^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1) // SPDX-License-Identifier: GPL-2.0-or-later
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2) /* Basic authentication token and access key management
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4) * Copyright (C) 2004-2008 Red Hat, Inc. All Rights Reserved.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 5) * Written by David Howells (dhowells@redhat.com)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 6) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 7)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 8) #include <linux/export.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 9) #include <linux/init.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10) #include <linux/poison.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11) #include <linux/sched.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12) #include <linux/slab.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13) #include <linux/security.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14) #include <linux/workqueue.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15) #include <linux/random.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16) #include <linux/ima.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17) #include <linux/err.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18) #include "internal.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20) struct kmem_cache *key_jar;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21) struct rb_root key_serial_tree; /* tree of keys indexed by serial */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22) DEFINE_SPINLOCK(key_serial_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24) struct rb_root key_user_tree; /* tree of quota records indexed by UID */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25) DEFINE_SPINLOCK(key_user_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27) unsigned int key_quota_root_maxkeys = 1000000; /* root's key count quota */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28) unsigned int key_quota_root_maxbytes = 25000000; /* root's key space quota */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29) unsigned int key_quota_maxkeys = 200; /* general key count quota */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30) unsigned int key_quota_maxbytes = 20000; /* general key space quota */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32) static LIST_HEAD(key_types_list);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33) static DECLARE_RWSEM(key_types_sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35) /* We serialise key instantiation and link */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36) DEFINE_MUTEX(key_construction_mutex);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38) #ifdef KEY_DEBUGGING
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39) void __key_check(const struct key *key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41) printk("__key_check: key %p {%08x} should be {%08x}\n",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42) key, key->magic, KEY_DEBUG_MAGIC);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43) BUG();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 45) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 46)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 47) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 48) * Get the key quota record for a user, allocating a new record if one doesn't
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 49) * already exist.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 50) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 51) struct key_user *key_user_lookup(kuid_t uid)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 52) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 53) struct key_user *candidate = NULL, *user;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 54) struct rb_node *parent, **p;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 55)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 56) try_again:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 57) parent = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 58) p = &key_user_tree.rb_node;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 59) spin_lock(&key_user_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 60)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 61) /* search the tree for a user record with a matching UID */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 62) while (*p) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 63) parent = *p;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 64) user = rb_entry(parent, struct key_user, node);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 65)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 66) if (uid_lt(uid, user->uid))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 67) p = &(*p)->rb_left;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 68) else if (uid_gt(uid, user->uid))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 69) p = &(*p)->rb_right;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 70) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 71) goto found;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 72) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 73)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 74) /* if we get here, we failed to find a match in the tree */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 75) if (!candidate) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 76) /* allocate a candidate user record if we don't already have
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 77) * one */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 78) spin_unlock(&key_user_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 79)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 80) user = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 81) candidate = kmalloc(sizeof(struct key_user), GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 82) if (unlikely(!candidate))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 83) goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 84)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 85) /* the allocation may have scheduled, so we need to repeat the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 86) * search lest someone else added the record whilst we were
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 87) * asleep */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 88) goto try_again;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 89) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 90)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 91) /* if we get here, then the user record still hadn't appeared on the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 92) * second pass - so we use the candidate record */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 93) refcount_set(&candidate->usage, 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 94) atomic_set(&candidate->nkeys, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 95) atomic_set(&candidate->nikeys, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 96) candidate->uid = uid;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 97) candidate->qnkeys = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 98) candidate->qnbytes = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 99) spin_lock_init(&candidate->lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) mutex_init(&candidate->cons_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) rb_link_node(&candidate->node, parent, p);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) rb_insert_color(&candidate->node, &key_user_tree);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) spin_unlock(&key_user_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) user = candidate;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) /* okay - we found a user record for this UID */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) found:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110) refcount_inc(&user->usage);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) spin_unlock(&key_user_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) kfree(candidate);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) out:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) return user;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118) * Dispose of a user structure
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) void key_user_put(struct key_user *user)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) if (refcount_dec_and_lock(&user->usage, &key_user_lock)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123) rb_erase(&user->node, &key_user_tree);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) spin_unlock(&key_user_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126) kfree(user);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131) * Allocate a serial number for a key. These are assigned randomly to avoid
