring
* - the keyring must be writable
@@ -451,10 +435,8 @@ error2:
key_ref_put(keyring_ref);
error:
return ret;
+}
-} /* end keyctl_keyring_unlink() */
-
-/*****************************************************************************/
/*
* describe a user key
* - the key must have view permission
@@ -531,10 +513,8 @@ error2:
key_ref_put(key_ref);
error:
return ret;
+}
-} /* end keyctl_describe_key() */
-
-/*****************************************************************************/
/*
* search the specified keyring for a matching key
* - the start keyring must be searchable
@@ -626,10 +606,8 @@ error2:
kfree(description);
error:
return ret;
+}
-} /* end keyctl_keyring_search() */
-
-/*****************************************************************************/
/*
* read a user key's payload
* - the keyring must be readable or the key must be searchable from the
@@ -688,10 +666,8 @@ error2:
key_put(key);
error:
return ret;
+}
-} /* end keyctl_read_key() */
-
-/*****************************************************************************/
/*
* change the ownership of a key
* - the keyring owned by the changer
@@ -796,10 +772,8 @@ quota_overrun:
zapowner = newowner;
ret = -EDQUOT;
goto error_put;
+}
-} /* end keyctl_chown_key() */
-
-/*****************************************************************************/
/*
* change the permission mask on a key
* - the keyring owned by the changer
@@ -838,8 +812,7 @@ long keyctl_setperm_key(key_serial_t id, key_perm_t perm)
key_put(key);
error:
return ret;
-
-} /* end keyctl_setperm_key() */
+}
/*
* get the destination keyring for instantiation
@@ -895,7 +868,6 @@ static int keyctl_change_reqkey_auth(struct key *key)
return commit_creds(new);
}
-/*****************************************************************************/
/*
* instantiate the key with the specified payload, and, if one is given, link
* the key into the keyring
@@ -973,10 +945,8 @@ error2:
vfree(payload);
error:
return ret;
+}
-} /* end keyctl_instantiate_key() */
-
-/*****************************************************************************/
/*
* negatively instantiate the key with the given timeout (in seconds), and, if
* one is given, link the key into the keyring
@@ -1020,10 +990,8 @@ long keyctl_negate_key(key_serial_t id, unsigned timeout, key_serial_t ringid)
error:
return ret;
+}
-} /* end keyctl_negate_key() */
-
-/*****************************************************************************/
/*
* set the default keyring in which request_key() will cache keys
* - return the old setting
@@ -1079,10 +1047,8 @@ set:
error:
abort_creds(new);
return ret;
+}
-} /* end keyctl_set_reqkey_keyring() */
-
-/*****************************************************************************/
/*
* set or clear the timeout for a key
*/
@@ -1136,10 +1102,8 @@ okay:
ret = 0;
error:
return ret;
+}
-} /* end keyctl_set_timeout() */
-
-/*****************************************************************************/
/*
* assume the authority to instantiate the specified key
*/
@@ -1178,8 +1142,7 @@ long keyctl_assume_authority(key_serial_t id)
ret = authkey->serial;
error:
return ret;
-
-} /* end keyctl_assume_authority() */
+}
/*
* get the security label of a key
@@ -1348,7 +1311,6 @@ error_keyring:
#endif /* !TIF_NOTIFY_RESUME */
}
-/*****************************************************************************/
/*
* the key control system call
*/
@@ -1439,5 +1401,4 @@ SYSCALL_DEFINE5(keyctl, int, option, unsigned long, arg2, unsigned long, arg3,
default:
return -EOPNOTSUPP;
}
-
-} /* end sys_keyctl() */
+}
diff --git a/security/keys/keyring.c b/security/keys/keyring.c
index d37f713e73ce..0a2b8e916d97 100644
--- a/security/keys/keyring.c
+++ b/security/keys/keyring.c
@@ -80,7 +80,6 @@ EXPORT_SYMBOL(key_type_keyring);
*/
static DECLARE_RWSEM(keyring_serialise_link_sem);
-/*****************************************************************************/
/*
