[deliverable/linux.git] / include / linux / key.h

/* key.h: authentication token and access key management
 *
 * Copyright (C) 2004 Red Hat, Inc. All Rights Reserved.
 * Written by David Howells (dhowells@redhat.com)
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version
 * 2 of the License, or (at your option) any later version.
 *
 *
 * See Documentation/keys.txt for information on keys/keyrings.
 */

#ifndef _LINUX_KEY_H
#define _LINUX_KEY_H

#include <linux/types.h>
#include <linux/list.h>
#include <linux/rbtree.h>
#include <linux/rcupdate.h>
#include <asm/atomic.h>

#ifdef __KERNEL__

/* key handle serial number */
typedef int32_t key_serial_t;

/* key handle permissions mask */
typedef uint32_t key_perm_t;

struct key;

#ifdef CONFIG_KEYS

#undef KEY_DEBUGGING

#define KEY_POS_VIEW	0x01000000	/* possessor can view a key's attributes */
#define KEY_POS_READ	0x02000000	/* possessor can read key payload / view keyring */
#define KEY_POS_WRITE	0x04000000	/* possessor can update key payload / add link to keyring */
#define KEY_POS_SEARCH	0x08000000	/* possessor can find a key in search / search a keyring */
#define KEY_POS_LINK	0x10000000	/* possessor can create a link to a key/keyring */
#define KEY_POS_ALL	0x1f000000

#define KEY_USR_VIEW	0x00010000	/* user permissions... */
#define KEY_USR_READ	0x00020000
#define KEY_USR_WRITE	0x00040000
#define KEY_USR_SEARCH	0x00080000
#define KEY_USR_LINK	0x00100000
#define KEY_USR_ALL	0x001f0000

#define KEY_GRP_VIEW	0x00000100	/* group permissions... */
#define KEY_GRP_READ	0x00000200
#define KEY_GRP_WRITE	0x00000400
#define KEY_GRP_SEARCH	0x00000800
#define KEY_GRP_LINK	0x00001000
#define KEY_GRP_ALL	0x00001f00

#define KEY_OTH_VIEW	0x00000001	/* third party permissions... */
#define KEY_OTH_READ	0x00000002
#define KEY_OTH_WRITE	0x00000004
#define KEY_OTH_SEARCH	0x00000008
#define KEY_OTH_LINK	0x00000010
#define KEY_OTH_ALL	0x0000001f

struct seq_file;
struct user_struct;
struct signal_struct;

struct key_type;
struct key_owner;
struct keyring_list;
struct keyring_name;

/*****************************************************************************/
/*
 * key reference with possession attribute handling
 *
 * NOTE! key_ref_t is a typedef'd pointer to a type that is not actually
 * defined. This is because we abuse the bottom bit of the reference to carry a
 * flag to indicate whether the calling process possesses that key in one of
 * its keyrings.
 *
 * the key_ref_t has been made a separate type so that the compiler can reject
 * attempts to dereference it without proper conversion.
 *
 * the three functions are used to assemble and disassemble references
 */
typedef struct __key_reference_with_attributes *key_ref_t;

static inline key_ref_t make_key_ref(const struct key *key,
				     unsigned long possession)
{
	return (key_ref_t) ((unsigned long) key | possession);
}

static inline struct key *key_ref_to_ptr(const key_ref_t key_ref)
{
	return (struct key *) ((unsigned long) key_ref & ~1UL);
}

static inline unsigned long is_key_possessed(const key_ref_t key_ref)
{
	return (unsigned long) key_ref & 1UL;
}

/*****************************************************************************/
/*
 * authentication token / access credential / keyring
 * - types of key include:
 *   - keyrings
 *   - disk encryption IDs
 *   - Kerberos TGTs and tickets
 */
struct key {
	atomic_t		usage;		/* number of references */
	key_serial_t		serial;		/* key serial number */
	struct rb_node		serial_node;
	struct key_type		*type;		/* type of key */
	struct rw_semaphore	sem;		/* change vs change sem */
	struct key_user		*user;		/* owner of this key */
	time_t			expiry;		/* time at which key expires (or 0) */
	uid_t			uid;
	gid_t			gid;
	key_perm_t		perm;		/* access permissions */
	unsigned short		quotalen;	/* length added to quota */
	unsigned short		datalen;	/* payload data length
						 * - may not match RCU dereferenced payload
						 * - payload should contain own length
						 */