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132) * security issues through covert channel problems.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134) static inline void key_alloc_serial(struct key *key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 136) struct rb_node *parent, **p;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 137) struct key *xkey;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 138)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 139) /* propose a random serial number and look for a hole for it in the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 140) * serial number tree */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 141) do {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 142) get_random_bytes(&key->serial, sizeof(key->serial));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 143)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 144) key->serial >>= 1; /* negative numbers are not permitted */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 145) } while (key->serial < 3);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 146)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 147) spin_lock(&key_serial_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 148)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 149) attempt_insertion:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 150) parent = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 151) p = &key_serial_tree.rb_node;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 152)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 153) while (*p) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 154) parent = *p;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 155) xkey = rb_entry(parent, struct key, serial_node);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 156)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 157) if (key->serial < xkey->serial)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 158) p = &(*p)->rb_left;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 159) else if (key->serial > xkey->serial)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 160) p = &(*p)->rb_right;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 161) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 162) goto serial_exists;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 163) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 164)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 165) /* we've found a suitable hole - arrange for this key to occupy it */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 166) rb_link_node(&key->serial_node, parent, p);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 167) rb_insert_color(&key->serial_node, &key_serial_tree);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 168)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 169) spin_unlock(&key_serial_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 170) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 171)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 172) /* we found a key with the proposed serial number - walk the tree from
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 173) * that point looking for the next unused serial number */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 174) serial_exists:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 175) for (;;) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 176) key->serial++;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 177) if (key->serial < 3) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 178) key->serial = 3;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 179) goto attempt_insertion;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 180) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 181)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 182) parent = rb_next(parent);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 183) if (!parent)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 184) goto attempt_insertion;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 185)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 186) xkey = rb_entry(parent, struct key, serial_node);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 187) if (key->serial < xkey->serial)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 188) goto attempt_insertion;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 189) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 190) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 191)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 192) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 193) * key_alloc - Allocate a key of the specified type.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 194) * @type: The type of key to allocate.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 195) * @desc: The key description to allow the key to be searched out.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 196) * @uid: The owner of the new key.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 197) * @gid: The group ID for the new key's group permissions.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 198) * @cred: The credentials specifying UID namespace.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 199) * @perm: The permissions mask of the new key.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 200) * @flags: Flags specifying quota properties.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 201) * @restrict_link: Optional link restriction for new keyrings.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 202) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 203) * Allocate a key of the specified type with the attributes given. The key is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 204) * returned in an uninstantiated state and the caller needs to instantiate the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 205) * key before returning.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 206) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 207) * The restrict_link structure (if not NULL) will be freed when the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 208) * keyring is destroyed, so it must be dynamically allocated.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 209) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 210) * The user's key count quota is updated to reflect the creation of the key and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 211) * the user's key data quota has the default for the key type reserved. The
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 212) * instantiation function should amend this as necessary. If insufficient
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 213) * quota is available, -EDQUOT will be returned.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 214) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 215) * The LSM security modules can prevent a key being created, in which case
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 216) * -EACCES will be returned.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 217) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 218) * Returns a pointer to the new key if successful and an error code otherwise.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 219) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 220) * Note that the caller needs to ensure the key type isn't uninstantiated.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 221) * Internally this can be done by locking key_types_sem. Externally, this can
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 222) * be done by either never unregistering the key type, or making sure
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 223) * key_alloc() calls don't race with module unloading.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 224) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 225) struct key *key_alloc(struct key_type *type, const char *desc,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 226) kuid_t uid, kgid_t gid, const struct cred *cred,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 227) key_perm_t perm, unsigned long flags,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 228) struct key_restriction *restrict_link)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 229) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 230) struct key_user *user = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 231) struct key *key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 232) size_t desclen, quotalen;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 233) int ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 234)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 235) key = ERR_PTR(-EINVAL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 236) if (!desc || !*desc)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 237) goto error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 238)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 239) if (type->vet_description) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 240) ret = type->vet_description(desc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 241) if (ret < 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 242) key = ERR_PTR(ret);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 243) goto error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 244) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 245) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 246)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 247) desclen = strlen(desc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 248) quotalen = desclen + 1 + type->def_datalen;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 249)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 250) /* get hold of the key tracking for this user */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 251) user = key_user_lookup(uid);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 252) if (!user)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 253) goto no_memory_1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 254)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 255) /* check that the user's quota permits allocation of another key and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 256) * its description */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 257) if (!(flags & KEY_ALLOC_NOT_IN_QUOTA)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 258) unsigned maxkeys = uid_eq(uid, GLOBAL_ROOT_UID) ?
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 259) key_quota_root_maxkeys : key_quota_maxkeys;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 260) unsigned maxbytes = uid_eq(uid, GLOBAL_ROOT_UID) ?
