Merge branch 'upstream'

author: Jeff Garzik <jgarzik@pobox.com> 2006-01-17 10:26:28 -0500
committer: Jeff Garzik <jgarzik@pobox.com> 2006-01-17 10:26:28 -0500
commit: 0825788ff27c7145e9d558cb2a26f3837d1f9be5 (patch)
tree: f6bdb892cec8ca0df69c08a3477c89f1542999e5 /security/keys/permission.c
parent: 02f693c7118f6be9e677070eb630c1f3a654cdd3 (diff)
parent: 1bc4ccfff8675adc3d96f91245eb7e2dc0043ca9 (diff)
1 files changed, 32 insertions, 0 deletions
diff --git a/security/keys/permission.c b/security/keys/permission.c
index e7f579c0eaf5..3b41f9b52537 100644
--- a/security/keys/permission.c
+++ b/security/keys/permission.c
@@ -73,3 +73,35 @@ use_these_perms:
 } /* end key_task_permission() */
 
 EXPORT_SYMBOL(key_task_permission);
+
+/*****************************************************************************/
+/*
+ * validate a key
+ */
+int key_validate(struct key *key)
+{
+	struct timespec now;
+	int ret = 0;
+
+	if (key) {
+		/* check it's still accessible */
+		ret = -EKEYREVOKED;
+		if (test_bit(KEY_FLAG_REVOKED, &key->flags) ||
+		    test_bit(KEY_FLAG_DEAD, &key->flags))
+			goto error;
+
+		/* check it hasn't expired */
+		ret = 0;
+		if (key->expiry) {
+			now = current_kernel_time();
+			if (now.tv_sec >= key->expiry)
+				ret = -EKEYEXPIRED;
+		}
+	}
+
+ error:
+	return ret;
+
+} /* end key_validate() */
+
+EXPORT_SYMBOL(key_validate);
author	Jeff Garzik <jgarzik@pobox.com>	2006-01-17 10:26:28 -0500
committer	Jeff Garzik <jgarzik@pobox.com>	2006-01-17 10:26:28 -0500
commit	0825788ff27c7145e9d558cb2a26f3837d1f9be5 (patch)
tree	f6bdb892cec8ca0df69c08a3477c89f1542999e5 /security/keys/permission.c
parent	02f693c7118f6be9e677070eb630c1f3a654cdd3 (diff)
parent	1bc4ccfff8675adc3d96f91245eb7e2dc0043ca9 (diff)