#ifdef KEY_DEBUGGING
	unsigned		magic;
#define KEY_DEBUG_MAGIC		0x18273645u
#define KEY_DEBUG_MAGIC_X	0xf8e9dacbu
#endif

	unsigned long		flags;		/* status flags (change with bitops) */
#define KEY_FLAG_INSTANTIATED	0	/* set if key has been instantiated */
#define KEY_FLAG_DEAD		1	/* set if key type has been deleted */
#define KEY_FLAG_REVOKED	2	/* set if key had been revoked */
#define KEY_FLAG_IN_QUOTA	3	/* set if key consumes quota */
#define KEY_FLAG_USER_CONSTRUCT	4	/* set if key is being constructed in userspace */
#define KEY_FLAG_NEGATIVE	5	/* set if key is negative */

	/* the description string
	 * - this is used to match a key against search criteria
	 * - this should be a printable string
	 * - eg: for krb5 AFS, this might be "afs@REDHAT.COM"
	 */
	char			*description;

	/* type specific data
	 * - this is used by the keyring type to index the name
	 */
	union {
		struct list_head	link;
	} type_data;

	/* key data
	 * - this is used to hold the data actually used in cryptography or
	 *   whatever
	 */
	union {
		unsigned long		value;
		void			*data;
		struct keyring_list	*subscriptions;
	} payload;
};

/*****************************************************************************/
/*
 * kernel managed key type definition
 */
struct key_type {
	/* name of the type */
	const char *name;

	/* default payload length for quota precalculation (optional)
	 * - this can be used instead of calling key_payload_reserve(), that
	 *   function only needs to be called if the real datalen is different
	 */
	size_t def_datalen;

	/* instantiate a key of this type
	 * - this method should call key_payload_reserve() to determine if the
	 *   user's quota will hold the payload
	 */
	int (*instantiate)(struct key *key, const void *data, size_t datalen);

	/* duplicate a key of this type (optional)
	 * - the source key will be locked against change
	 * - the new description will be attached
	 * - the quota will have been adjusted automatically from
	 *   source->quotalen
	 */
	int (*duplicate)(struct key *key, const struct key *source);

	/* update a key of this type (optional)
	 * - this method should call key_payload_reserve() to recalculate the
	 *   quota consumption
	 * - the key must be locked against read when modifying
	 */
	int (*update)(struct key *key, const void *data, size_t datalen);

	/* match a key against a description */
	int (*match)(const struct key *key, const void *desc);

	/* clear the data from a key (optional) */
	void (*destroy)(struct key *key);

	/* describe a key */
	void (*describe)(const struct key *key, struct seq_file *p);

	/* read a key's data (optional)
	 * - permission checks will be done by the caller
	 * - the key's semaphore will be readlocked by the caller
	 * - should return the amount of data that could be read, no matter how
	 *   much is copied into the buffer
	 * - shouldn't do the copy if the buffer is NULL
	 */
	long (*read)(const struct key *key, char __user *buffer, size_t buflen);

	/* internal fields */
	struct list_head	link;		/* link in types list */
};

extern struct key_type key_type_keyring;

extern int register_key_type(struct key_type *ktype);
extern void unregister_key_type(struct key_type *ktype);

extern struct key *key_alloc(struct key_type *type,
			     const char *desc,
			     uid_t uid, gid_t gid, key_perm_t perm,
			     int not_in_quota);
extern int key_payload_reserve(struct key *key, size_t datalen);
extern int key_instantiate_and_link(struct key *key,
				    const void *data,
				    size_t datalen,
				    struct key *keyring,
				    struct key *instkey);
extern int key_negate_and_link(struct key *key,
			       unsigned timeout,
			       struct key *keyring,
			       struct key *instkey);
extern void key_revoke(struct key *key);
extern void key_put(struct key *key);

static inline struct key *key_get(struct key *key)
{
	if (key)
		atomic_inc(&key->usage);
	return key;
}

static inline void key_ref_put(key_ref_t key_ref)
{
	key_put(key_ref_to_ptr(key_ref));
}

extern struct key *request_key(struct key_type *type,
			       const char *description,
			       const char *callout_info);

extern int key_validate(struct key *key);