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 261) key_quota_root_maxbytes : key_quota_maxbytes;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 262)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 263) spin_lock(&user->lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 264) if (!(flags & KEY_ALLOC_QUOTA_OVERRUN)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 265) if (user->qnkeys + 1 > maxkeys ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 266) user->qnbytes + quotalen > maxbytes ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 267) user->qnbytes + quotalen < user->qnbytes)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 268) goto no_quota;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 269) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 270)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 271) user->qnkeys++;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 272) user->qnbytes += quotalen;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 273) spin_unlock(&user->lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 274) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 275)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 276) /* allocate and initialise the key and its description */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 277) key = kmem_cache_zalloc(key_jar, GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 278) if (!key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 279) goto no_memory_2;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 280)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 281) key->index_key.desc_len = desclen;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 282) key->index_key.description = kmemdup(desc, desclen + 1, GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 283) if (!key->index_key.description)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 284) goto no_memory_3;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 285) key->index_key.type = type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 286) key_set_index_key(&key->index_key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 287)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 288) refcount_set(&key->usage, 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 289) init_rwsem(&key->sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 290) lockdep_set_class(&key->sem, &type->lock_class);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 291) key->user = user;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 292) key->quotalen = quotalen;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 293) key->datalen = type->def_datalen;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 294) key->uid = uid;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 295) key->gid = gid;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 296) key->perm = perm;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 297) key->restrict_link = restrict_link;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 298) key->last_used_at = ktime_get_real_seconds();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 299)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 300) if (!(flags & KEY_ALLOC_NOT_IN_QUOTA))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 301) key->flags |= 1 << KEY_FLAG_IN_QUOTA;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 302) if (flags & KEY_ALLOC_BUILT_IN)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 303) key->flags |= 1 << KEY_FLAG_BUILTIN;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 304) if (flags & KEY_ALLOC_UID_KEYRING)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 305) key->flags |= 1 << KEY_FLAG_UID_KEYRING;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 306) if (flags & KEY_ALLOC_SET_KEEP)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 307) key->flags |= 1 << KEY_FLAG_KEEP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 308)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 309) #ifdef KEY_DEBUGGING
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 310) key->magic = KEY_DEBUG_MAGIC;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 311) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 312)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 313) /* let the security module know about the key */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 314) ret = security_key_alloc(key, cred, flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 315) if (ret < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 316) goto security_error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 317)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 318) /* publish the key by giving it a serial number */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 319) refcount_inc(&key->domain_tag->usage);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 320) atomic_inc(&user->nkeys);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 321) key_alloc_serial(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 322)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 323) error:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 324) return key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 325)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 326) security_error:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 327) kfree(key->description);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 328) kmem_cache_free(key_jar, key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 329) if (!(flags & KEY_ALLOC_NOT_IN_QUOTA)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 330) spin_lock(&user->lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 331) user->qnkeys--;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 332) user->qnbytes -= quotalen;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 333) spin_unlock(&user->lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 334) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 335) key_user_put(user);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 336) key = ERR_PTR(ret);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 337) goto error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 338)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 339) no_memory_3:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 340) kmem_cache_free(key_jar, key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 341) no_memory_2:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 342) if (!(flags & KEY_ALLOC_NOT_IN_QUOTA)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 343) spin_lock(&user->lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 344) user->qnkeys--;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 345) user->qnbytes -= quotalen;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 346) spin_unlock(&user->lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 347) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 348) key_user_put(user);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 349) no_memory_1:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 350) key = ERR_PTR(-ENOMEM);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 351) goto error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 352)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 353) no_quota:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 354) spin_unlock(&user->lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 355) key_user_put(user);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 356) key = ERR_PTR(-EDQUOT);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 357) goto error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 358) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 359) EXPORT_SYMBOL(key_alloc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 360)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 361) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 362) * key_payload_reserve - Adjust data quota reservation for the key's payload
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 363) * @key: The key to make the reservation for.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 364) * @datalen: The amount of data payload the caller now wants.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 365) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 366) * Adjust the amount of the owning user's key data quota that a key reserves.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 367) * If the amount is increased, then -EDQUOT may be returned if there isn't
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 368) * enough free quota available.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 369) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 370) * If successful, 0 is returned.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 371) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 372) int key_payload_reserve(struct key *key, size_t datalen)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 373) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 374) int delta = (int)datalen - key->datalen;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 375) int ret = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 376)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 377) key_check(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 378)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 379) /* contemplate the quota adjustment */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 380) if (delta != 0 && test_bit(KEY_FLAG_IN_QUOTA, &key->flags)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 381) unsigned maxbytes = uid_eq(key->user->uid, GLOBAL_ROOT_UID) ?
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 382) key_quota_root_maxbytes : key_quota_maxbytes;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 383)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 384) spin_lock(&key->user->lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 385)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 386) if (delta > 0 &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 387) (key->user->qnbytes + delta > maxbytes ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 388) key->user->qnbytes + delta < key->user->qnbytes)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 389) ret = -EDQUOT;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 390) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 391) else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 392) key->user->qnbytes += delta;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 393) key->quotalen += delta;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 394) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 395) spin_unlock(&key->user->lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 396) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 397)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 398) /* change the recorded data length if that didn't generate an error */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 399) if (ret == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 400) key->datalen = datalen;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 401)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 402) return ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 403) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 404) EXPORT_SYMBOL(key_payload_reserve);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 405)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 406) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 407) * Change the key state to being instantiated.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 408) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 409) static void mark_key_instantiated(struct key *key, int reject_error)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 410) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 411) /* Commit the payload before setting the state; barrier versus
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 412) * key_read_state().
