keys: Network namespace domain tag

Create key domain tags for network namespaces and make it possible to automatically tag keys that are used by networked services (e.g. AF_RXRPC, AFS, DNS) with the default network namespace if not set by the caller. This allows keys with the same description but in different namespaces to coexist within a keyring. Signed-off-by: David Howells <dhowells@redhat.com> cc: netdev@vger.kernel.org cc: linux-nfs@vger.kernel.org cc: linux-cifs@vger.kernel.org cc: linux-afs@lists.infradead.org
author: David Howells <dhowells@redhat.com> 2019-06-26 21:02:33 +0100
committer: David Howells <dhowells@redhat.com> 2019-06-26 21:02:33 +0100
commit: 9b242610514fe387ef957bce05e1fdd3efd60359 (patch)
tree: 57917a3649c3a4b0bd66a54fbab24c4ca644ab56 /include/net
parent: 218e6424e711ceee31eeba93212fed8ee92d6a11 (diff)
download: linux-9b242610514fe387ef957bce05e1fdd3efd60359.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/include/net/net_namespace.h b/include/net/net_namespace.h
index 12689ddfc24c..a56bf7fc7c2b 100644
--- a/include/net/net_namespace.h
+++ b/include/net/net_namespace.h
@@ -71,6 +71,9 @@ struct net {
 						 */
 	struct llist_node	cleanup_list;	/* namespaces on death row */
 
+#ifdef CONFIG_KEYS
+	struct key_tag		*key_domain;	/* Key domain of operation tag */
+#endif
 	struct user_namespace   *user_ns;	/* Owning user namespace */
 	struct ucounts		*ucounts;
 	spinlock_t		nsid_lock;
author	David Howells <dhowells@redhat.com>	2019-06-26 21:02:33 +0100
committer	David Howells <dhowells@redhat.com>	2019-06-26 21:02:33 +0100
commit	9b242610514fe387ef957bce05e1fdd3efd60359 (patch)
tree	57917a3649c3a4b0bd66a54fbab24c4ca644ab56 /include/net
parent	218e6424e711ceee31eeba93212fed8ee92d6a11 (diff)
download	linux-9b242610514fe387ef957bce05e1fdd3efd60359.tar.gz