Commit 146aa8b1 authored by David Howells's avatar David Howells

KEYS: Merge the type-specific data with the payload data

Merge the type-specific data with the payload data into one four-word chunk
as it seems pointless to keep them separate.

Use user_key_payload() for accessing the payloads of overloaded
user-defined keys.
Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
cc: linux-cifs@vger.kernel.org
cc: ecryptfs@vger.kernel.org
cc: linux-ext4@vger.kernel.org
cc: linux-f2fs-devel@lists.sourceforge.net
cc: linux-nfs@vger.kernel.org
cc: ceph-devel@vger.kernel.org
cc: linux-ima-devel@lists.sourceforge.net
parent 4adc605e
...@@ -186,7 +186,7 @@ and looks like the following: ...@@ -186,7 +186,7 @@ and looks like the following:
const struct public_key_signature *sig); const struct public_key_signature *sig);
}; };
Asymmetric keys point to this with their type_data[0] member. Asymmetric keys point to this with their payload[asym_subtype] member.
The owner and name fields should be set to the owning module and the name of The owner and name fields should be set to the owning module and the name of
the subtype. Currently, the name is only used for print statements. the subtype. Currently, the name is only used for print statements.
...@@ -269,8 +269,7 @@ mandatory: ...@@ -269,8 +269,7 @@ mandatory:
struct key_preparsed_payload { struct key_preparsed_payload {
char *description; char *description;
void *type_data[2]; void *payload[4];
void *payload;
const void *data; const void *data;
size_t datalen; size_t datalen;
size_t quotalen; size_t quotalen;
...@@ -283,16 +282,18 @@ mandatory: ...@@ -283,16 +282,18 @@ mandatory:
not theirs. not theirs.
If the parser is happy with the blob, it should propose a description for If the parser is happy with the blob, it should propose a description for
the key and attach it to ->description, ->type_data[0] should be set to the key and attach it to ->description, ->payload[asym_subtype] should be
point to the subtype to be used, ->payload should be set to point to the set to point to the subtype to be used, ->payload[asym_crypto] should be
initialised data for that subtype, ->type_data[1] should point to a hex set to point to the initialised data for that subtype,
fingerprint and quotalen should be updated to indicate how much quota this ->payload[asym_key_ids] should point to one or more hex fingerprints and
key should account for. quotalen should be updated to indicate how much quota this key should
account for.
When clearing up, the data attached to ->type_data[1] and ->description
will be kfree()'d and the data attached to ->payload will be passed to the When clearing up, the data attached to ->payload[asym_key_ids] and
subtype's ->destroy() method to be disposed of. A module reference for ->description will be kfree()'d and the data attached to
the subtype pointed to by ->type_data[0] will be put. ->payload[asm_crypto] will be passed to the subtype's ->destroy() method
to be disposed of. A module reference for the subtype pointed to by
->payload[asym_subtype] will be put.
If the data format is not recognised, -EBADMSG should be returned. If it If the data format is not recognised, -EBADMSG should be returned. If it
......
...@@ -1049,12 +1049,12 @@ search a specific keyring, so using keyrings in this way is of limited utility. ...@@ -1049,12 +1049,12 @@ search a specific keyring, so using keyrings in this way is of limited utility.
NOTES ON ACCESSING PAYLOAD CONTENTS NOTES ON ACCESSING PAYLOAD CONTENTS
=================================== ===================================
The simplest payload is just a number in key->payload.value. In this case, The simplest payload is just data stored in key->payload directly. In this
there's no need to indulge in RCU or locking when accessing the payload. case, there's no need to indulge in RCU or locking when accessing the payload.
More complex payload contents must be allocated and a pointer to them set in More complex payload contents must be allocated and pointers to them set in the
key->payload.data. One of the following ways must be selected to access the key->payload.data[] array. One of the following ways must be selected to
data: access the data:
(1) Unmodifiable key type. (1) Unmodifiable key type.
...@@ -1092,6 +1092,13 @@ data: ...@@ -1092,6 +1092,13 @@ data:
the payload. key->datalen cannot be relied upon to be consistent with the the payload. key->datalen cannot be relied upon to be consistent with the
payload just dereferenced if the key's semaphore is not held. payload just dereferenced if the key's semaphore is not held.