* publish the name of a keyring so that it can be found by name (if it has
* one)
@@ -102,10 +101,8 @@ static void keyring_publish_name(struct key *keyring)
write_unlock(&keyring_name_lock);
}
+}
-} /* end keyring_publish_name() */
-
-/*****************************************************************************/
/*
* initialise a keyring
* - we object if we were given any data
@@ -123,10 +120,8 @@ static int keyring_instantiate(struct key *keyring,
}
return ret;
+}
-} /* end keyring_instantiate() */
-
-/*****************************************************************************/
/*
* match keyrings on their name
*/
@@ -134,10 +129,8 @@ static int keyring_match(const struct key *keyring, const void *description)
{
return keyring->description &&
strcmp(keyring->description, description) == 0;
+}
-} /* end keyring_match() */
-
-/*****************************************************************************/
/*
* dispose of the data dangling from the corpse of a keyring
*/
@@ -164,10 +157,8 @@ static void keyring_destroy(struct key *keyring)
key_put(klist->keys[loop]);
kfree(klist);
}
+}
-} /* end keyring_destroy() */
-
-/*****************************************************************************/
/*
* describe the keyring
*/
@@ -187,10 +178,8 @@ static void keyring_describe(const struct key *keyring, struct seq_file *m)
else
seq_puts(m, ": empty");
rcu_read_unlock();
+}
-} /* end keyring_describe() */
-
-/*****************************************************************************/
/*
* read a list of key IDs from the keyring's contents
* - the keyring's semaphore is read-locked
@@ -241,10 +230,8 @@ static long keyring_read(const struct key *keyring,
error:
return ret;
+}
-} /* end keyring_read() */
-
-/*****************************************************************************/
/*
* allocate a keyring and link into the destination keyring
*/
@@ -269,10 +256,8 @@ struct key *keyring_alloc(const char *description, uid_t uid, gid_t gid,
}
return keyring;
+}
-} /* end keyring_alloc() */
-
-/*****************************************************************************/
/*
* search the supplied keyring tree for a key that matches the criterion
* - perform a breadth-then-depth search up to the prescribed limit
@@ -444,10 +429,8 @@ error_2:
rcu_read_unlock();
error:
return key_ref;
+}
-} /* end keyring_search_aux() */
-
-/*****************************************************************************/
/*
* search the supplied keyring tree for a key that matches the criterion
* - perform a breadth-then-depth search up to the prescribed limit
@@ -465,12 +448,10 @@ key_ref_t keyring_search(key_ref_t keyring,
return keyring_search_aux(keyring, current->cred,
type, description, type->match);
-
-} /* end keyring_search() */
+}
EXPORT_SYMBOL(keyring_search);
-/*****************************************************************************/
/*
* search the given keyring only (no recursion)
* - keyring must be locked by caller
@@ -514,10 +495,8 @@ found:
atomic_inc(&key->usage);
rcu_read_unlock();
return make_key_ref(key, possessed);
+}
-} /* end __keyring_search_one() */
-
-/*****************************************************************************/
/*
* find a keyring with the specified name
* - all named keyrings are searched
@@ -569,10 +548,8 @@ struct key *find_keyring_by_name(const char *name, bool skip_perm_check)
out:
read_unlock(&keyring_name_lock);
return keyring;
+}
-} /* end find_keyring_by_name() */
-
-/*****************************************************************************/
/*
* see if a cycle will will be created by inserting acyclic tree B in acyclic
* tree A at the topmost level (ie: as a direct child of A)
@@ -657,8 +634,7 @@ too_deep:
cycle_detected:
ret = -EDEADLK;
goto error;
-
-} /* end keyring_detect_cycle() */
+}
/*
* dispose of a keyring list after the RCU grace period, freeing the unlinked
@@ -898,7 +874,6 @@ int key_link(struct key *keyring, struct key *key)