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 413) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 414) smp_store_release(&key->state,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 415) (reject_error < 0) ? reject_error : KEY_IS_POSITIVE);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 416) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 417)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 418) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 419) * Instantiate a key and link it into the target keyring atomically. Must be
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 420) * called with the target keyring's semaphore writelocked. The target key's
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 421) * semaphore need not be locked as instantiation is serialised by
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 422) * key_construction_mutex.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 423) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 424) static int __key_instantiate_and_link(struct key *key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 425) struct key_preparsed_payload *prep,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 426) struct key *keyring,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 427) struct key *authkey,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 428) struct assoc_array_edit **_edit)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 429) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 430) int ret, awaken;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 431)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 432) key_check(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 433) key_check(keyring);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 434)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 435) awaken = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 436) ret = -EBUSY;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 437)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 438) mutex_lock(&key_construction_mutex);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 439)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 440) /* can't instantiate twice */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 441) if (key->state == KEY_IS_UNINSTANTIATED) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 442) /* instantiate the key */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 443) ret = key->type->instantiate(key, prep);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 444)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 445) if (ret == 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 446) /* mark the key as being instantiated */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 447) atomic_inc(&key->user->nikeys);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 448) mark_key_instantiated(key, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 449) notify_key(key, NOTIFY_KEY_INSTANTIATED, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 450)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 451) if (test_and_clear_bit(KEY_FLAG_USER_CONSTRUCT, &key->flags))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 452) awaken = 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 453)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 454) /* and link it into the destination keyring */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 455) if (keyring) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 456) if (test_bit(KEY_FLAG_KEEP, &keyring->flags))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 457) set_bit(KEY_FLAG_KEEP, &key->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 458)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 459) __key_link(keyring, key, _edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 460) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 461)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 462) /* disable the authorisation key */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 463) if (authkey)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 464) key_invalidate(authkey);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 465)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 466) if (prep->expiry != TIME64_MAX) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 467) key->expiry = prep->expiry;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 468) key_schedule_gc(prep->expiry + key_gc_delay);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 469) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 470) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 471) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 472)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 473) mutex_unlock(&key_construction_mutex);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 474)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 475) /* wake up anyone waiting for a key to be constructed */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 476) if (awaken)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 477) wake_up_bit(&key->flags, KEY_FLAG_USER_CONSTRUCT);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 478)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 479) return ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 480) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 481)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 482) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 483) * key_instantiate_and_link - Instantiate a key and link it into the keyring.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 484) * @key: The key to instantiate.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 485) * @data: The data to use to instantiate the keyring.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 486) * @datalen: The length of @data.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 487) * @keyring: Keyring to create a link in on success (or NULL).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 488) * @authkey: The authorisation token permitting instantiation.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 489) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 490) * Instantiate a key that's in the uninstantiated state using the provided data
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 491) * and, if successful, link it in to the destination keyring if one is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 492) * supplied.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 493) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 494) * If successful, 0 is returned, the authorisation token is revoked and anyone
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 495) * waiting for the key is woken up. If the key was already instantiated,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 496) * -EBUSY will be returned.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 497) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 498) int key_instantiate_and_link(struct key *key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 499) const void *data,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 500) size_t datalen,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 501) struct key *keyring,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 502) struct key *authkey)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 503) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 504) struct key_preparsed_payload prep;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 505) struct assoc_array_edit *edit = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 506) int ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 507)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 508) memset(&prep, 0, sizeof(prep));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 509) prep.data = data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 510) prep.datalen = datalen;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 511) prep.quotalen = key->type->def_datalen;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 512) prep.expiry = TIME64_MAX;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 513) if (key->type->preparse) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 514) ret = key->type->preparse(&prep);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 515) if (ret < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 516) goto error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 517) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 518)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 519) if (keyring) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 520) ret = __key_link_lock(keyring, &key->index_key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 521) if (ret < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 522) goto error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 523)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 524) ret = __key_link_begin(keyring, &key->index_key, &edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 525) if (ret < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 526) goto error_link_end;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 527)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 528) if (keyring->restrict_link && keyring->restrict_link->check) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 529) struct key_restriction *keyres = keyring->restrict_link;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 530)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 531) ret = keyres->check(keyring, key->type, &prep.payload,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 532) keyres->key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 533) if (ret < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 534) goto error_link_end;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 535) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 536) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 537)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 538) ret = __key_instantiate_and_link(key, &prep, keyring, authkey, &edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 539)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 540) error_link_end:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 541) if (keyring)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 542) __key_link_end(keyring, &key->index_key, edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 543)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 544) error:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 545) if (key->type->preparse)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 546) key->type->free_preparse(&prep);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 547) return ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 548) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 549)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 550) EXPORT_SYMBOL(key_instantiate_and_link);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 551)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 552) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 553) * key_reject_and_link - Negatively instantiate a key and link it into the keyring.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 554) * @key: The key to instantiate.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 555) * @timeout: The timeout on the negative key.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 556) * @error: The error to return when the key is hit.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 557) * @keyring: Keyring to create a link in on success (or NULL).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 558) * @authkey: The authorisation token permitting instantiation.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 559) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 560) * Negatively instantiate a key that's in the uninstantiated state and, if
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 561) * successful, set its timeout and stored error and link it in to the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 562) * destination keyring if one is supplied. The key and any links to the key
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 563) * will be automatically garbage collected after the timeout expires.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 564) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 565) * Negative keys are used to rate limit repeated request_key() calls by causing
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 566) * them to return the stored error code (typically ENOKEY) until the negative
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 567) * key expires.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 568) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 569) * If successful, 0 is returned, the authorisation token is revoked and anyone