Note that key->payload.data[0] has a shadow that is marked for __rcu
usage. This is called key->payload.rcu_data0. The following accessors
wrap the RCU calls to this element:
rcu_assign_keypointer(struct key *key, void *data);
void *rcu_dereference_key(struct key *key);
=================== ===================
DEFINING A KEY TYPE DEFINING A KEY TYPE
...@@ -1143,8 +1150,7 @@ The structure has a number of fields, some of which are mandatory: ...@@ -1143,8 +1150,7 @@ The structure has a number of fields, some of which are mandatory:
struct key_preparsed_payload { struct key_preparsed_payload {
char *description; char *description;
void *type_data[2]; union key_payload payload;
void *payload;
const void *data; const void *data;
size_t datalen; size_t datalen;
size_t quotalen; size_t quotalen;
...@@ -1160,10 +1166,9 @@ The structure has a number of fields, some of which are mandatory: ...@@ -1160,10 +1166,9 @@ The structure has a number of fields, some of which are mandatory:
attached as a string to the description field. This will be used for the attached as a string to the description field. This will be used for the
key description if the caller of add_key() passes NULL or "". key description if the caller of add_key() passes NULL or "".
The method can attach anything it likes to type_data[] and payload. These The method can attach anything it likes to payload. This is merely passed
are merely passed along to the instantiate() or update() operations. If along to the instantiate() or update() operations. If set, the expiry
set, the expiry time will be applied to the key if it is instantiated from time will be applied to the key if it is instantiated from this data.
this data.
The method should return 0 if successful or a negative error code The method should return 0 if successful or a negative error code
otherwise. otherwise.
...@@ -1172,11 +1177,10 @@ The structure has a number of fields, some of which are mandatory: ...@@ -1172,11 +1177,10 @@ The structure has a number of fields, some of which are mandatory:
(*) void (*free_preparse)(struct key_preparsed_payload *prep); (*) void (*free_preparse)(struct key_preparsed_payload *prep);
This method is only required if the preparse() method is provided, This method is only required if the preparse() method is provided,
otherwise it is unused. It cleans up anything attached to the otherwise it is unused. It cleans up anything attached to the description
description, type_data and payload fields of the key_preparsed_payload and payload fields of the key_preparsed_payload struct as filled in by the
struct as filled in by the preparse() method. It will always be called preparse() method. It will always be called after preparse() returns
after preparse() returns successfully, even if instantiate() or update() successfully, even if instantiate() or update() succeed.
succeed.
(*) int (*instantiate)(struct key *key, struct key_preparsed_payload *prep); (*) int (*instantiate)(struct key *key, struct key_preparsed_payload *prep);
...@@ -1197,6 +1201,11 @@ The structure has a number of fields, some of which are mandatory: ...@@ -1197,6 +1201,11 @@ The structure has a number of fields, some of which are mandatory:
It is safe to sleep in this method. It is safe to sleep in this method.
generic_key_instantiate() is provided to simply copy the data from
prep->payload.data[] to key->payload.data[], with RCU-safe assignment on
the first element. It will then clear prep->payload.data[] so that the
free_preparse method doesn't release the data.
(*) int (*update)(struct key *key, const void *data, size_t datalen); (*) int (*update)(struct key *key, const void *data, size_t datalen);
......
