Commit 146aa8b1 authored by David Howells's avatar David Howells

KEYS: Merge the type-specific data with the payload data

Merge the type-specific data with the payload data into one four-word chunk
as it seems pointless to keep them separate.

Use user_key_payload() for accessing the payloads of overloaded
user-defined keys.
Signed-off-by: 's avatarDavid Howells <dhowells@redhat.com>
cc: linux-cifs@vger.kernel.org
cc: ecryptfs@vger.kernel.org
cc: linux-ext4@vger.kernel.org
cc: linux-f2fs-devel@lists.sourceforge.net
cc: linux-nfs@vger.kernel.org
cc: ceph-devel@vger.kernel.org
cc: linux-ima-devel@lists.sourceforge.net
parent 4adc605e
......@@ -186,7 +186,7 @@ and looks like the following:
const struct public_key_signature *sig);
};
Asymmetric keys point to this with their type_data[0] member.
Asymmetric keys point to this with their payload[asym_subtype] member.
The owner and name fields should be set to the owning module and the name of
the subtype. Currently, the name is only used for print statements.
......@@ -269,8 +269,7 @@ mandatory:
struct key_preparsed_payload {
char *description;
void *type_data[2];
void *payload;
void *payload[4];
const void *data;
size_t datalen;
size_t quotalen;
......@@ -283,16 +282,18 @@ mandatory:
not theirs.
If the parser is happy with the blob, it should propose a description for
the key and attach it to ->description, ->type_data[0] should be set to
point to the subtype to be used, ->payload should be set to point to the
initialised data for that subtype, ->type_data[1] should point to a hex
fingerprint and quotalen should be updated to indicate how much quota this
key should account for.
When clearing up, the data attached to ->type_data[1] and ->description
will be kfree()'d and the data attached to ->payload will be passed to the
subtype's ->destroy() method to be disposed of. A module reference for
the subtype pointed to by ->type_data[0] will be put.
the key and attach it to ->description, ->payload[asym_subtype] should be
set to point to the subtype to be used, ->payload[asym_crypto] should be
set to point to the initialised data for that subtype,
->payload[asym_key_ids] should point to one or more hex fingerprints and
quotalen should be updated to indicate how much quota this key should
account for.
When clearing up, the data attached to ->payload[asym_key_ids] and
->description will be kfree()'d and the data attached to
->payload[asm_crypto] will be passed to the subtype's ->destroy() method
to be disposed of. A module reference for the subtype pointed to by
->payload[asym_subtype] will be put.
If the data format is not recognised, -EBADMSG should be returned. If it
......
......@@ -1049,12 +1049,12 @@ search a specific keyring, so using keyrings in this way is of limited utility.
NOTES ON ACCESSING PAYLOAD CONTENTS
===================================
The simplest payload is just a number in key->payload.value. In this case,
there's no need to indulge in RCU or locking when accessing the payload.
The simplest payload is just data stored in key->payload directly. In this
case, there's no need to indulge in RCU or locking when accessing the payload.
More complex payload contents must be allocated and a pointer to them set in
key->payload.data. One of the following ways must be selected to access the
data:
More complex payload contents must be allocated and pointers to them set in the
key->payload.data[] array. One of the following ways must be selected to
access the data:
(1) Unmodifiable key type.
......@@ -1092,6 +1092,13 @@ data:
the payload. key->datalen cannot be relied upon to be consistent with the
payload just dereferenced if the key's semaphore is not held.
Note that key->payload.data[0] has a shadow that is marked for __rcu
usage. This is called key->payload.rcu_data0. The following accessors
wrap the RCU calls to this element:
rcu_assign_keypointer(struct key *key, void *data);
void *rcu_dereference_key(struct key *key);
===================
DEFINING A KEY TYPE
......@@ -1143,8 +1150,7 @@ The structure has a number of fields, some of which are mandatory:
struct key_preparsed_payload {
char *description;
void *type_data[2];
void *payload;
union key_payload payload;
const void *data;
size_t datalen;
size_t quotalen;
......@@ -1160,10 +1166,9 @@ The structure has a number of fields, some of which are mandatory:
attached as a string to the description field. This will be used for the
key description if the caller of add_key() passes NULL or "".
The method can attach anything it likes to type_data[] and payload. These
are merely passed along to the instantiate() or update() operations. If
set, the expiry time will be applied to the key if it is instantiated from
this data.