EXPORT_SYMBOL(key_link);
-/*****************************************************************************/
/*
* unlink the first link to a key from a keyring
*/
@@ -968,12 +943,10 @@ nomem:
ret = -ENOMEM;
up_write(&keyring->sem);
goto error;
-
-} /* end key_unlink() */
+}
EXPORT_SYMBOL(key_unlink);
-/*****************************************************************************/
/*
* dispose of a keyring list after the RCU grace period, releasing the keys it
* links to
@@ -989,10 +962,8 @@ static void keyring_clear_rcu_disposal(struct rcu_head *rcu)
key_put(klist->keys[loop]);
kfree(klist);
+}
-} /* end keyring_clear_rcu_disposal() */
-
-/*****************************************************************************/
/*
* clear the specified process keyring
* - implements keyctl(KEYCTL_CLEAR)
@@ -1027,12 +998,10 @@ int keyring_clear(struct key *keyring)
}
return ret;
-
-} /* end keyring_clear() */
+}
EXPORT_SYMBOL(keyring_clear);
-/*****************************************************************************/
/*
* dispose of the links from a revoked keyring
* - called with the key sem write-locked
@@ -1050,8 +1019,7 @@ static void keyring_revoke(struct key *keyring)
rcu_assign_pointer(keyring->payload.subscriptions, NULL);
call_rcu(&klist->rcu, keyring_clear_rcu_disposal);
}
-
-} /* end keyring_revoke() */
+}
/*
* Determine whether a key is dead
diff --git a/security/keys/permission.c b/security/keys/permission.c
index 28645502cd0d..6284b1496c29 100644
--- a/security/keys/permission.c
+++ b/security/keys/permission.c
@@ -13,7 +13,6 @@
#include <linux/security.h>
#include "internal.h"
-/*****************************************************************************/
/**
* key_task_permission - Check a key can be used
* @key_ref: The key to check
@@ -79,12 +78,10 @@ use_these_perms:
/* let LSM be the final arbiter */
return security_key_permission(key_ref, cred, perm);
-
-} /* end key_task_permission() */
+}
EXPORT_SYMBOL(key_task_permission);
-/*****************************************************************************/
/*
* validate a key
*/
@@ -111,7 +108,6 @@ int key_validate(struct key *key)
error:
return ret;
-
-} /* end key_validate() */
+}
EXPORT_SYMBOL(key_validate);
diff --git a/security/keys/proc.c b/security/keys/proc.c
index 70373966816e..ad5f64e1b320 100644
--- a/security/keys/proc.c
+++ b/security/keys/proc.c
@@ -60,7 +60,6 @@ static const struct file_operations proc_key_users_fops = {
.release = seq_release,
};
-/*****************************************************************************/
/*
* declare the /proc files
*/
@@ -79,12 +78,10 @@ static int __init key_proc_init(void)
panic("Cannot create /proc/key-users\n");
return 0;
-
-} /* end key_proc_init() */
+}
__initcall(key_proc_init);
-/*****************************************************************************/
/*
* implement "/proc/keys" to provides a list of the keys on the system
*/
@@ -293,7 +290,6 @@ static struct rb_node *key_user_first(struct rb_root *r)
return __key_user_next(n);
}
-/*****************************************************************************/
/*
* implement "/proc/key-users" to provides a list of the key users
*/
@@ -351,5 +347,4 @@ static int proc_key_users_show(struct seq_file *m, void *v)
maxbytes);
return 0;
-
}
diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c
index 504bdd2452bd..ea55cf9acf36 100644
--- a/security/keys/process_keys.c
+++ b/security/keys/process_keys.c
@@ -38,7 +38,6 @@ struct key_user root_key_user = {
.user_ns = &init_user_ns,
};
-/*****************************************************************************/
/*
* install user and user session keyrings for a particular UID
*/
@@ -275,7 +274,6 @@ static int install_session_keyring(struct key *keyring)
return commit_creds(new);
}
-/*****************************************************************************/
/*
* the filesystem user ID changed
*/
@@ -288,10 +286,8 @@ void key_fsuid_changed(struct task_struct *tsk)
