Lines Matching full:key
2 /* Key garbage collector
14 * Delay between key revocation/expiry in seconds
34 #define KEY_GC_KEY_EXPIRED 0 /* A key expired and needs unlinking */
40 * Any key whose type gets unregistered will be re-typed to this if it can't be
70 * Set the expiration time on a key.
72 void key_set_expiry(struct key *key, time64_t expiry) in key_set_expiry() argument
74 key->expiry = expiry; in key_set_expiry()
76 if (!(key->type->flags & KEY_TYPE_INSTANT_REAP)) in key_set_expiry()
92 * Some key's cleanup time was met after it expired, so we need to get the
138 struct key *key = in key_gc_unused_keys() local
139 list_entry(keys->next, struct key, graveyard_link); in key_gc_unused_keys()
140 short state = key->state; in key_gc_unused_keys()
142 list_del(&key->graveyard_link); in key_gc_unused_keys()
144 kdebug("- %u", key->serial); in key_gc_unused_keys()
145 key_check(key); in key_gc_unused_keys()
148 remove_watch_list(key->watchers, key->serial); in key_gc_unused_keys()
149 key->watchers = NULL; in key_gc_unused_keys()
152 /* Throw away the key data if the key is instantiated */ in key_gc_unused_keys()
153 if (state == KEY_IS_POSITIVE && key->type->destroy) in key_gc_unused_keys()
154 key->type->destroy(key); in key_gc_unused_keys()
156 security_key_free(key); in key_gc_unused_keys()
158 atomic_dec(&key->user->nkeys); in key_gc_unused_keys()
160 atomic_dec(&key->user->nikeys); in key_gc_unused_keys()
162 key_user_put(key->user); in key_gc_unused_keys()
163 key_put_tag(key->domain_tag); in key_gc_unused_keys()
164 kfree(key->description); in key_gc_unused_keys()
166 memzero_explicit(key, sizeof(*key)); in key_gc_unused_keys()
167 kmem_cache_free(key_jar, key); in key_gc_unused_keys()
185 #define KEY_GC_REAPING_DEAD_2 0x20 /* - We need to reap dead key links */ in key_garbage_collector()
187 #define KEY_GC_FOUND_DEAD_KEY 0x80 /* - We found at least one dead key */ in key_garbage_collector()
190 struct key *key; in key_garbage_collector() local
209 /* As only this function is permitted to remove things from the key in key_garbage_collector()
218 key = rb_entry(cursor, struct key, serial_node); in key_garbage_collector()
221 if (test_bit(KEY_FLAG_FINAL_PUT, &key->flags)) { in key_garbage_collector()
222 smp_mb(); /* Clobber key->user after FINAL_PUT seen. */ in key_garbage_collector()
227 if (key->type == key_gc_dead_keytype) { in key_garbage_collector()
229 set_bit(KEY_FLAG_DEAD, &key->flags); in key_garbage_collector()
230 key->perm = 0; in key_garbage_collector()
232 } else if (key->type == &key_type_keyring && in key_garbage_collector()
233 key->restrict_link) { in key_garbage_collector()
238 expiry = key->expiry; in key_garbage_collector()
240 if (!(key->type->flags & KEY_TYPE_INSTANT_REAP)) in key_garbage_collector()
244 key_serial(key), key->expiry - limit); in key_garbage_collector()
245 new_timer = key->expiry; in key_garbage_collector()
250 if (key->type == key_gc_dead_keytype) in key_garbage_collector()
255 if (key->type == &key_type_keyring) in key_garbage_collector()
260 if (key->type == key_gc_dead_keytype) in key_garbage_collector()
331 /* We found an unreferenced key - once we've removed it from the tree, in key_garbage_collector()
335 kdebug("unrefd key %d", key->serial); in key_garbage_collector()
336 rb_erase(&key->serial_node, &key_serial_tree); in key_garbage_collector()
339 list_add_tail(&key->graveyard_link, &graveyard); in key_garbage_collector()
344 * it is associated with the dead key type. in key_garbage_collector()
348 keyring_restriction_gc(key, key_gc_dead_keytype); in key_garbage_collector()
358 keyring_gc(key, limit); in key_garbage_collector()
361 /* We found a dead key that is still referenced. Reset its type and in key_garbage_collector()
366 kdebug("destroy key %d", key->serial); in key_garbage_collector()
367 down_write(&key->sem); in key_garbage_collector()
368 key->type = &key_type_dead; in key_garbage_collector()
370 key_gc_dead_keytype->destroy(key); in key_garbage_collector()
371 memset(&key->payload, KEY_DESTROY, sizeof(key->payload)); in key_garbage_collector()
372 up_write(&key->sem); in key_garbage_collector()