KEYS: Make the key matching functions return bool
Make the key matching functions pointed to by key_match_data::cmp return bool
rather than int.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Vivek Goyal <vgoyal@redhat.com>
diff --git a/crypto/asymmetric_keys/asymmetric_type.c b/crypto/asymmetric_keys/asymmetric_type.c
index 7c04989..7755f91 100644
--- a/crypto/asymmetric_keys/asymmetric_type.c
+++ b/crypto/asymmetric_keys/asymmetric_type.c
@@ -59,8 +59,8 @@
* "id:<id>" - request a key matching the ID
* "<subtype>:<id>" - request a key of a subtype
*/
-static int asymmetric_key_cmp(const struct key *key,
- const struct key_match_data *match_data)
+static bool asymmetric_key_cmp(const struct key *key,
+ const struct key_match_data *match_data)
{
const struct asymmetric_key_subtype *subtype = asymmetric_key_subtype(key);
const char *description = match_data->raw_data;
diff --git a/include/linux/key-type.h b/include/linux/key-type.h
index c14816b..ff9f1d3 100644
--- a/include/linux/key-type.h
+++ b/include/linux/key-type.h
@@ -56,10 +56,12 @@
* Preparsed matching criterion.
*/
struct key_match_data {
- /* Comparison function, defaults to type->match, but can be replaced by
- * type->match_preparse(). */
- int (*cmp)(const struct key *key,
- const struct key_match_data *match_data);
+ /* Comparison function, defaults to exact description match, but can be
+ * overridden by type->match_preparse(). Should return true if a match
+ * is found and false if not.
+ */
+ bool (*cmp)(const struct key *key,
+ const struct key_match_data *match_data);
const void *raw_data; /* Raw match data */
void *preparsed; /* For ->match_preparse() to stash stuff */
diff --git a/net/dns_resolver/dns_key.c b/net/dns_resolver/dns_key.c
index a07b9ba..31cd4fd 100644
--- a/net/dns_resolver/dns_key.c
+++ b/net/dns_resolver/dns_key.c
@@ -176,8 +176,8 @@
* The domain name may be a simple name or an absolute domain name (which
* should end with a period). The domain name is case-independent.
*/
-static int dns_resolver_cmp(const struct key *key,
- const struct key_match_data *match_data)
+static bool dns_resolver_cmp(const struct key *key,
+ const struct key_match_data *match_data)
{
int slen, dlen, ret = 0;
const char *src = key->description, *dsp = match_data->raw_data;
diff --git a/security/keys/internal.h b/security/keys/internal.h
index e66a16c..b8960c4 100644
--- a/security/keys/internal.h
+++ b/security/keys/internal.h
@@ -127,8 +127,8 @@
struct timespec now;
};
-extern int key_default_cmp(const struct key *key,
- const struct key_match_data *match_data);
+extern bool key_default_cmp(const struct key *key,
+ const struct key_match_data *match_data);
extern key_ref_t keyring_search_aux(key_ref_t keyring_ref,
struct keyring_search_context *ctx);
@@ -150,8 +150,8 @@
struct key *dest_keyring,
unsigned long flags);
-extern int lookup_user_key_possessed(const struct key *key,
- const struct key_match_data *match_data);
+extern bool lookup_user_key_possessed(const struct key *key,
+ const struct key_match_data *match_data);
extern key_ref_t lookup_user_key(key_serial_t id, unsigned long flags,
key_perm_t perm);
#define KEY_LOOKUP_CREATE 0x01
diff --git a/security/keys/keyring.c b/security/keys/keyring.c
index 253c9a0..8177010 100644
--- a/security/keys/keyring.c
+++ b/security/keys/keyring.c
@@ -513,8 +513,8 @@
/*
* By default, we keys found by getting an exact match on their descriptions.
*/
-int key_default_cmp(const struct key *key,
- const struct key_match_data *match_data)
+bool key_default_cmp(const struct key *key,
+ const struct key_match_data *match_data)
{
return strcmp(key->description, match_data->raw_data) == 0;
}
diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c
index 08bd533..bd536cb 100644
--- a/security/keys/process_keys.c
+++ b/security/keys/process_keys.c
@@ -489,8 +489,8 @@
/*
* See if the key we're looking at is the target key.
*/
-int lookup_user_key_possessed(const struct key *key,
- const struct key_match_data *match_data)
+bool lookup_user_key_possessed(const struct key *key,
+ const struct key_match_data *match_data)
{
return key == match_data->raw_data;
}