tsk->cred->thread_keyring->uid = tsk->cred->fsuid;
up_write(&tsk->cred->thread_keyring->sem);
}
+}
-} /* end key_fsuid_changed() */
-
-/*****************************************************************************/
/*
* the filesystem group ID changed
*/
@@ -304,10 +300,8 @@ void key_fsgid_changed(struct task_struct *tsk)
tsk->cred->thread_keyring->gid = tsk->cred->fsgid;
up_write(&tsk->cred->thread_keyring->sem);
}
+}
-} /* end key_fsgid_changed() */
-
-/*****************************************************************************/
/*
* search only my process keyrings for the first matching key
* - we use the supplied match function to see if the description (or other
@@ -428,7 +422,6 @@ found:
return key_ref;
}
-/*****************************************************************************/
/*
* search the process keyrings for the first matching key
* - we use the supplied match function to see if the description (or other
@@ -489,20 +482,16 @@ key_ref_t search_process_keyrings(struct key_type *type,
found:
return key_ref;
+}
-} /* end search_process_keyrings() */
-
-/*****************************************************************************/
/*
* see if the key we're looking at is the target key
*/
int lookup_user_key_possessed(const struct key *key, const void *target)
{
return key == target;
+}
-} /* end lookup_user_key_possessed() */
-
-/*****************************************************************************/
/*
* lookup a key given a key ID from userspace with a given permissions mask
* - don't create special keyrings unless so requested
@@ -711,10 +700,8 @@ invalid_key:
reget_creds:
put_cred(cred);
goto try_again;
+}
-} /* end lookup_user_key() */
-
-/*****************************************************************************/
/*
* join the named keyring as the session keyring if possible, or attempt to
* create a new one of that name if not
diff --git a/security/keys/request_key_auth.c b/security/keys/request_key_auth.c
index 86747151ee5b..ba717b8163ab 100644
--- a/security/keys/request_key_auth.c
+++ b/security/keys/request_key_auth.c
@@ -38,7 +38,6 @@ struct key_type key_type_request_key_auth = {
.read = request_key_auth_read,
};
-/*****************************************************************************/
/*
* instantiate a request-key authorisation key
*/
@@ -48,10 +47,8 @@ static int request_key_auth_instantiate(struct key *key,
{
key->payload.data = (struct request_key_auth *) data;
return 0;
+}
-} /* end request_key_auth_instantiate() */
-
-/*****************************************************************************/
/*
* reading a request-key authorisation key retrieves the callout information
*/
@@ -63,10 +60,8 @@ static void request_key_auth_describe(const struct key *key,
seq_puts(m, "key:");
seq_puts(m, key->description);
seq_printf(m, " pid:%d ci:%zu", rka->pid, rka->callout_len);
+}
-} /* end request_key_auth_describe() */
-
-/*****************************************************************************/
/*
* read the callout_info data
* - the key's semaphore is read-locked
@@ -91,10 +86,8 @@ static long request_key_auth_read(const struct key *key,
}
return ret;
+}
-} /* end request_key_auth_read() */
-
-/*****************************************************************************/
/*
* handle revocation of an authorisation token key
* - called with the key sem write-locked
@@ -109,10 +102,8 @@ static void request_key_auth_revoke(struct key *key)
put_cred(rka->cred);
rka->cred = NULL;
}
+}
-} /* end request_key_auth_revoke() */
-
-/*****************************************************************************/
/*
* destroy an instantiation authorisation token key
*/
@@ -131,10 +122,8 @@ static void request_key_auth_destroy(struct key *key)
key_put(rka->dest_keyring);
kfree(rka->callout_info);
kfree(rka);
+}
-} /* end request_key_auth_destroy() */
-
-/*****************************************************************************/
