KEYS: Add an alloc flag to convey the builtinness of a key

Add KEY_ALLOC_BUILT_IN to convey that a key should have KEY_FLAG_BUILTIN set rather than setting it after the fact. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
author: David Howells <dhowells@redhat.com> 2016-02-09 16:40:46 +0000
committer: David Howells <dhowells@redhat.com> 2016-02-09 16:40:46 +0000
commit: 5d2787cf0b210d2925e8d44e2e79241385249d6b (patch)
tree: 2012c87cf103d8d33ae55f3db822fc380e0280b7 /certs/system_keyring.c
parent: 411a6f585c0f7695942497ae1a0f3f313cefc6e0 (diff)
download: linux-5d2787cf0b210d2925e8d44e2e79241385249d6b.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/certs/system_keyring.c b/certs/system_keyring.c
index 2570598b784d..f4180326c2e1 100644
--- a/certs/system_keyring.c
+++ b/certs/system_keyring.c
@@ -84,12 +84,12 @@ static __init int load_system_certificate_list(void)
 					   ((KEY_POS_ALL & ~KEY_POS_SETATTR) |
 					   KEY_USR_VIEW | KEY_USR_READ),
 					   KEY_ALLOC_NOT_IN_QUOTA |
-					   KEY_ALLOC_TRUSTED);
+					   KEY_ALLOC_TRUSTED |
+					   KEY_ALLOC_BUILT_IN);
 		if (IS_ERR(key)) {
 			pr_err("Problem loading in-kernel X.509 certificate (%ld)\n",
 			       PTR_ERR(key));
 		} else {
-			set_bit(KEY_FLAG_BUILTIN, &key_ref_to_ptr(key)->flags);
 			pr_notice("Loaded X.509 cert '%s'\n",
 				  key_ref_to_ptr(key)->description);
 			key_ref_put(key);
author	David Howells <dhowells@redhat.com>	2016-02-09 16:40:46 +0000
committer	David Howells <dhowells@redhat.com>	2016-02-09 16:40:46 +0000
commit	5d2787cf0b210d2925e8d44e2e79241385249d6b (patch)
tree	2012c87cf103d8d33ae55f3db822fc380e0280b7 /certs/system_keyring.c
parent	411a6f585c0f7695942497ae1a0f3f313cefc6e0 (diff)
download	linux-5d2787cf0b210d2925e8d44e2e79241385249d6b.tar.gz