extern key_ref_t key_create_or_update(key_ref_t keyring,
				      const char *type,
				      const char *description,
				      const void *payload,
				      size_t plen,
				      int not_in_quota);

extern int key_update(key_ref_t key,
		      const void *payload,
		      size_t plen);

extern int key_link(struct key *keyring,
		    struct key *key);

extern int key_unlink(struct key *keyring,
		      struct key *key);

extern struct key *keyring_alloc(const char *description, uid_t uid, gid_t gid,
				 int not_in_quota, struct key *dest);

extern int keyring_clear(struct key *keyring);

extern key_ref_t keyring_search(key_ref_t keyring,
				struct key_type *type,
				const char *description);

extern int keyring_add_key(struct key *keyring,
			   struct key *key);

extern struct key *key_lookup(key_serial_t id);

extern void keyring_replace_payload(struct key *key, void *replacement);

#define key_serial(key) ((key) ? (key)->serial : 0)

/*
 * the userspace interface
 */
extern struct key root_user_keyring, root_session_keyring;
extern int alloc_uid_keyring(struct user_struct *user);
extern void switch_uid_keyring(struct user_struct *new_user);
extern int copy_keys(unsigned long clone_flags, struct task_struct *tsk);
extern int copy_thread_group_keys(struct task_struct *tsk);
extern void exit_keys(struct task_struct *tsk);
extern void exit_thread_group_keys(struct signal_struct *tg);
extern int suid_keys(struct task_struct *tsk);
extern int exec_keys(struct task_struct *tsk);
extern void key_fsuid_changed(struct task_struct *tsk);
extern void key_fsgid_changed(struct task_struct *tsk);
extern void key_init(void);

#define __install_session_keyring(tsk, keyring)			\
({								\
	struct key *old_session = tsk->signal->session_keyring;	\
	tsk->signal->session_keyring = keyring;			\
	old_session;						\
})

#else /* CONFIG_KEYS */

#define key_validate(k)			0
#define key_serial(k)			0
#define key_get(k) 			({ NULL; })
#define key_put(k)			do { } while(0)
#define key_ref_put(k)			do { } while(0)
#define make_key_ref(k)			({ NULL; })
#define key_ref_to_ptr(k)		({ NULL; })
#define is_key_possessed(k)		0
#define alloc_uid_keyring(u)		0
#define switch_uid_keyring(u)		do { } while(0)
#define __install_session_keyring(t, k)	({ NULL; })
#define copy_keys(f,t)			0
#define copy_thread_group_keys(t)	0
#define exit_keys(t)			do { } while(0)
#define exit_thread_group_keys(tg)	do { } while(0)
#define suid_keys(t)			do { } while(0)
#define exec_keys(t)			do { } while(0)
#define key_fsuid_changed(t)		do { } while(0)
#define key_fsgid_changed(t)		do { } while(0)
#define key_init()			do { } while(0)

