| 1 | // SPDX-License-Identifier: GPL-2.0-or-later |
|---|
| 2 | /* Key management controls |
|---|
| 3 | * |
|---|
| 4 | * Copyright (C) 2008 Red Hat, Inc. All Rights Reserved. |
|---|
| 5 | * Written by David Howells (dhowells@redhat.com) |
|---|
| 6 | */ |
|---|
| 7 | |
|---|
| 8 | #include <linux/key.h> |
|---|
| 9 | #include <linux/sysctl.h> |
|---|
| 10 | #include "internal.h" |
|---|
| 11 | |
|---|
| 12 | static struct ctl_table key_sysctls[] = { |
|---|
| 13 | { |
|---|
| 14 | .procname = "maxkeys" , |
|---|
| 15 | .data = &key_quota_maxkeys, |
|---|
| 16 | .maxlen = sizeof(unsigned), |
|---|
| 17 | .mode = 0644, |
|---|
| 18 | .proc_handler = proc_dointvec_minmax, |
|---|
| 19 | .extra1 = (void *) SYSCTL_ONE, |
|---|
| 20 | .extra2 = (void *) SYSCTL_INT_MAX, |
|---|
| 21 | }, |
|---|
| 22 | { |
|---|
| 23 | .procname = "maxbytes" , |
|---|
| 24 | .data = &key_quota_maxbytes, |
|---|
| 25 | .maxlen = sizeof(unsigned), |
|---|
| 26 | .mode = 0644, |
|---|
| 27 | .proc_handler = proc_dointvec_minmax, |
|---|
| 28 | .extra1 = (void *) SYSCTL_ONE, |
|---|
| 29 | .extra2 = (void *) SYSCTL_INT_MAX, |
|---|
| 30 | }, |
|---|
| 31 | { |
|---|
| 32 | .procname = "root_maxkeys" , |
|---|
| 33 | .data = &key_quota_root_maxkeys, |
|---|
| 34 | .maxlen = sizeof(unsigned), |
|---|
| 35 | .mode = 0644, |
|---|
| 36 | .proc_handler = proc_dointvec_minmax, |
|---|
| 37 | .extra1 = (void *) SYSCTL_ONE, |
|---|
| 38 | .extra2 = (void *) SYSCTL_INT_MAX, |
|---|
| 39 | }, |
|---|
| 40 | { |
|---|
| 41 | .procname = "root_maxbytes" , |
|---|
| 42 | .data = &key_quota_root_maxbytes, |
|---|
| 43 | .maxlen = sizeof(unsigned), |
|---|
| 44 | .mode = 0644, |
|---|
| 45 | .proc_handler = proc_dointvec_minmax, |
|---|
| 46 | .extra1 = (void *) SYSCTL_ONE, |
|---|
| 47 | .extra2 = (void *) SYSCTL_INT_MAX, |
|---|
| 48 | }, |
|---|
| 49 | { |
|---|
| 50 | .procname = "gc_delay" , |
|---|
| 51 | .data = &key_gc_delay, |
|---|
| 52 | .maxlen = sizeof(unsigned), |
|---|
| 53 | .mode = 0644, |
|---|
| 54 | .proc_handler = proc_dointvec_minmax, |
|---|
| 55 | .extra1 = (void *) SYSCTL_ZERO, |
|---|
| 56 | .extra2 = (void *) SYSCTL_INT_MAX, |
|---|
| 57 | }, |
|---|
| 58 | #ifdef CONFIG_PERSISTENT_KEYRINGS |
|---|
| 59 | { |
|---|
| 60 | .procname = "persistent_keyring_expiry" , |
|---|
| 61 | .data = &persistent_keyring_expiry, |
|---|
| 62 | .maxlen = sizeof(unsigned), |
|---|
| 63 | .mode = 0644, |
|---|
| 64 | .proc_handler = proc_dointvec_minmax, |
|---|
| 65 | .extra1 = (void *) SYSCTL_ZERO, |
|---|
| 66 | .extra2 = (void *) SYSCTL_INT_MAX, |
|---|
| 67 | }, |
|---|
| 68 | #endif |
|---|
| 69 | { } |
|---|
| 70 | }; |
|---|
| 71 | |
|---|
| 72 | static int __init init_security_keys_sysctls(void) |
|---|
| 73 | { |
|---|
| 74 | register_sysctl_init("kernel/keys" , key_sysctls); |
|---|
| 75 | return 0; |
|---|
| 76 | } |
|---|
| 77 | early_initcall(init_security_keys_sysctls); |
|---|
| 78 | |
|---|
