| Message ID | 20240821123616.60401-2-dhowells@redhat.com (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | keys: Add tracepoints | expand |
On Wed Aug 21, 2024 at 3:36 PM EEST, David Howells wrote: > Move key_is_dead() out of line so that tracepoints can be added in to it > without incurring circular #includes. Also, it is only used from the file > it is moved into. > > Signed-off-by: David Howells <dhowells@redhat.com> > cc: Jarkko Sakkinen <jarkko@kernel.org> > cc: keyrings@vger.kernel.org > cc: linux-security-module@vger.kernel.org > --- > security/keys/internal.h | 20 -------------------- > security/keys/keyring.c | 20 ++++++++++++++++++++ > 2 files changed, 20 insertions(+), 20 deletions(-) > > diff --git a/security/keys/internal.h b/security/keys/internal.h > index 2cffa6dc8255..8ba87127e446 100644 > --- a/security/keys/internal.h > +++ b/security/keys/internal.h > @@ -211,26 +211,6 @@ extern struct key *request_key_auth_new(struct key *target, > > extern struct key *key_get_instantiation_authkey(key_serial_t target_id); > > -/* > - * Determine whether a key is dead. > - */ > -static inline bool key_is_dead(const struct key *key, time64_t limit) > -{ > - time64_t expiry = key->expiry; > - > - if (expiry != TIME64_MAX) { > - if (!(key->type->flags & KEY_TYPE_INSTANT_REAP)) > - expiry += key_gc_delay; > - if (expiry <= limit) > - return true; > - } > - > - return > - key->flags & ((1 << KEY_FLAG_DEAD) | > - (1 << KEY_FLAG_INVALIDATED)) || > - key->domain_tag->removed; > -} > - > /* > * keyctl() functions > */ > diff --git a/security/keys/keyring.c b/security/keys/keyring.c > index 4448758f643a..0eed018448cb 100644 > --- a/security/keys/keyring.c > +++ b/security/keys/keyring.c > @@ -1687,6 +1687,26 @@ static void keyring_revoke(struct key *keyring) > } > } > > +/* > + * Determine whether a key is dead. > + */ > +static bool key_is_dead(const struct key *key, time64_t limit) > +{ > + time64_t expiry = key->expiry; > + > + if (expiry != TIME64_MAX) { > + if (!(key->type->flags & KEY_TYPE_INSTANT_REAP)) > + expiry += key_gc_delay; > + if (expiry <= limit) > + return true; > + } > + > + return > + key->flags & ((1 << KEY_FLAG_DEAD) | > + (1 << KEY_FLAG_INVALIDATED)) || > + key->domain_tag->removed; > +} > + > static bool keyring_gc_select_iterator(void *object, void *iterator_data) > { > struct key *key = keyring_ptr_to_key(object); Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> BR, Jarkko
diff --git a/security/keys/internal.h b/security/keys/internal.h index 2cffa6dc8255..8ba87127e446 100644 --- a/security/keys/internal.h +++ b/security/keys/internal.h @@ -211,26 +211,6 @@ extern struct key *request_key_auth_new(struct key *target, extern struct key *key_get_instantiation_authkey(key_serial_t target_id); -/* - * Determine whether a key is dead. - */ -static inline bool key_is_dead(const struct key *key, time64_t limit) -{ - time64_t expiry = key->expiry; - - if (expiry != TIME64_MAX) { - if (!(key->type->flags & KEY_TYPE_INSTANT_REAP)) - expiry += key_gc_delay; - if (expiry <= limit) - return true; - } - - return - key->flags & ((1 << KEY_FLAG_DEAD) | - (1 << KEY_FLAG_INVALIDATED)) || - key->domain_tag->removed; -} - /* * keyctl() functions */ diff --git a/security/keys/keyring.c b/security/keys/keyring.c index 4448758f643a..0eed018448cb 100644 --- a/security/keys/keyring.c +++ b/security/keys/keyring.c @@ -1687,6 +1687,26 @@ static void keyring_revoke(struct key *keyring) } } +/* + * Determine whether a key is dead. + */ +static bool key_is_dead(const struct key *key, time64_t limit) +{ + time64_t expiry = key->expiry; + + if (expiry != TIME64_MAX) { + if (!(key->type->flags & KEY_TYPE_INSTANT_REAP)) + expiry += key_gc_delay; + if (expiry <= limit) + return true; + } + + return + key->flags & ((1 << KEY_FLAG_DEAD) | + (1 << KEY_FLAG_INVALIDATED)) || + key->domain_tag->removed; +} + static bool keyring_gc_select_iterator(void *object, void *iterator_data) { struct key *key = keyring_ptr_to_key(object);
Move key_is_dead() out of line so that tracepoints can be added in to it without incurring circular #includes. Also, it is only used from the file it is moved into. Signed-off-by: David Howells <dhowells@redhat.com> cc: Jarkko Sakkinen <jarkko@kernel.org> cc: keyrings@vger.kernel.org cc: linux-security-module@vger.kernel.org --- security/keys/internal.h | 20 -------------------- security/keys/keyring.c | 20 ++++++++++++++++++++ 2 files changed, 20 insertions(+), 20 deletions(-)