#endif /* CONFIG_KEYS */
#endif /* __KERNEL__ */
#endif /* _LINUX_KEY_H */
Commit	Line	Data
1da177e4 LT	1	/* key.h: authentication token and access key management
	2	*
	3	* Copyright (C) 2004 Red Hat, Inc. All Rights Reserved.
	4	* Written by David Howells (dhowells@redhat.com)
	5	*
	6	* This program is free software; you can redistribute it and/or
	7	* modify it under the terms of the GNU General Public License
	8	* as published by the Free Software Foundation; either version
	9	* 2 of the License, or (at your option) any later version.
	10	*
	11	*
	12	* See Documentation/keys.txt for information on keys/keyrings.
	13	*/
	14
	15	#ifndef _LINUX_KEY_H
	16	#define _LINUX_KEY_H
	17
	18	#include <linux/types.h>
	19	#include <linux/list.h>
	20	#include <linux/rbtree.h>
76d8aeab	21	#include <linux/rcupdate.h>
1da177e4 LT	22	#include <asm/atomic.h>
	23
	24	#ifdef __KERNEL__
	25
	26	/* key handle serial number */
	27	typedef int32_t key_serial_t;
	28
	29	/* key handle permissions mask */
	30	typedef uint32_t key_perm_t;
	31
	32	struct key;
	33
	34	#ifdef CONFIG_KEYS
	35
	36	#undef KEY_DEBUGGING
	37
664cceb0 DH	38	#define KEY_POS_VIEW 0x01000000 /* possessor can view a key's attributes */
	39	#define KEY_POS_READ 0x02000000 /* possessor can read key payload / view keyring */
	40	#define KEY_POS_WRITE 0x04000000 /* possessor can update key payload / add link to keyring */
	41	#define KEY_POS_SEARCH 0x08000000 /* possessor can find a key in search / search a keyring */
	42	#define KEY_POS_LINK 0x10000000 /* possessor can create a link to a key/keyring */
	43	#define KEY_POS_ALL 0x1f000000
	44
	45	#define KEY_USR_VIEW 0x00010000 /* user permissions... */
	46	#define KEY_USR_READ 0x00020000
	47	#define KEY_USR_WRITE 0x00040000
	48	#define KEY_USR_SEARCH 0x00080000
	49	#define KEY_USR_LINK 0x00100000
1da177e4 LT	50	#define KEY_USR_ALL 0x001f0000
	51
	52	#define KEY_GRP_VIEW 0x00000100 /* group permissions... */
	53	#define KEY_GRP_READ 0x00000200
	54	#define KEY_GRP_WRITE 0x00000400
	55	#define KEY_GRP_SEARCH 0x00000800
	56	#define KEY_GRP_LINK 0x00001000
	57	#define KEY_GRP_ALL 0x00001f00
	58
	59	#define KEY_OTH_VIEW 0x00000001 /* third party permissions... */
	60	#define KEY_OTH_READ 0x00000002
	61	#define KEY_OTH_WRITE 0x00000004
	62	#define KEY_OTH_SEARCH 0x00000008
	63	#define KEY_OTH_LINK 0x00000010
	64	#define KEY_OTH_ALL 0x0000001f
	65
	66	struct seq_file;
	67	struct user_struct;
	68	struct signal_struct;
	69
	70	struct key_type;
	71	struct key_owner;
	72	struct keyring_list;
	73	struct keyring_name;
	74
664cceb0 DH	75	/*****************************************************************************/
	76	/*
	77	* key reference with possession attribute handling
	78	*
	79	* NOTE! key_ref_t is a typedef'd pointer to a type that is not actually
	80	* defined. This is because we abuse the bottom bit of the reference to carry a
	81	* flag to indicate whether the calling process possesses that key in one of
	82	* its keyrings.
	83	*
	84	* the key_ref_t has been made a separate type so that the compiler can reject
	85	* attempts to dereference it without proper conversion.
	86	*
	87	* the three functions are used to assemble and disassemble references
	88	*/
	89	typedef struct __key_reference_with_attributes *key_ref_t;
	90
	91	static inline key_ref_t make_key_ref(const struct key *key,
	92	unsigned long possession)
	93	{
	94	return (key_ref_t) ((unsigned long) key \| possession);
	95	}
	96
	97	static inline struct key *key_ref_to_ptr(const key_ref_t key_ref)
	98	{
	99	return (struct key *) ((unsigned long) key_ref & ~1UL);
	100	}
	101
	102	static inline unsigned long is_key_possessed(const key_ref_t key_ref)
	103	{
	104	return (unsigned long) key_ref & 1UL;
	105	}
	106
1da177e4 LT	107	/*****************************************************************************/
	108	/*
	109	* authentication token / access credential / keyring
	110	* - types of key include:
	111	* - keyrings
	112	* - disk encryption IDs
	113	* - Kerberos TGTs and tickets
	114	*/
	115	struct key {
	116	atomic_t usage; /* number of references */
	117	key_serial_t serial; /* key serial number */
	118	struct rb_node serial_node;