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 570) * waiting for the key is woken up. If the key was already instantiated,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 571) * -EBUSY will be returned.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 572) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 573) int key_reject_and_link(struct key *key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 574) unsigned timeout,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 575) unsigned error,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 576) struct key *keyring,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 577) struct key *authkey)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 578) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 579) struct assoc_array_edit *edit = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 580) int ret, awaken, link_ret = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 581)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 582) key_check(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 583) key_check(keyring);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 584)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 585) awaken = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 586) ret = -EBUSY;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 587)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 588) if (keyring) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 589) if (keyring->restrict_link)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 590) return -EPERM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 591)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 592) link_ret = __key_link_lock(keyring, &key->index_key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 593) if (link_ret == 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 594) link_ret = __key_link_begin(keyring, &key->index_key, &edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 595) if (link_ret < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 596) __key_link_end(keyring, &key->index_key, edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 597) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 598) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 599)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 600) mutex_lock(&key_construction_mutex);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 601)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 602) /* can't instantiate twice */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 603) if (key->state == KEY_IS_UNINSTANTIATED) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 604) /* mark the key as being negatively instantiated */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 605) atomic_inc(&key->user->nikeys);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 606) mark_key_instantiated(key, -error);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 607) notify_key(key, NOTIFY_KEY_INSTANTIATED, -error);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 608) key->expiry = ktime_get_real_seconds() + timeout;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 609) key_schedule_gc(key->expiry + key_gc_delay);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 610)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 611) if (test_and_clear_bit(KEY_FLAG_USER_CONSTRUCT, &key->flags))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 612) awaken = 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 613)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 614) ret = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 615)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 616) /* and link it into the destination keyring */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 617) if (keyring && link_ret == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 618) __key_link(keyring, key, &edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 619)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 620) /* disable the authorisation key */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 621) if (authkey)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 622) key_invalidate(authkey);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 623) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 624)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 625) mutex_unlock(&key_construction_mutex);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 626)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 627) if (keyring && link_ret == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 628) __key_link_end(keyring, &key->index_key, edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 629)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 630) /* wake up anyone waiting for a key to be constructed */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 631) if (awaken)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 632) wake_up_bit(&key->flags, KEY_FLAG_USER_CONSTRUCT);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 633)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 634) return ret == 0 ? link_ret : ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 635) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 636) EXPORT_SYMBOL(key_reject_and_link);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 637)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 638) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 639) * key_put - Discard a reference to a key.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 640) * @key: The key to discard a reference from.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 641) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 642) * Discard a reference to a key, and when all the references are gone, we
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 643) * schedule the cleanup task to come and pull it out of the tree in process
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 644) * context at some later time.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 645) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 646) void key_put(struct key *key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 647) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 648) if (key) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 649) key_check(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 650)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 651) if (refcount_dec_and_test(&key->usage))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 652) schedule_work(&key_gc_work);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 653) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 654) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 655) EXPORT_SYMBOL(key_put);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 656)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 657) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 658) * Find a key by its serial number.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 659) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 660) struct key *key_lookup(key_serial_t id)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 661) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 662) struct rb_node *n;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 663) struct key *key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 664)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 665) spin_lock(&key_serial_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 666)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 667) /* search the tree for the specified key */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 668) n = key_serial_tree.rb_node;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 669) while (n) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 670) key = rb_entry(n, struct key, serial_node);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 671)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 672) if (id < key->serial)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 673) n = n->rb_left;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 674) else if (id > key->serial)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 675) n = n->rb_right;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 676) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 677) goto found;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 678) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 679)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 680) not_found:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 681) key = ERR_PTR(-ENOKEY);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 682) goto error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 683)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 684) found:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 685) /* A key is allowed to be looked up only if someone still owns a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 686) * reference to it - otherwise it's awaiting the gc.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 687) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 688) if (!refcount_inc_not_zero(&key->usage))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 689) goto not_found;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 690)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 691) error:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 692) spin_unlock(&key_serial_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 693) return key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 694) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 695)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 696) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 697) * Find and lock the specified key type against removal.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 698) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 699) * We return with the sem read-locked if successful. If the type wasn't
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 700) * available -ENOKEY is returned instead.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 701) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 702) struct key_type *key_type_lookup(const char *type)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 703) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 704) struct key_type *ktype;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 705)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 706) down_read(&key_types_sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 707)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 708) /* look up the key type to see if it's one of the registered kernel
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 709) * types */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 710) list_for_each_entry(ktype, &key_types_list, link) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 711) if (strcmp(ktype->name, type) == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 712) goto found_kernel_type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 713) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 714)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 715) up_read(&key_types_sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 716) ktype = ERR_PTR(-ENOKEY);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 717)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 718) found_kernel_type:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 719) return ktype;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 720) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 721)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 722) void key_set_timeout(struct key *key, unsigned timeout)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 723) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 724) time64_t expiry = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 725)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 726) /* make the changes with the locks held to prevent races */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 727) down_write(&key->sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 728)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 729) if (timeout > 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 730) expiry = ktime_get_real_seconds() + timeout;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 731)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 732) key->expiry = expiry;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 733) key_schedule_gc(key->expiry + key_gc_delay);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 734)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 735) up_write(&key->sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 736) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 737) EXPORT_SYMBOL_GPL(key_set_timeout);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 738)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 739) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 740) * Unlock a key type locked by key_type_lookup().