...@@ -14,8 +14,3 @@ extern struct asymmetric_key_id *asymmetric_key_hex_to_key_id(const char *id); ...@@ -14,8 +14,3 @@ extern struct asymmetric_key_id *asymmetric_key_hex_to_key_id(const char *id);
extern int __asymmetric_key_hex_to_key_id(const char *id, extern int __asymmetric_key_hex_to_key_id(const char *id,
struct asymmetric_key_id *match_id, struct asymmetric_key_id *match_id,
size_t hexlen); size_t hexlen);
static inline
const struct asymmetric_key_ids *asymmetric_key_ids(const struct key *key)
{
return key->type_data.p[1];
}
...@@ -306,26 +306,35 @@ static int asymmetric_key_preparse(struct key_preparsed_payload *prep) ...@@ -306,26 +306,35 @@ static int asymmetric_key_preparse(struct key_preparsed_payload *prep)
return ret; return ret;
} }
/*
* Clean up the key ID list
*/
static void asymmetric_key_free_kids(struct asymmetric_key_ids *kids)
{
int i;
if (kids) {
for (i = 0; i < ARRAY_SIZE(kids->id); i++)
kfree(kids->id[i]);
kfree(kids);
}
}
/* /*
* Clean up the preparse data * Clean up the preparse data
*/ */
static void asymmetric_key_free_preparse(struct key_preparsed_payload *prep) static void asymmetric_key_free_preparse(struct key_preparsed_payload *prep)
{ {
struct asymmetric_key_subtype *subtype = prep->type_data[0]; struct asymmetric_key_subtype *subtype = prep->payload.data[asym_subtype];
struct asymmetric_key_ids *kids = prep->type_data[1]; struct asymmetric_key_ids *kids = prep->payload.data[asym_key_ids];
int i;
pr_devel("==>%s()\n", __func__); pr_devel("==>%s()\n", __func__);
if (subtype) { if (subtype) {
subtype->destroy(prep->payload[0]); subtype->destroy(prep->payload.data[asym_crypto]);
module_put(subtype->owner); module_put(subtype->owner);
} }
if (kids) { asymmetric_key_free_kids(kids);
for (i = 0; i < ARRAY_SIZE(kids->id); i++)
kfree(kids->id[i]);
kfree(kids);
}
kfree(prep->description); kfree(prep->description);
} }
...@@ -335,20 +344,19 @@ static void asymmetric_key_free_preparse(struct key_preparsed_payload *prep) ...@@ -335,20 +344,19 @@ static void asymmetric_key_free_preparse(struct key_preparsed_payload *prep)
static void asymmetric_key_destroy(struct key *key) static void asymmetric_key_destroy(struct key *key)
{ {
struct asymmetric_key_subtype *subtype = asymmetric_key_subtype(key); struct asymmetric_key_subtype *subtype = asymmetric_key_subtype(key);
struct asymmetric_key_ids *kids = key->type_data.p[1]; struct asymmetric_key_ids *kids = key->payload.data[asym_key_ids];
void *data = key->payload.data[asym_crypto];
key->payload.data[asym_crypto] = NULL;
key->payload.data[asym_subtype] = NULL;
key->payload.data[asym_key_ids] = NULL;
if (subtype) { if (subtype) {
subtype->destroy(key->payload.data); subtype->destroy(data);
module_put(subtype->owner); module_put(subtype->owner);
key->type_data.p[0] = NULL;
} }
if (kids) { asymmetric_key_free_kids(kids);
kfree(kids->id[0]);
kfree(kids->id[1]);
kfree(kids);
key->type_data.p[1] = NULL;
}
} }
struct key_type key_type_asymmetric = { struct key_type key_type_asymmetric = {
......
...@@ -49,7 +49,7 @@ EXPORT_SYMBOL_GPL(pkey_id_type_name); ...@@ -49,7 +49,7 @@ EXPORT_SYMBOL_GPL(pkey_id_type_name);
static void public_key_describe(const struct key *asymmetric_key, static void public_key_describe(const struct key *asymmetric_key,
struct seq_file *m) struct seq_file *m)
{ {
struct public_key *key = asymmetric_key->payload.data; struct public_key *key = asymmetric_key->payload.data[asym_crypto];
if (key) if (key)
seq_printf(m, "%s.%s", seq_printf(m, "%s.%s",
...@@ -112,7 +112,7 @@ EXPORT_SYMBOL_GPL(public_key_verify_signature); ...@@ -112,7 +112,7 @@ EXPORT_SYMBOL_GPL(public_key_verify_signature);
static int public_key_verify_signature_2(const struct key *key, static int public_key_verify_signature_2(const struct key *key,
const struct public_key_signature *sig) const struct public_key_signature *sig)
{ {
const struct public_key *pk = key->payload.data; const struct public_key *pk = key->payload.data[asym_crypto];
return public_key_verify_signature(pk, sig); return public_key_verify_signature(pk, sig);
} }
......
...@@ -37,7 +37,7 @@ int verify_signature(const struct key *key, ...@@ -37,7 +37,7 @@ int verify_signature(const struct key *key,
return -EINVAL; return -EINVAL;
subtype = asymmetric_key_subtype(key); subtype = asymmetric_key_subtype(key);
if (!subtype || if (!subtype ||
!key->payload.data) !key->payload.data[0])
return -EINVAL; return -EINVAL;
if (!subtype->verify_signature) if (!subtype->verify_signature)
return -ENOTSUPP; return -ENOTSUPP;
......