	119	struct key_type type; / type of key */
1da177e4 LT	120	struct rw_semaphore sem; /* change vs change sem */
	121	struct key_user user; / owner of this key */
	122	time_t expiry; /* time at which key expires (or 0) */
	123	uid_t uid;
	124	gid_t gid;
	125	key_perm_t perm; /* access permissions */
	126	unsigned short quotalen; /* length added to quota */
76d8aeab DH	127	unsigned short datalen; /* payload data length
	128	* - may not match RCU dereferenced payload
	129	* - payload should contain own length
	130	*/
1da177e4 LT	131
	132	#ifdef KEY_DEBUGGING
	133	unsigned magic;
	134	#define KEY_DEBUG_MAGIC 0x18273645u
	135	#define KEY_DEBUG_MAGIC_X 0xf8e9dacbu
	136	#endif
	137
76d8aeab DH	138	unsigned long flags; /* status flags (change with bitops) */
	139	#define KEY_FLAG_INSTANTIATED 0 /* set if key has been instantiated */
	140	#define KEY_FLAG_DEAD 1 /* set if key type has been deleted */
	141	#define KEY_FLAG_REVOKED 2 /* set if key had been revoked */
	142	#define KEY_FLAG_IN_QUOTA 3 /* set if key consumes quota */
	143	#define KEY_FLAG_USER_CONSTRUCT 4 /* set if key is being constructed in userspace */
	144	#define KEY_FLAG_NEGATIVE 5 /* set if key is negative */
	145
1da177e4 LT	146	/* the description string
	147	* - this is used to match a key against search criteria
	148	* - this should be a printable string
	149	* - eg: for krb5 AFS, this might be "afs@REDHAT.COM"
	150	*/
	151	char *description;
	152
	153	/* type specific data
	154	* - this is used by the keyring type to index the name
	155	*/
	156	union {
	157	struct list_head link;
	158	} type_data;
	159
	160	/* key data
	161	* - this is used to hold the data actually used in cryptography or
	162	* whatever
	163	*/
	164	union {
	165	unsigned long value;
	166	void *data;
	167	struct keyring_list *subscriptions;
	168	} payload;
	169	};
	170
	171	/*****************************************************************************/
	172	/*
	173	* kernel managed key type definition
	174	*/
	175	struct key_type {
	176	/* name of the type */
	177	const char *name;
	178
	179	/* default payload length for quota precalculation (optional)
	180	* - this can be used instead of calling key_payload_reserve(), that
	181	* function only needs to be called if the real datalen is different
	182	*/
	183	size_t def_datalen;
	184
	185	/* instantiate a key of this type
	186	* - this method should call key_payload_reserve() to determine if the
	187	* user's quota will hold the payload
	188	*/
	189	int (instantiate)(struct key key, const void *data, size_t datalen);
	190
	191	/* duplicate a key of this type (optional)
	192	* - the source key will be locked against change
	193	* - the new description will be attached
	194	* - the quota will have been adjusted automatically from
	195	* source->quotalen
	196	*/
	197	int (duplicate)(struct key key, const struct key *source);
	198
	199	/* update a key of this type (optional)
	200	* - this method should call key_payload_reserve() to recalculate the
	201	* quota consumption
	202	* - the key must be locked against read when modifying
	203	*/
	204	int (update)(struct key key, const void *data, size_t datalen);
	205
	206	/* match a key against a description */
	207	int (match)(const struct key key, const void *desc);
	208
	209	/* clear the data from a key (optional) */
210	void (destroy)(struct key key);
211
212	/* describe a key */
213	void (describe)(const struct key key, struct seq_file *p);
214
215	/* read a key's data (optional)
216	* - permission checks will be done by the caller
217	* - the key's semaphore will be readlocked by the caller
218	* - should return the amount of data that could be read, no matter how
219	* much is copied into the buffer
220	* - shouldn't do the copy if the buffer is NULL
221	*/
222	long (read)(const struct key key, char __user *buffer, size_t buflen);
223
224	/* internal fields */
225	struct list_head link; /* link in types list */
226	};
227
228	extern struct key_type key_type_keyring;
229
230	extern int register_key_type(struct key_type *ktype);
231	extern void unregister_key_type(struct key_type *ktype);
232
233	extern struct key key_alloc(struct key_type type,
234	const char *desc,