The method can attach anything it likes to payload. This is merely passed
along to the instantiate() or update() operations. If set, the expiry
time will be applied to the key if it is instantiated from this data.
The method should return 0 if successful or a negative error code
otherwise.
......@@ -1172,11 +1177,10 @@ The structure has a number of fields, some of which are mandatory:
(*) void (*free_preparse)(struct key_preparsed_payload *prep);
This method is only required if the preparse() method is provided,
otherwise it is unused. It cleans up anything attached to the
description, type_data and payload fields of the key_preparsed_payload
struct as filled in by the preparse() method. It will always be called
after preparse() returns successfully, even if instantiate() or update()
succeed.
otherwise it is unused. It cleans up anything attached to the description
and payload fields of the key_preparsed_payload struct as filled in by the
preparse() method. It will always be called after preparse() returns
successfully, even if instantiate() or update() succeed.
(*) int (*instantiate)(struct key *key, struct key_preparsed_payload *prep);
......@@ -1197,6 +1201,11 @@ The structure has a number of fields, some of which are mandatory:
It is safe to sleep in this method.
generic_key_instantiate() is provided to simply copy the data from
prep->payload.data[] to key->payload.data[], with RCU-safe assignment on
the first element. It will then clear prep->payload.data[] so that the
free_preparse method doesn't release the data.
(*) int (*update)(struct key *key, const void *data, size_t datalen);
......
......@@ -14,8 +14,3 @@ extern struct asymmetric_key_id *asymmetric_key_hex_to_key_id(const char *id);
extern int __asymmetric_key_hex_to_key_id(const char *id,
struct asymmetric_key_id *match_id,
size_t hexlen);
static inline
const struct asymmetric_key_ids *asymmetric_key_ids(const struct key *key)
{
return key->type_data.p[1];
}
......@@ -306,26 +306,35 @@ static int asymmetric_key_preparse(struct key_preparsed_payload *prep)
return ret;
}
/*
* Clean up the key ID list
*/
static void asymmetric_key_free_kids(struct asymmetric_key_ids *kids)
{
int i;
if (kids) {
for (i = 0; i < ARRAY_SIZE(kids->id); i++)
kfree(kids->id[i]);
kfree(kids);
}
}
/*
* Clean up the preparse data
*/
static void asymmetric_key_free_preparse(struct key_preparsed_payload *prep)
{
struct asymmetric_key_subtype *subtype = prep->type_data[0];
struct asymmetric_key_ids *kids = prep->type_data[1];
int i;
struct asymmetric_key_subtype *subtype = prep->payload.data[asym_subtype];
struct asymmetric_key_ids *kids = prep->payload.data[asym_key_ids];
pr_devel("==>%s()\n", __func__);
if (subtype) {
subtype->destroy(prep->payload[0]);
subtype->destroy(prep->payload.data[asym_crypto]);
module_put(subtype->owner);
}
if (kids) {
for (i = 0; i < ARRAY_SIZE(kids->id); i++)
kfree(kids->id[i]);
kfree(kids);
}
asymmetric_key_free_kids(kids);
kfree(prep->description);
}
......@@ -335,20 +344,19 @@ static void asymmetric_key_free_preparse(struct key_preparsed_payload *prep)
static void asymmetric_key_destroy(struct key *key)
{
struct asymmetric_key_subtype *subtype = asymmetric_key_subtype(key);
struct asymmetric_key_ids *kids = key->type_data.p[1];
struct asymmetric_key_ids *kids = key->payload.data[asym_key_ids];
void *data = key->payload.data[asym_crypto];
key->payload.data[asym_crypto] = NULL;
key->payload.data[asym_subtype] = NULL;
key->payload.data[asym_key_ids] = NULL;
if (subtype) {
subtype->destroy(key->payload.data);
subtype->destroy(data);
module_put(subtype->owner);
key->type_data.p[0] = NULL;
}
if (kids) {
kfree(kids->id[0]);
kfree(kids->id[1]);
kfree(kids);
key->type_data.p[1] = NULL;
}
asymmetric_key_free_kids(kids);
}
struct key_type key_type_asymmetric = {
......