/*
* create an authorisation token for /sbin/request-key or whoever to gain
* access to the caller's security data
@@ -228,10 +217,8 @@ error_alloc:
kfree(rka);
kleave("= %d", ret);
return ERR_PTR(ret);
+}
-} /* end request_key_auth_new() */
-
-/*****************************************************************************/
/*
* see if an authorisation key is associated with a particular key
*/
@@ -242,10 +229,8 @@ static int key_get_instantiation_authkey_match(const struct key *key,
key_serial_t id = (key_serial_t)(unsigned long) _id;
return rka->target_key->serial == id;
+}
-} /* end key_get_instantiation_authkey_match() */
-
-/*****************************************************************************/
/*
* get the authorisation key for instantiation of a specific key if attached to
* the current process's keyrings
@@ -278,5 +263,4 @@ struct key *key_get_instantiation_authkey(key_serial_t target_id)
error:
return authkey;
-
-} /* end key_get_instantiation_authkey() */
+}
diff --git a/security/keys/user_defined.c b/security/keys/user_defined.c
index e9aa07929656..02807fb16340 100644
--- a/security/keys/user_defined.c
+++ b/security/keys/user_defined.c
@@ -35,7 +35,6 @@ struct key_type key_type_user = {
EXPORT_SYMBOL_GPL(key_type_user);
-/*****************************************************************************/
/*
* instantiate a user defined key
*/
@@ -65,12 +64,10 @@ int user_instantiate(struct key *key, const void *data, size_t datalen)
error:
return ret;
-
-} /* end user_instantiate() */
+}
EXPORT_SYMBOL_GPL(user_instantiate);
-/*****************************************************************************/
/*
* dispose of the old data from an updated user defined key
*/
@@ -81,10 +78,8 @@ static void user_update_rcu_disposal(struct rcu_head *rcu)
upayload = container_of(rcu, struct user_key_payload, rcu);
kfree(upayload);
+}
-} /* end user_update_rcu_disposal() */
-
-/*****************************************************************************/
/*
* update a user defined key
* - the key's semaphore is write-locked
@@ -123,24 +118,20 @@ int user_update(struct key *key, const void *data, size_t datalen)
error:
return ret;
-
-} /* end user_update() */
+}
EXPORT_SYMBOL_GPL(user_update);
-/*****************************************************************************/
/*
* match users on their name
*/
int user_match(const struct key *key, const void *description)
{
return strcmp(key->description, description) == 0;
-
-} /* end user_match() */
+}
EXPORT_SYMBOL_GPL(user_match);
-/*****************************************************************************/
/*
* dispose of the links from a revoked keyring
* - called with the key sem write-locked
@@ -156,12 +147,10 @@ void user_revoke(struct key *key)
rcu_assign_pointer(key->payload.data, NULL);
call_rcu(&upayload->rcu, user_update_rcu_disposal);
}
-
-} /* end user_revoke() */
+}
EXPORT_SYMBOL(user_revoke);
-/*****************************************************************************/
/*
* dispose of the data dangling from the corpse of a user key
*/
@@ -170,12 +159,10 @@ void user_destroy(struct key *key)
struct user_key_payload *upayload = key->payload.data;
kfree(upayload);
-
-} /* end user_destroy() */
+}
EXPORT_SYMBOL_GPL(user_destroy);
-/*****************************************************************************/
/*
* describe the user key
*/
@@ -184,12 +171,10 @@ void user_describe(const struct key *key, struct seq_file *m)
seq_puts(m, key->description);
seq_printf(m, ": %u", key->datalen);
-
-} /* end user_describe() */
+}
EXPORT_SYMBOL_GPL(user_describe);
-/*****************************************************************************/
/*
* read the key data
* - the key's semaphore is read-locked
@@ -213,7 +198,6 @@ long user_read(const struct key *key, char __user *buffer, size_t buflen)
}
return ret;
-
-} /* end user_read() */
+}
EXPORT_SYMBOL_GPL(user_read);