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 741) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 742) void key_type_put(struct key_type *ktype)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 743) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 744) up_read(&key_types_sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 745) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 746)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 747) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 748) * Attempt to update an existing key.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 749) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 750) * The key is given to us with an incremented refcount that we need to discard
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 751) * if we get an error.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 752) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 753) static inline key_ref_t __key_update(key_ref_t key_ref,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 754) struct key_preparsed_payload *prep)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 755) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 756) struct key *key = key_ref_to_ptr(key_ref);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 757) int ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 758)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 759) /* need write permission on the key to update it */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 760) ret = key_permission(key_ref, KEY_NEED_WRITE);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 761) if (ret < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 762) goto error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 763)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 764) ret = -EEXIST;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 765) if (!key->type->update)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 766) goto error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 767)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 768) down_write(&key->sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 769)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 770) ret = key->type->update(key, prep);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 771) if (ret == 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 772) /* Updating a negative key positively instantiates it */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 773) mark_key_instantiated(key, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 774) notify_key(key, NOTIFY_KEY_UPDATED, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 775) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 776)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 777) up_write(&key->sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 778)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 779) if (ret < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 780) goto error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 781) out:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 782) return key_ref;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 783)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 784) error:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 785) key_put(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 786) key_ref = ERR_PTR(ret);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 787) goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 788) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 789)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 790) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 791) * key_create_or_update - Update or create and instantiate a key.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 792) * @keyring_ref: A pointer to the destination keyring with possession flag.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 793) * @type: The type of key.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 794) * @description: The searchable description for the key.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 795) * @payload: The data to use to instantiate or update the key.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 796) * @plen: The length of @payload.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 797) * @perm: The permissions mask for a new key.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 798) * @flags: The quota flags for a new key.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 799) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 800) * Search the destination keyring for a key of the same description and if one
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 801) * is found, update it, otherwise create and instantiate a new one and create a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 802) * link to it from that keyring.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 803) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 804) * If perm is KEY_PERM_UNDEF then an appropriate key permissions mask will be
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 805) * concocted.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 806) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 807) * Returns a pointer to the new key if successful, -ENODEV if the key type
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 808) * wasn't available, -ENOTDIR if the keyring wasn't a keyring, -EACCES if the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 809) * caller isn't permitted to modify the keyring or the LSM did not permit
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 810) * creation of the key.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 811) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 812) * On success, the possession flag from the keyring ref will be tacked on to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 813) * the key ref before it is returned.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 814) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 815) key_ref_t key_create_or_update(key_ref_t keyring_ref,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 816) const char *type,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 817) const char *description,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 818) const void *payload,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 819) size_t plen,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 820) key_perm_t perm,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 821) unsigned long flags)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 822) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 823) struct keyring_index_key index_key = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 824) .description = description,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 825) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 826) struct key_preparsed_payload prep;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 827) struct assoc_array_edit *edit = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 828) const struct cred *cred = current_cred();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 829) struct key *keyring, *key = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 830) key_ref_t key_ref;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 831) int ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 832) struct key_restriction *restrict_link = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 833)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 834) /* look up the key type to see if it's one of the registered kernel
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 835) * types */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 836) index_key.type = key_type_lookup(type);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 837) if (IS_ERR(index_key.type)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 838) key_ref = ERR_PTR(-ENODEV);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 839) goto error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 840) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 841)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 842) key_ref = ERR_PTR(-EINVAL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 843) if (!index_key.type->instantiate ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 844) (!index_key.description && !index_key.type->preparse))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 845) goto error_put_type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 846)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 847) keyring = key_ref_to_ptr(keyring_ref);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 848)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 849) key_check(keyring);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 850)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 851) if (!(flags & KEY_ALLOC_BYPASS_RESTRICTION))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 852) restrict_link = keyring->restrict_link;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 853)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 854) key_ref = ERR_PTR(-ENOTDIR);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 855) if (keyring->type != &key_type_keyring)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 856) goto error_put_type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 857)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 858) memset(&prep, 0, sizeof(prep));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 859) prep.data = payload;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 860) prep.datalen = plen;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 861) prep.quotalen = index_key.type->def_datalen;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 862) prep.expiry = TIME64_MAX;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 863) if (index_key.type->preparse) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 864) ret = index_key.type->preparse(&prep);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 865) if (ret < 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 866) key_ref = ERR_PTR(ret);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 867) goto error_free_prep;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 868) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 869) if (!index_key.description)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 870) index_key.description = prep.description;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 871) key_ref = ERR_PTR(-EINVAL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 872) if (!index_key.description)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 873) goto error_free_prep;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 874) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 875) index_key.desc_len = strlen(index_key.description);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 876) key_set_index_key(&index_key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 877)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 878) ret = __key_link_lock(keyring, &index_key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 879) if (ret < 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 880) key_ref = ERR_PTR(ret);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 881) goto error_free_prep;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 882) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 883)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 884) ret = __key_link_begin(keyring, &index_key, &edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 885) if (ret < 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 886) key_ref = ERR_PTR(ret);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 887) goto error_link_end;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 888) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 889)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 890) if (restrict_link && restrict_link->check) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 891) ret = restrict_link->check(keyring, index_key.type,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 892) &prep.payload, restrict_link->key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 893) if (ret < 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 894) key_ref = ERR_PTR(ret);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 895) goto error_link_end;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 896) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 897) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 898)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 899) /* if we're going to allocate a new key, we're going to have