235	uid_t uid, gid_t gid, key_perm_t perm,
236	int not_in_quota);
237	extern int key_payload_reserve(struct key *key, size_t datalen);
238	extern int key_instantiate_and_link(struct key *key,
239	const void *data,
240	size_t datalen,
3e30148c DH	241	struct key *keyring,
3e30148c DH	242	struct key *instkey);
1da177e4 LT	243	extern int key_negate_and_link(struct key *key,
1da177e4 LT	244	unsigned timeout,
3e30148c DH	245	struct key *keyring,
3e30148c DH	246	struct key *instkey);
1da177e4 LT	247	extern void key_revoke(struct key *key);
	248	extern void key_put(struct key *key);
	249
	250	static inline struct key key_get(struct key key)
	251	{
	252	if (key)
	253	atomic_inc(&key->usage);
	254	return key;
	255	}
	256
664cceb0 DH	257	static inline void key_ref_put(key_ref_t key_ref)
	258	{
	259	key_put(key_ref_to_ptr(key_ref));
	260	}
	261
1da177e4 LT	262	extern struct key request_key(struct key_type type,
	263	const char *description,
	264	const char *callout_info);
	265
	266	extern int key_validate(struct key *key);
	267
664cceb0 DH	268	extern key_ref_t key_create_or_update(key_ref_t keyring,
	269	const char *type,
	270	const char *description,
	271	const void *payload,
	272	size_t plen,
	273	int not_in_quota);
1da177e4	274
664cceb0	275	extern int key_update(key_ref_t key,
1da177e4 LT	276	const void *payload,
	277	size_t plen);
	278
	279	extern int key_link(struct key *keyring,
	280	struct key *key);
	281
	282	extern int key_unlink(struct key *keyring,
	283	struct key *key);
	284
	285	extern struct key keyring_alloc(const char description, uid_t uid, gid_t gid,
	286	int not_in_quota, struct key *dest);
	287
	288	extern int keyring_clear(struct key *keyring);
	289
664cceb0 DH	290	extern key_ref_t keyring_search(key_ref_t keyring,
	291	struct key_type *type,
	292	const char *description);
1da177e4	293
1da177e4 LT	294	extern int keyring_add_key(struct key *keyring,
	295	struct key *key);
	296
	297	extern struct key *key_lookup(key_serial_t id);
	298
76d8aeab DH	299	extern void keyring_replace_payload(struct key key, void replacement);
76d8aeab DH	300
1da177e4 LT	301	#define key_serial(key) ((key) ? (key)->serial : 0)
	302
	303	/*
	304	* the userspace interface
	305	*/
	306	extern struct key root_user_keyring, root_session_keyring;
	307	extern int alloc_uid_keyring(struct user_struct *user);
	308	extern void switch_uid_keyring(struct user_struct *new_user);
	309	extern int copy_keys(unsigned long clone_flags, struct task_struct *tsk);
	310	extern int copy_thread_group_keys(struct task_struct *tsk);
	311	extern void exit_keys(struct task_struct *tsk);
	312	extern void exit_thread_group_keys(struct signal_struct *tg);
	313	extern int suid_keys(struct task_struct *tsk);
	314	extern int exec_keys(struct task_struct *tsk);
	315	extern void key_fsuid_changed(struct task_struct *tsk);
	316	extern void key_fsgid_changed(struct task_struct *tsk);
	317	extern void key_init(void);
	318
7888e7ff DH	319	#define __install_session_keyring(tsk, keyring) \
	320	({ \
	321	struct key *old_session = tsk->signal->session_keyring; \
	322	tsk->signal->session_keyring = keyring; \
	323	old_session; \
	324	})
	325
1da177e4 LT	326	#else /* CONFIG_KEYS */
	327
	328	#define key_validate(k) 0
	329	#define key_serial(k) 0
7888e7ff	330	#define key_get(k) ({ NULL; })
1da177e4	331	#define key_put(k) do { } while(0)
664cceb0 DH	332	#define key_ref_put(k) do { } while(0)
	333	#define make_key_ref(k) ({ NULL; })
	334	#define key_ref_to_ptr(k) ({ NULL; })
	335	#define is_key_possessed(k) 0
1da177e4 LT	336	#define alloc_uid_keyring(u) 0
1da177e4 LT	337	#define switch_uid_keyring(u) do { } while(0)
7888e7ff	338	#define __install_session_keyring(t, k) ({ NULL; })
1da177e4 LT	339	#define copy_keys(f,t) 0
	340	#define copy_thread_group_keys(t) 0
	341	#define exit_keys(t) do { } while(0)
	342	#define exit_thread_group_keys(tg) do { } while(0)
	343	#define suid_keys(t) do { } while(0)
	344	#define exec_keys(t) do { } while(0)
	345	#define key_fsuid_changed(t) do { } while(0)
	346	#define key_fsgid_changed(t) do { } while(0)
	347	#define key_init() do { } while(0)
	348
	349	#endif /* CONFIG_KEYS */
	350	#endif /* __KERNEL__ */
	351	#endif /* _LINUX_KEY_H */