......@@ -49,7 +49,7 @@ EXPORT_SYMBOL_GPL(pkey_id_type_name);
static void public_key_describe(const struct key *asymmetric_key,
struct seq_file *m)
{
struct public_key *key = asymmetric_key->payload.data;
struct public_key *key = asymmetric_key->payload.data[asym_crypto];
if (key)
seq_printf(m, "%s.%s",
......@@ -112,7 +112,7 @@ EXPORT_SYMBOL_GPL(public_key_verify_signature);
static int public_key_verify_signature_2(const struct key *key,
const struct public_key_signature *sig)
{
const struct public_key *pk = key->payload.data;
const struct public_key *pk = key->payload.data[asym_crypto];
return public_key_verify_signature(pk, sig);
}
......
......@@ -37,7 +37,7 @@ int verify_signature(const struct key *key,
return -EINVAL;
subtype = asymmetric_key_subtype(key);
if (!subtype ||
!key->payload.data)
!key->payload.data[0])
return -EINVAL;
if (!subtype->verify_signature)
return -ENOTSUPP;
......
......@@ -11,6 +11,7 @@
#include <linux/time.h>
#include <crypto/public_key.h>
#include <keys/asymmetric-type.h>
struct x509_certificate {
struct x509_certificate *next;
......
......@@ -266,7 +266,8 @@ static int x509_validate_trust(struct x509_certificate *cert,
if (!IS_ERR(key)) {
if (!use_builtin_keys
|| test_bit(KEY_FLAG_BUILTIN, &key->flags))
ret = x509_check_signature(key->payload.data, cert);
ret = x509_check_signature(key->payload.data[asym_crypto],
cert);
key_put(key);
}
return ret;
......@@ -352,9 +353,9 @@ static int x509_key_preparse(struct key_preparsed_payload *prep)
/* We're pinning the module by being linked against it */
__module_get(public_key_subtype.owner);
prep->type_data[0] = &public_key_subtype;
prep->type_data[1] = kids;
prep->payload[0] = cert->pub;
prep->payload.data[asym_subtype] = &public_key_subtype;
prep->payload.data[asym_key_ids] = kids;
prep->payload.data[asym_crypto] = cert->pub;
prep->description = desc;
prep->quotalen = 100;
......
......@@ -42,7 +42,7 @@ cifs_spnego_key_instantiate(struct key *key, struct key_preparsed_payload *prep)
goto error;
/* attach the data */
key->payload.data = payload;
key->payload.data[0] = payload;
ret = 0;
error:
......@@ -52,7 +52,7 @@ cifs_spnego_key_instantiate(struct key *key, struct key_preparsed_payload *prep)
static void
cifs_spnego_key_destroy(struct key *key)
{
kfree(key->payload.data);
kfree(key->payload.data[0]);
}
......@@ -167,7 +167,7 @@ cifs_get_spnego_key(struct cifs_ses *sesInfo)
#ifdef CONFIG_CIFS_DEBUG2
if (cifsFYI && !IS_ERR(spnego_key)) {
struct cifs_spnego_msg *msg = spnego_key->payload.data;
struct cifs_spnego_msg *msg = spnego_key->payload.data[0];
cifs_dump_mem("SPNEGO reply blob:", msg->data, min(1024U,
msg->secblob_len + msg->sesskey_len));
}
......
......@@ -58,16 +58,15 @@ cifs_idmap_key_instantiate(struct key *key, struct key_preparsed_payload *prep)
* dereference payload.data!
*/
if (prep->datalen <= sizeof(key->payload)) {
key->payload.value = 0;
memcpy(&key->payload.value, prep->data, prep->datalen);
key->datalen = prep->datalen;
return 0;
key->payload.data[0] = NULL;
memcpy(&key->payload, prep->data, prep->datalen);
} else {
payload = kmemdup(prep->data, prep->datalen, GFP_KERNEL);
if (!payload)
return -ENOMEM;
key->payload.data[0] = payload;
}
payload = kmemdup(prep->data, prep->datalen, GFP_KERNEL);
if (!payload)
return -ENOMEM;
key->payload.data = payload;
key->datalen = prep->datalen;
return 0;
}
......@@ -76,7 +75,7 @@ static inline void
cifs_idmap_key_destroy(struct key *key)
{
if (key->datalen > sizeof(key->payload))
kfree(key->payload.data);
kfree(key->payload.data[0]);
}
static struct key_type cifs_idmap_key_type = {
......@@ -233,8 +232,8 @@ id_to_sid(unsigned int cid, uint sidtype, struct cifs_sid *ssid)
* it could be.
*/
ksid = sidkey->datalen <= sizeof(sidkey->payload) ?
