1/* System keyring containing trusted public keys. 2 * 3 * Copyright (C) 2013 Red Hat, Inc. All Rights Reserved. 4 * Written by David Howells (dhowells@redhat.com) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public Licence 8 * as published by the Free Software Foundation; either version 9 * 2 of the Licence, or (at your option) any later version. 10 */ 11 12#ifndef _KEYS_SYSTEM_KEYRING_H 13#define _KEYS_SYSTEM_KEYRING_H 14 15#ifdef CONFIG_SYSTEM_TRUSTED_KEYRING 16 17#include <linux/key.h> 18#include <crypto/public_key.h> 19 20extern struct key *system_trusted_keyring; 21static inline struct key *get_system_trusted_keyring(void) 22{ 23 return system_trusted_keyring; 24} 25#else 26static inline struct key *get_system_trusted_keyring(void) 27{ 28 return NULL; 29} 30#endif 31 32#ifdef CONFIG_SYSTEM_DATA_VERIFICATION 33extern int system_verify_data(const void *data, unsigned long len, 34 const void *raw_pkcs7, size_t pkcs7_len, 35 enum key_being_used_for usage); 36#endif 37 38#ifdef CONFIG_IMA_MOK_KEYRING 39extern struct key *ima_mok_keyring; 40extern struct key *ima_blacklist_keyring; 41 42static inline struct key *get_ima_mok_keyring(void) 43{ 44 return ima_mok_keyring; 45} 46static inline struct key *get_ima_blacklist_keyring(void) 47{ 48 return ima_blacklist_keyring; 49} 50#else 51static inline struct key *get_ima_mok_keyring(void) 52{ 53 return NULL; 54} 55static inline struct key *get_ima_blacklist_keyring(void) 56{ 57 return NULL; 58} 59#endif /* CONFIG_IMA_MOK_KEYRING */ 60 61 62#endif /* _KEYS_SYSTEM_KEYRING_H */ 63