162306a36Sopenharmony_ci// SPDX-License-Identifier: GPL-2.0-or-later 262306a36Sopenharmony_ci/* Key management controls 362306a36Sopenharmony_ci * 462306a36Sopenharmony_ci * Copyright (C) 2008 Red Hat, Inc. All Rights Reserved. 562306a36Sopenharmony_ci * Written by David Howells (dhowells@redhat.com) 662306a36Sopenharmony_ci */ 762306a36Sopenharmony_ci 862306a36Sopenharmony_ci#include <linux/key.h> 962306a36Sopenharmony_ci#include <linux/sysctl.h> 1062306a36Sopenharmony_ci#include "internal.h" 1162306a36Sopenharmony_ci 1262306a36Sopenharmony_cistatic struct ctl_table key_sysctls[] = { 1362306a36Sopenharmony_ci { 1462306a36Sopenharmony_ci .procname = "maxkeys", 1562306a36Sopenharmony_ci .data = &key_quota_maxkeys, 1662306a36Sopenharmony_ci .maxlen = sizeof(unsigned), 1762306a36Sopenharmony_ci .mode = 0644, 1862306a36Sopenharmony_ci .proc_handler = proc_dointvec_minmax, 1962306a36Sopenharmony_ci .extra1 = (void *) SYSCTL_ONE, 2062306a36Sopenharmony_ci .extra2 = (void *) SYSCTL_INT_MAX, 2162306a36Sopenharmony_ci }, 2262306a36Sopenharmony_ci { 2362306a36Sopenharmony_ci .procname = "maxbytes", 2462306a36Sopenharmony_ci .data = &key_quota_maxbytes, 2562306a36Sopenharmony_ci .maxlen = sizeof(unsigned), 2662306a36Sopenharmony_ci .mode = 0644, 2762306a36Sopenharmony_ci .proc_handler = proc_dointvec_minmax, 2862306a36Sopenharmony_ci .extra1 = (void *) SYSCTL_ONE, 2962306a36Sopenharmony_ci .extra2 = (void *) SYSCTL_INT_MAX, 3062306a36Sopenharmony_ci }, 3162306a36Sopenharmony_ci { 3262306a36Sopenharmony_ci .procname = "root_maxkeys", 3362306a36Sopenharmony_ci .data = &key_quota_root_maxkeys, 3462306a36Sopenharmony_ci .maxlen = sizeof(unsigned), 3562306a36Sopenharmony_ci .mode = 0644, 3662306a36Sopenharmony_ci .proc_handler = proc_dointvec_minmax, 3762306a36Sopenharmony_ci .extra1 = (void *) SYSCTL_ONE, 3862306a36Sopenharmony_ci .extra2 = (void *) SYSCTL_INT_MAX, 3962306a36Sopenharmony_ci }, 4062306a36Sopenharmony_ci { 4162306a36Sopenharmony_ci .procname = "root_maxbytes", 4262306a36Sopenharmony_ci .data = &key_quota_root_maxbytes, 4362306a36Sopenharmony_ci .maxlen = sizeof(unsigned), 4462306a36Sopenharmony_ci .mode = 0644, 4562306a36Sopenharmony_ci .proc_handler = proc_dointvec_minmax, 4662306a36Sopenharmony_ci .extra1 = (void *) SYSCTL_ONE, 4762306a36Sopenharmony_ci .extra2 = (void *) SYSCTL_INT_MAX, 4862306a36Sopenharmony_ci }, 4962306a36Sopenharmony_ci { 5062306a36Sopenharmony_ci .procname = "gc_delay", 5162306a36Sopenharmony_ci .data = &key_gc_delay, 5262306a36Sopenharmony_ci .maxlen = sizeof(unsigned), 5362306a36Sopenharmony_ci .mode = 0644, 5462306a36Sopenharmony_ci .proc_handler = proc_dointvec_minmax, 5562306a36Sopenharmony_ci .extra1 = (void *) SYSCTL_ZERO, 5662306a36Sopenharmony_ci .extra2 = (void *) SYSCTL_INT_MAX, 5762306a36Sopenharmony_ci }, 5862306a36Sopenharmony_ci#ifdef CONFIG_PERSISTENT_KEYRINGS 5962306a36Sopenharmony_ci { 6062306a36Sopenharmony_ci .procname = "persistent_keyring_expiry", 6162306a36Sopenharmony_ci .data = &persistent_keyring_expiry, 6262306a36Sopenharmony_ci .maxlen = sizeof(unsigned), 6362306a36Sopenharmony_ci .mode = 0644, 6462306a36Sopenharmony_ci .proc_handler = proc_dointvec_minmax, 6562306a36Sopenharmony_ci .extra1 = (void *) SYSCTL_ZERO, 6662306a36Sopenharmony_ci .extra2 = (void *) SYSCTL_INT_MAX, 6762306a36Sopenharmony_ci }, 6862306a36Sopenharmony_ci#endif 6962306a36Sopenharmony_ci { } 7062306a36Sopenharmony_ci}; 7162306a36Sopenharmony_ci 7262306a36Sopenharmony_cistatic int __init init_security_keys_sysctls(void) 7362306a36Sopenharmony_ci{ 7462306a36Sopenharmony_ci register_sysctl_init("kernel/keys", key_sysctls); 7562306a36Sopenharmony_ci return 0; 7662306a36Sopenharmony_ci} 7762306a36Sopenharmony_ciearly_initcall(init_security_keys_sysctls); 78