(struct cifs_sid *)&sidkey->payload.value :
(struct cifs_sid *)sidkey->payload.data;
(struct cifs_sid *)&sidkey->payload :
(struct cifs_sid *)sidkey->payload.data[0];
ksid_size = CIFS_SID_BASE_SIZE + (ksid->num_subauth * sizeof(__le32));
if (ksid_size > sidkey->datalen) {
......@@ -307,14 +306,14 @@ sid_to_id(struct cifs_sb_info *cifs_sb, struct cifs_sid *psid,
if (sidtype == SIDOWNER) {
kuid_t uid;
uid_t id;
memcpy(&id, &sidkey->payload.value, sizeof(uid_t));
memcpy(&id, &sidkey->payload.data[0], sizeof(uid_t));
uid = make_kuid(&init_user_ns, id);
if (uid_valid(uid))
fuid = uid;
} else {
kgid_t gid;
gid_t id;
memcpy(&id, &sidkey->payload.value, sizeof(gid_t));
memcpy(&id, &sidkey->payload.data[0], sizeof(gid_t));
gid = make_kgid(&init_user_ns, id);
if (gid_valid(gid))
fgid = gid;
......
......@@ -2325,13 +2325,14 @@ static int
cifs_set_cifscreds(struct smb_vol *vol, struct cifs_ses *ses)
{
int rc = 0;
char *desc, *delim, *payload;
const char *delim, *payload;
char *desc;
ssize_t len;
struct key *key;
struct TCP_Server_Info *server = ses->server;
struct sockaddr_in *sa;
struct sockaddr_in6 *sa6;
struct user_key_payload *upayload;
const struct user_key_payload *upayload;
desc = kmalloc(CIFSCREDS_DESC_SIZE, GFP_KERNEL);
if (!desc)
......@@ -2374,14 +2375,14 @@ cifs_set_cifscreds(struct smb_vol *vol, struct cifs_ses *ses)
}
down_read(&key->sem);
upayload = key->payload.data;
upayload = user_key_payload(key);
if (IS_ERR_OR_NULL(upayload)) {
rc = upayload ? PTR_ERR(upayload) : -EINVAL;
goto out_key_put;
}
/* find first : in payload */
payload = (char *)upayload->data;
payload = upayload->data;
delim = strnchr(payload, upayload->datalen, ':');
cifs_dbg(FYI, "payload=%s\n", payload);
if (!delim) {
......
......@@ -988,7 +988,7 @@ sess_auth_kerberos(struct sess_data *sess_data)
goto out;
}
msg = spnego_key->payload.data;
msg = spnego_key->payload.data[0];
/*
* check version field to make sure that cifs.upcall is
* sending us a response in an expected form
......
......@@ -660,7 +660,7 @@ SMB2_sess_setup(const unsigned int xid, struct cifs_ses *ses,
goto ssetup_exit;
}
msg = spnego_key->payload.data;
msg = spnego_key->payload.data[0];
/*
* check version field to make sure that cifs.upcall is
* sending us a response in an expected form
......
......@@ -86,7 +86,7 @@ ecryptfs_get_encrypted_key_payload_data(struct key *key)
{
if (key->type == &key_type_encrypted)
return (struct ecryptfs_auth_tok *)
(&((struct encrypted_key_payload *)key->payload.data)->payload_data);
(&((struct encrypted_key_payload *)key->payload.data[0])->payload_data);
else
return NULL;
}
......@@ -117,8 +117,7 @@ ecryptfs_get_key_payload_data(struct key *key)
auth_tok = ecryptfs_get_encrypted_key_payload_data(key);
if (!auth_tok)
return (struct ecryptfs_auth_tok *)
(((struct user_key_payload *)key->payload.data)->data);
return (struct ecryptfs_auth_tok *)user_key_payload(key)->data;
else
return auth_tok;
}
......
......@@ -121,7 +121,7 @@ int _ext4_get_encryption_info(struct inode *inode)
struct key *keyring_key = NULL;
struct ext4_encryption_key *master_key;
struct ext4_encryption_context ctx;
struct user_key_payload *ukp;
const struct user_key_payload *ukp;
struct ext4_sb_info *sbi = EXT4_SB(inode->i_sb);
struct crypto_ablkcipher *ctfm;
const char *cipher_str;
......@@ -209,7 +209,7 @@ int _ext4_get_encryption_info(struct inode *inode)
}
crypt_info->ci_keyring_key = keyring_key;
BUG_ON(keyring_key->type != &key_type_logon);
ukp = ((struct user_key_payload *)keyring_key->payload.data);
ukp = user_key_payload(keyring_key);
if (ukp->datalen != sizeof(struct ext4_encryption_key)) {
res = -EINVAL;
goto out;
......