...@@ -11,6 +11,7 @@ ...@@ -11,6 +11,7 @@
#include <linux/time.h> #include <linux/time.h>
#include <crypto/public_key.h> #include <crypto/public_key.h>
#include <keys/asymmetric-type.h>
struct x509_certificate { struct x509_certificate {
struct x509_certificate *next; struct x509_certificate *next;
......
...@@ -266,7 +266,8 @@ static int x509_validate_trust(struct x509_certificate *cert, ...@@ -266,7 +266,8 @@ static int x509_validate_trust(struct x509_certificate *cert,
if (!IS_ERR(key)) { if (!IS_ERR(key)) {
if (!use_builtin_keys if (!use_builtin_keys
|| test_bit(KEY_FLAG_BUILTIN, &key->flags)) || test_bit(KEY_FLAG_BUILTIN, &key->flags))
ret = x509_check_signature(key->payload.data, cert); ret = x509_check_signature(key->payload.data[asym_crypto],
cert);
key_put(key); key_put(key);
} }
return ret; return ret;
...@@ -352,9 +353,9 @@ static int x509_key_preparse(struct key_preparsed_payload *prep) ...@@ -352,9 +353,9 @@ static int x509_key_preparse(struct key_preparsed_payload *prep)
/* We're pinning the module by being linked against it */ /* We're pinning the module by being linked against it */
__module_get(public_key_subtype.owner); __module_get(public_key_subtype.owner);
prep->type_data[0] = &public_key_subtype; prep->payload.data[asym_subtype] = &public_key_subtype;
prep->type_data[1] = kids; prep->payload.data[asym_key_ids] = kids;
prep->payload[0] = cert->pub; prep->payload.data[asym_crypto] = cert->pub;
prep->description = desc; prep->description = desc;
prep->quotalen = 100; prep->quotalen = 100;
......
...@@ -42,7 +42,7 @@ cifs_spnego_key_instantiate(struct key *key, struct key_preparsed_payload *prep) ...@@ -42,7 +42,7 @@ cifs_spnego_key_instantiate(struct key *key, struct key_preparsed_payload *prep)
goto error; goto error;
/* attach the data */ /* attach the data */
key->payload.data = payload; key->payload.data[0] = payload;
ret = 0; ret = 0;
error: error:
...@@ -52,7 +52,7 @@ error: ...@@ -52,7 +52,7 @@ error:
static void static void
cifs_spnego_key_destroy(struct key *key) cifs_spnego_key_destroy(struct key *key)
{ {
kfree(key->payload.data); kfree(key->payload.data[0]);
} }
...@@ -167,7 +167,7 @@ cifs_get_spnego_key(struct cifs_ses *sesInfo) ...@@ -167,7 +167,7 @@ cifs_get_spnego_key(struct cifs_ses *sesInfo)
#ifdef CONFIG_CIFS_DEBUG2 #ifdef CONFIG_CIFS_DEBUG2
if (cifsFYI && !IS_ERR(spnego_key)) { if (cifsFYI && !IS_ERR(spnego_key)) {
struct cifs_spnego_msg *msg = spnego_key->payload.data; struct cifs_spnego_msg *msg = spnego_key->payload.data[0];
cifs_dump_mem("SPNEGO reply blob:", msg->data, min(1024U, cifs_dump_mem("SPNEGO reply blob:", msg->data, min(1024U,
msg->secblob_len + msg->sesskey_len)); msg->secblob_len + msg->sesskey_len));
} }
......
...@@ -58,16 +58,15 @@ cifs_idmap_key_instantiate(struct key *key, struct key_preparsed_payload *prep) ...@@ -58,16 +58,15 @@ cifs_idmap_key_instantiate(struct key *key, struct key_preparsed_payload *prep)
* dereference payload.data! * dereference payload.data!