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 900) * to modify the keyring */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 901) ret = key_permission(keyring_ref, KEY_NEED_WRITE);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 902) if (ret < 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 903) key_ref = ERR_PTR(ret);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 904) goto error_link_end;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 905) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 906)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 907) /* if it's possible to update this type of key, search for an existing
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 908) * key of the same type and description in the destination keyring and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 909) * update that instead if possible
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 910) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 911) if (index_key.type->update) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 912) key_ref = find_key_to_update(keyring_ref, &index_key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 913) if (key_ref)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 914) goto found_matching_key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 915) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 916)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 917) /* if the client doesn't provide, decide on the permissions we want */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 918) if (perm == KEY_PERM_UNDEF) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 919) perm = KEY_POS_VIEW | KEY_POS_SEARCH | KEY_POS_LINK | KEY_POS_SETATTR;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 920) perm |= KEY_USR_VIEW;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 921)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 922) if (index_key.type->read)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 923) perm |= KEY_POS_READ;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 924)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 925) if (index_key.type == &key_type_keyring ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 926) index_key.type->update)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 927) perm |= KEY_POS_WRITE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 928) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 929)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 930) /* allocate a new key */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 931) key = key_alloc(index_key.type, index_key.description,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 932) cred->fsuid, cred->fsgid, cred, perm, flags, NULL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 933) if (IS_ERR(key)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 934) key_ref = ERR_CAST(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 935) goto error_link_end;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 936) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 937)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 938) /* instantiate it and link it into the target keyring */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 939) ret = __key_instantiate_and_link(key, &prep, keyring, NULL, &edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 940) if (ret < 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 941) key_put(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 942) key_ref = ERR_PTR(ret);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 943) goto error_link_end;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 944) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 945)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 946) ima_post_key_create_or_update(keyring, key, payload, plen,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 947) flags, true);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 948)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 949) key_ref = make_key_ref(key, is_key_possessed(keyring_ref));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 950)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 951) error_link_end:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 952) __key_link_end(keyring, &index_key, edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 953) error_free_prep:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 954) if (index_key.type->preparse)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 955) index_key.type->free_preparse(&prep);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 956) error_put_type:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 957) key_type_put(index_key.type);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 958) error:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 959) return key_ref;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 960)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 961) found_matching_key:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 962) /* we found a matching key, so we're going to try to update it
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 963) * - we can drop the locks first as we have the key pinned
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 964) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 965) __key_link_end(keyring, &index_key, edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 966)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 967) key = key_ref_to_ptr(key_ref);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 968) if (test_bit(KEY_FLAG_USER_CONSTRUCT, &key->flags)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 969) ret = wait_for_key_construction(key, true);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 970) if (ret < 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 971) key_ref_put(key_ref);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 972) key_ref = ERR_PTR(ret);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 973) goto error_free_prep;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 974) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 975) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 976)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 977) key_ref = __key_update(key_ref, &prep);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 978)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 979) if (!IS_ERR(key_ref))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 980) ima_post_key_create_or_update(keyring, key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 981) payload, plen,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 982) flags, false);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 983)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 984) goto error_free_prep;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 985) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 986) EXPORT_SYMBOL(key_create_or_update);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 987)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 988) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 989) * key_update - Update a key's contents.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 990) * @key_ref: The pointer (plus possession flag) to the key.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 991) * @payload: The data to be used to update the key.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 992) * @plen: The length of @payload.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 993) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 994) * Attempt to update the contents of a key with the given payload data. The
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 995) * caller must be granted Write permission on the key. Negative keys can be
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 996) * instantiated by this method.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 997) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 998) * Returns 0 on success, -EACCES if not permitted and -EOPNOTSUPP if the key
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 999) * type does not support updating. The key type may return other errors.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1000) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1001) int key_update(key_ref_t key_ref, const void *payload, size_t plen)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1002) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1003) struct key_preparsed_payload prep;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1004) struct key *key = key_ref_to_ptr(key_ref);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1005) int ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1006)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1007) key_check(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1008)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1009) /* the key must be writable */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1010) ret = key_permission(key_ref, KEY_NEED_WRITE);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1011) if (ret < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1012) return ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1013)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1014) /* attempt to update it if supported */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1015) if (!key->type->update)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1016) return -EOPNOTSUPP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1017)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1018) memset(&prep, 0, sizeof(prep));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1019) prep.data = payload;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1020) prep.datalen = plen;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1021) prep.quotalen = key->type->def_datalen;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1022) prep.expiry = TIME64_MAX;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1023) if (key->type->preparse) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1024) ret = key->type->preparse(&prep);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1025) if (ret < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1026) goto error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1027) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1028)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1029) down_write(&key->sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1030)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1031) ret = key->type->update(key, &prep);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1032) if (ret == 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1033) /* Updating a negative key positively instantiates it */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1034) mark_key_instantiated(key, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1035) notify_key(key, NOTIFY_KEY_UPDATED, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1036) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1037)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1038) up_write(&key->sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1039)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1040) error:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1041) if (key->type->preparse)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1042) key->type->free_preparse(&prep);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1043) return ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1044) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1045) EXPORT_SYMBOL(key_update);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1046)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1047) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1048) * key_revoke - Revoke a key.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1049) * @key: The key to be revoked.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1050) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1051) * Mark a key as being revoked and ask the type to free up its resources. The
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1052) * revocation timeout is set and the key and all its links will be
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1053) * automatically garbage collected after key_gc_delay amount of time if they
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1054) * are not manually dealt with first.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1055) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1056) void key_revoke(struct key *key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1057) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1058) time64_t time;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1059)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1060) key_check(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1061)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1062) /* make sure no one's trying to change or use the key when we mark it