......@@ -122,7 +122,7 @@ int _f2fs_get_encryption_info(struct inode *inode)
struct key *keyring_key = NULL;
struct f2fs_encryption_key *master_key;
struct f2fs_encryption_context ctx;
struct user_key_payload *ukp;
const struct user_key_payload *ukp;
struct crypto_ablkcipher *ctfm;
const char *cipher_str;
char raw_key[F2FS_MAX_KEY_SIZE];
......@@ -199,7 +199,7 @@ int _f2fs_get_encryption_info(struct inode *inode)
}
crypt_info->ci_keyring_key = keyring_key;
BUG_ON(keyring_key->type != &key_type_logon);
ukp = ((struct user_key_payload *)keyring_key->payload.data);
ukp = user_key_payload(keyring_key);
if (ukp->datalen != sizeof(struct f2fs_encryption_key)) {
res = -EINVAL;
goto out;
......
......@@ -316,7 +316,7 @@ static const struct seq_operations fscache_objlist_ops = {
static void fscache_objlist_config(struct fscache_objlist_data *data)
{
#ifdef CONFIG_KEYS
struct user_key_payload *confkey;
const struct user_key_payload *confkey;
unsigned long config;
struct key *key;
const char *buf;
......@@ -329,7 +329,7 @@ static void fscache_objlist_config(struct fscache_objlist_data *data)
config = 0;
rcu_read_lock();
confkey = key->payload.data;
confkey = user_key_payload(key);
buf = confkey->data;
for (len = confkey->datalen - 1; len >= 0; len--) {
......
......@@ -297,7 +297,7 @@ static ssize_t nfs_idmap_get_key(const char *name, size_t namelen,
{
const struct cred *saved_cred;
struct key *rkey;
struct user_key_payload *payload;
const struct user_key_payload *payload;
ssize_t ret;
saved_cred = override_creds(id_resolver_cache);
......@@ -316,7 +316,7 @@ static ssize_t nfs_idmap_get_key(const char *name, size_t namelen,
if (ret < 0)
goto out_up;
payload = rcu_dereference(rkey->payload.rcudata);
payload = user_key_payload(rkey);
if (IS_ERR_OR_NULL(payload)) {
ret = PTR_ERR(payload);
goto out_up;
......
......@@ -15,7 +15,6 @@
#define _LINUX_PUBLIC_KEY_H
#include <linux/mpi.h>
#include <keys/asymmetric-type.h>
#include <crypto/hash_info.h>
enum pkey_algo {
......
......@@ -49,7 +49,7 @@ struct asymmetric_key_subtype {
static inline
struct asymmetric_key_subtype *asymmetric_key_subtype(const struct key *key)
{
return key->type_data.p[0];
return key->payload.data[asym_subtype];
}
#endif /* _KEYS_ASYMMETRIC_SUBTYPE_H */
......@@ -18,6 +18,16 @@
extern struct key_type key_type_asymmetric;
/*
* The key payload is four words. The asymmetric-type key uses them as
* follows:
*/
enum asymmetric_payload_bits {
asym_crypto,
asym_subtype,
asym_key_ids,
};
/*
* Identifiers for an asymmetric key ID. We have three ways of looking up a
* key derived from an X.509 certificate:
......@@ -58,6 +68,11 @@ extern struct asymmetric_key_id *asymmetric_key_generate_id(const void *val_1,
size_t len_1,
const void *val_2,
size_t len_2);
static inline
const struct asymmetric_key_ids *asymmetric_key_ids(const struct key *key)
{
return key->payload.data[asym_key_ids];
}
/*
* The payload is at the discretion of the subtype.
......
......@@ -15,6 +15,8 @@
#include <linux/key.h>
#include <linux/rcupdate.h>
#ifdef CONFIG_KEYS
/*****************************************************************************/
/*
* the payload for a key of type "user" or "logon"
......@@ -46,5 +48,11 @@ extern void user_describe(const struct key *user, struct seq_file *m);
extern long user_read(const struct key *key,
char __user *buffer, size_t buflen);
static inline const struct user_key_payload *user_key_payload(const struct key *key)
{
return (struct user_key_payload *)rcu_dereference_key(key);
}
#endif /* CONFIG_KEYS */
#endif /* _KEYS_USER_TYPE_H */
......@@ -40,8 +40,7 @@ struct key_construction {
*/
struct key_preparsed_payload {
char *description; /* Proposed key description (or NULL) */
void *type_data[2]; /* Private key-type data */
void *payload[2]; /* Proposed payload */
union key_payload payload; /* Proposed payload */
const void *data; /* Raw data */
size_t datalen; /* Raw datalen */
size_t quotalen; /* Quota length for proposed payload */
......