*/ */
if (prep->datalen <= sizeof(key->payload)) { if (prep->datalen <= sizeof(key->payload)) {
key->payload.value = 0; key->payload.data[0] = NULL;
memcpy(&key->payload.value, prep->data, prep->datalen); memcpy(&key->payload, prep->data, prep->datalen);
key->datalen = prep->datalen; } else {
return 0; payload = kmemdup(prep->data, prep->datalen, GFP_KERNEL);
if (!payload)
return -ENOMEM;
key->payload.data[0] = payload;
} }
payload = kmemdup(prep->data, prep->datalen, GFP_KERNEL);
if (!payload)
return -ENOMEM;
key->payload.data = payload;
key->datalen = prep->datalen; key->datalen = prep->datalen;
return 0; return 0;
} }
...@@ -76,7 +75,7 @@ static inline void ...@@ -76,7 +75,7 @@ static inline void
cifs_idmap_key_destroy(struct key *key) cifs_idmap_key_destroy(struct key *key)
{ {
if (key->datalen > sizeof(key->payload)) if (key->datalen > sizeof(key->payload))
kfree(key->payload.data); kfree(key->payload.data[0]);
} }
static struct key_type cifs_idmap_key_type = { static struct key_type cifs_idmap_key_type = {
...@@ -233,8 +232,8 @@ id_to_sid(unsigned int cid, uint sidtype, struct cifs_sid *ssid) ...@@ -233,8 +232,8 @@ id_to_sid(unsigned int cid, uint sidtype, struct cifs_sid *ssid)
* it could be. * it could be.
*/ */
ksid = sidkey->datalen <= sizeof(sidkey->payload) ? ksid = sidkey->datalen <= sizeof(sidkey->payload) ?
(struct cifs_sid *)&sidkey->payload.value : (struct cifs_sid *)&sidkey->payload :
(struct cifs_sid *)sidkey->payload.data; (struct cifs_sid *)sidkey->payload.data[0];
ksid_size = CIFS_SID_BASE_SIZE + (ksid->num_subauth * sizeof(__le32)); ksid_size = CIFS_SID_BASE_SIZE + (ksid->num_subauth * sizeof(__le32));
if (ksid_size > sidkey->datalen) { if (ksid_size > sidkey->datalen) {
...@@ -307,14 +306,14 @@ sid_to_id(struct cifs_sb_info *cifs_sb, struct cifs_sid *psid, ...@@ -307,14 +306,14 @@ sid_to_id(struct cifs_sb_info *cifs_sb, struct cifs_sid *psid,
if (sidtype == SIDOWNER) { if (sidtype == SIDOWNER) {
kuid_t uid; kuid_t uid;
uid_t id; uid_t id;
memcpy(&id, &sidkey->payload.value, sizeof(uid_t)); memcpy(&id, &sidkey->payload.data[0], sizeof(uid_t));
uid = make_kuid(&init_user_ns, id); uid = make_kuid(&init_user_ns, id);
if (uid_valid(uid)) if (uid_valid(uid))
fuid = uid; fuid = uid;
} else { } else {
kgid_t gid; kgid_t gid;
gid_t id; gid_t id;
memcpy(&id, &sidkey->payload.value, sizeof(gid_t)); memcpy(&id, &sidkey->payload.data[0], sizeof(gid_t));
gid = make_kgid(&init_user_ns, id); gid = make_kgid(&init_user_ns, id);
if (gid_valid(gid)) if (gid_valid(gid))
fgid = gid; fgid = gid;
......
...@@ -2325,13 +2325,14 @@ static int ...@@ -2325,13 +2325,14 @@ static int
cifs_set_cifscreds(struct smb_vol *vol, struct cifs_ses *ses) cifs_set_cifscreds(struct smb_vol *vol, struct cifs_ses *ses)
{ {
int rc = 0; int rc = 0;
char *desc, *delim, *payload; const char *delim, *payload;
char *desc;
ssize_t len; ssize_t len;
struct key *key; struct key *key;
struct TCP_Server_Info *server = ses->server; struct TCP_Server_Info *server = ses->server;
struct sockaddr_in *sa; struct sockaddr_in *sa;
struct sockaddr_in6 *sa6; struct sockaddr_in6 *sa6;
struct user_key_payload *upayload; const struct user_key_payload *upayload;
desc = kmalloc(CIFSCREDS_DESC_SIZE, GFP_KERNEL); desc = kmalloc(CIFSCREDS_DESC_SIZE, GFP_KERNEL);
if (!desc) if (!desc)
...@@ -2374,14 +2375,14 @@ cifs_set_cifscreds(struct smb_vol *vol, struct cifs_ses *ses) ...@@ -2374,14 +2375,14 @@ cifs_set_cifscreds(struct smb_vol *vol, struct cifs_ses *ses)
} }
down_read(&key->sem); down_read(&key->sem);
upayload = key->payload.data; upayload = user_key_payload(key);
if (IS_ERR_OR_NULL(upayload)) { if (IS_ERR_OR_NULL(upayload)) {
rc = upayload ? PTR_ERR(upayload) : -EINVAL; rc = upayload ? PTR_ERR(upayload) : -EINVAL;
goto out_key_put; goto out_key_put;
} }
/* find first : in payload */ /* find first : in payload */
payload = (char *)upayload->data; payload = upayload->data;
delim = strnchr(payload, upayload->datalen, ':'); delim = strnchr(payload, upayload->datalen, ':');
cifs_dbg(FYI, "payload=%s\n", payload); cifs_dbg(FYI, "payload=%s\n", payload);
if (!delim) { if (!delim) {
......