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1063) * - we tell lockdep that we might nest because we might be revoking an
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1064) * authorisation key whilst holding the sem on a key we've just
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1065) * instantiated
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1066) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1067) down_write_nested(&key->sem, 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1068) if (!test_and_set_bit(KEY_FLAG_REVOKED, &key->flags)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1069) notify_key(key, NOTIFY_KEY_REVOKED, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1070) if (key->type->revoke)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1071) key->type->revoke(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1072)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1073) /* set the death time to no more than the expiry time */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1074) time = ktime_get_real_seconds();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1075) if (key->revoked_at == 0 || key->revoked_at > time) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1076) key->revoked_at = time;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1077) key_schedule_gc(key->revoked_at + key_gc_delay);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1078) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1079) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1080)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1081) up_write(&key->sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1082) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1083) EXPORT_SYMBOL(key_revoke);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1084)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1085) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1086) * key_invalidate - Invalidate a key.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1087) * @key: The key to be invalidated.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1088) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1089) * Mark a key as being invalidated and have it cleaned up immediately. The key
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1090) * is ignored by all searches and other operations from this point.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1091) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1092) void key_invalidate(struct key *key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1093) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1094) kenter("%d", key_serial(key));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1095)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1096) key_check(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1097)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1098) if (!test_bit(KEY_FLAG_INVALIDATED, &key->flags)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1099) down_write_nested(&key->sem, 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1100) if (!test_and_set_bit(KEY_FLAG_INVALIDATED, &key->flags)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1101) notify_key(key, NOTIFY_KEY_INVALIDATED, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1102) key_schedule_gc_links();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1103) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1104) up_write(&key->sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1105) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1106) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1107) EXPORT_SYMBOL(key_invalidate);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1108)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1109) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1110) * generic_key_instantiate - Simple instantiation of a key from preparsed data
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1111) * @key: The key to be instantiated
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1112) * @prep: The preparsed data to load.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1113) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1114) * Instantiate a key from preparsed data. We assume we can just copy the data
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1115) * in directly and clear the old pointers.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1116) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1117) * This can be pointed to directly by the key type instantiate op pointer.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1118) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1119) int generic_key_instantiate(struct key *key, struct key_preparsed_payload *prep)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1120) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1121) int ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1122)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1123) pr_devel("==>%s()\n", __func__);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1124)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1125) ret = key_payload_reserve(key, prep->quotalen);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1126) if (ret == 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1127) rcu_assign_keypointer(key, prep->payload.data[0]);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1128) key->payload.data[1] = prep->payload.data[1];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1129) key->payload.data[2] = prep->payload.data[2];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1130) key->payload.data[3] = prep->payload.data[3];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1131) prep->payload.data[0] = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1132) prep->payload.data[1] = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1133) prep->payload.data[2] = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1134) prep->payload.data[3] = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1135) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1136) pr_devel("<==%s() = %d\n", __func__, ret);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1137) return ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1138) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1139) EXPORT_SYMBOL(generic_key_instantiate);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1140)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1141) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1142) * register_key_type - Register a type of key.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1143) * @ktype: The new key type.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1144) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1145) * Register a new key type.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1146) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1147) * Returns 0 on success or -EEXIST if a type of this name already exists.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1148) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1149) int register_key_type(struct key_type *ktype)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1150) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1151) struct key_type *p;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1152) int ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1153)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1154) memset(&ktype->lock_class, 0, sizeof(ktype->lock_class));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1155)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1156) ret = -EEXIST;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1157) down_write(&key_types_sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1158)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1159) /* disallow key types with the same name */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1160) list_for_each_entry(p, &key_types_list, link) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1161) if (strcmp(p->name, ktype->name) == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1162) goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1163) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1164)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1165) /* store the type */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1166) list_add(&ktype->link, &key_types_list);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1167)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1168) pr_notice("Key type %s registered\n", ktype->name);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1169) ret = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1170)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1171) out:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1172) up_write(&key_types_sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1173) return ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1174) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1175) EXPORT_SYMBOL(register_key_type);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1176)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1177) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1178) * unregister_key_type - Unregister a type of key.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1179) * @ktype: The key type.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1180) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1181) * Unregister a key type and mark all the extant keys of this type as dead.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1182) * Those keys of this type are then destroyed to get rid of their payloads and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1183) * they and their links will be garbage collected as soon as possible.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1184) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1185) void unregister_key_type(struct key_type *ktype)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1186) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1187) down_write(&key_types_sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1188) list_del_init(&ktype->link);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1189) downgrade_write(&key_types_sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1190) key_gc_keytype(ktype);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1191) pr_notice("Key type %s unregistered\n", ktype->name);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1192) up_read(&key_types_sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1193) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1194) EXPORT_SYMBOL(unregister_key_type);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1195)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1196) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1197) * Initialise the key management state.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1198) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1199) void __init key_init(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1200) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1201) /* allocate a slab in which we can store keys */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1202) key_jar = kmem_cache_create("key_jar", sizeof(struct key),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1203) 0, SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1204)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1205) /* add the special key types */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1206) list_add_tail(&key_type_keyring.link, &key_types_list);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1207) list_add_tail(&key_type_dead.link, &key_types_list);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1208) list_add_tail(&key_type_user.link, &key_types_list);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1209) list_add_tail(&key_type_logon.link, &key_types_list);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1210)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1211) /* record the root user tracking */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1212) rb_link_node(&root_key_user.node,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1213) NULL,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1214) &key_user_tree.rb_node);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1215)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1216) rb_insert_color(&root_key_user.node,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1217) &key_user_tree);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1218) }
Orange Pi5 kernel
Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards
3 Commits
0 Branches
0 Tags