......@@ -89,6 +89,11 @@ struct keyring_index_key {
size_t desc_len;
};
union key_payload {
void __rcu *rcu_data0;
void *data[4];
};
/*****************************************************************************/
/*
* key reference with possession attribute handling
......@@ -186,28 +191,18 @@ struct key {
};
};
/* type specific data
* - this is used by the keyring type to index the name
*/
union {
struct list_head link;
unsigned long x[2];
void *p[2];
int reject_error;
} type_data;
/* key data
* - this is used to hold the data actually used in cryptography or
* whatever
*/
union {
union {
unsigned long value;
void __rcu *rcudata;
void *data;
void *data2[2];
} payload;
struct assoc_array keys;
union key_payload payload;
struct {
/* Keyring bits */
struct list_head name_link;
struct assoc_array keys;
};
int reject_error;
};
};
......@@ -336,12 +331,12 @@ static inline bool key_is_instantiated(const struct key *key)
}
#define rcu_dereference_key(KEY) \
(rcu_dereference_protected((KEY)->payload.rcudata, \
(rcu_dereference_protected((KEY)->payload.rcu_data0, \
rwsem_is_locked(&((struct key *)(KEY))->sem)))
#define rcu_assign_keypointer(KEY, PAYLOAD) \
do { \
rcu_assign_pointer((KEY)->payload.rcudata, (PAYLOAD)); \
rcu_assign_pointer((KEY)->payload.rcu_data0, (PAYLOAD)); \
} while (0)
#ifdef CONFIG_SYSCTL
......
......@@ -10,6 +10,7 @@
*/
#include <linux/kernel.h>
#include <linux/errno.h>
#include <keys/system_keyring.h>
#include <crypto/public_key.h>
#include "module-internal.h"
......
......@@ -79,12 +79,13 @@ static int digsig_verify_rsa(struct key *key,
unsigned char *out1 = NULL;
const char *m;
MPI in = NULL, res = NULL, pkey[2];
uint8_t *p, *datap, *endp;
struct user_key_payload *ukp;
uint8_t *p, *datap;
const uint8_t *endp;
const struct user_key_payload *ukp;
struct pubkey_hdr *pkh;
down_read(&key->sem);
ukp = key->payload.data;
ukp = user_key_payload(key);
if (ukp->datalen < sizeof(*pkh))
goto err1;
......
......@@ -318,7 +318,7 @@ static int get_secret(struct ceph_crypto_key *dst, const char *name) {
goto out;
}
ckey = ukey->payload.data;
ckey = ukey->payload.data[0];
err = ceph_crypto_key_clone(dst, ckey);
if (err)
goto out_key;
......
......@@ -537,7 +537,7 @@ static int ceph_key_preparse(struct key_preparsed_payload *prep)
if (ret < 0)
goto err_ckey;
prep->payload[0] = ckey;
prep->payload.data[0] = ckey;
prep->quotalen = datalen;
return 0;
......@@ -549,14 +549,14 @@ static int ceph_key_preparse(struct key_preparsed_payload *prep)
static void ceph_key_free_preparse(struct key_preparsed_payload *prep)
{
struct ceph_crypto_key *ckey = prep->payload[0];
struct ceph_crypto_key *ckey = prep->payload.data[0];
ceph_crypto_key_destroy(ckey);
kfree(ckey);
}
static void ceph_key_destroy(struct key *key)
{
struct ceph_crypto_key *ckey = key->payload.data;
struct ceph_crypto_key *ckey = key->payload.data[0];
ceph_crypto_key_destroy(ckey);
kfree(ckey);
......
......@@ -122,7 +122,7 @@ dns_resolver_preparse(struct key_preparsed_payload *prep)
goto bad_option_value;
kdebug("dns error no. = %lu", derrno);
prep->type_data[0] = ERR_PTR(-derrno);
prep->payload.data[dns_key_error] = ERR_PTR(-derrno);
continue;
}
......@@ -137,8 +137,8 @@ dns_resolver_preparse(struct key_preparsed_payload *prep)