...@@ -988,7 +988,7 @@ sess_auth_kerberos(struct sess_data *sess_data) ...@@ -988,7 +988,7 @@ sess_auth_kerberos(struct sess_data *sess_data)
goto out; goto out;
} }
msg = spnego_key->payload.data; msg = spnego_key->payload.data[0];
/* /*
* check version field to make sure that cifs.upcall is * check version field to make sure that cifs.upcall is
* sending us a response in an expected form * sending us a response in an expected form
......
...@@ -660,7 +660,7 @@ ssetup_ntlmssp_authenticate: ...@@ -660,7 +660,7 @@ ssetup_ntlmssp_authenticate:
goto ssetup_exit; goto ssetup_exit;
} }
msg = spnego_key->payload.data; msg = spnego_key->payload.data[0];
/* /*
* check version field to make sure that cifs.upcall is * check version field to make sure that cifs.upcall is
* sending us a response in an expected form * sending us a response in an expected form
......
...@@ -86,7 +86,7 @@ ecryptfs_get_encrypted_key_payload_data(struct key *key) ...@@ -86,7 +86,7 @@ ecryptfs_get_encrypted_key_payload_data(struct key *key)
{ {
if (key->type == &key_type_encrypted) if (key->type == &key_type_encrypted)
return (struct ecryptfs_auth_tok *) return (struct ecryptfs_auth_tok *)
(&((struct encrypted_key_payload *)key->payload.data)->payload_data); (&((struct encrypted_key_payload *)key->payload.data[0])->payload_data);
else else
return NULL; return NULL;
} }
...@@ -117,8 +117,7 @@ ecryptfs_get_key_payload_data(struct key *key) ...@@ -117,8 +117,7 @@ ecryptfs_get_key_payload_data(struct key *key)
auth_tok = ecryptfs_get_encrypted_key_payload_data(key); auth_tok = ecryptfs_get_encrypted_key_payload_data(key);
if (!auth_tok) if (!auth_tok)
return (struct ecryptfs_auth_tok *) return (struct ecryptfs_auth_tok *)user_key_payload(key)->data;
(((struct user_key_payload *)key->payload.data)->data);
else else
return auth_tok; return auth_tok;
} }
......
...@@ -121,7 +121,7 @@ int _ext4_get_encryption_info(struct inode *inode) ...@@ -121,7 +121,7 @@ int _ext4_get_encryption_info(struct inode *inode)
struct key *keyring_key = NULL; struct key *keyring_key = NULL;
struct ext4_encryption_key *master_key; struct ext4_encryption_key *master_key;
struct ext4_encryption_context ctx; struct ext4_encryption_context ctx;
struct user_key_payload *ukp; const struct user_key_payload *ukp;
struct ext4_sb_info *sbi = EXT4_SB(inode->i_sb); struct ext4_sb_info *sbi = EXT4_SB(inode->i_sb);
struct crypto_ablkcipher *ctfm; struct crypto_ablkcipher *ctfm;
const char *cipher_str; const char *cipher_str;
...@@ -209,7 +209,7 @@ retry: ...@@ -209,7 +209,7 @@ retry:
} }
crypt_info->ci_keyring_key = keyring_key; crypt_info->ci_keyring_key = keyring_key;
BUG_ON(keyring_key->type != &key_type_logon); BUG_ON(keyring_key->type != &key_type_logon);
ukp = ((struct user_key_payload *)keyring_key->payload.data); ukp = user_key_payload(keyring_key);
if (ukp->datalen != sizeof(struct ext4_encryption_key)) { if (ukp->datalen != sizeof(struct ext4_encryption_key)) {
res = -EINVAL;