^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1) // SPDX-License-Identifier: GPL-2.0-or-later
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2) /* Keyring handling
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4) * Copyright (C) 2004-2005, 2008, 2013 Red Hat, Inc. All Rights Reserved.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 5) * Written by David Howells (dhowells@redhat.com)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 6) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 7)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 8) #include <linux/export.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 9) #include <linux/init.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10) #include <linux/sched.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11) #include <linux/slab.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12) #include <linux/security.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13) #include <linux/seq_file.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14) #include <linux/err.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15) #include <linux/user_namespace.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16) #include <linux/nsproxy.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17) #include <keys/keyring-type.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18) #include <keys/user-type.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19) #include <linux/assoc_array_priv.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20) #include <linux/uaccess.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21) #include <net/net_namespace.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22) #include "internal.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25) * When plumbing the depths of the key tree, this sets a hard limit
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26) * set on how deep we're willing to go.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28) #define KEYRING_SEARCH_MAX_DEPTH 6
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31) * We mark pointers we pass to the associative array with bit 1 set if
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32) * they're keyrings and clear otherwise.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34) #define KEYRING_PTR_SUBTYPE 0x2UL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36) static inline bool keyring_ptr_is_keyring(const struct assoc_array_ptr *x)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38) return (unsigned long)x & KEYRING_PTR_SUBTYPE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40) static inline struct key *keyring_ptr_to_key(const struct assoc_array_ptr *x)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42) void *object = assoc_array_ptr_to_leaf(x);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43) return (struct key *)((unsigned long)object & ~KEYRING_PTR_SUBTYPE);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 45) static inline void *keyring_key_to_ptr(struct key *key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 46) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 47) if (key->type == &key_type_keyring)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 48) return (void *)((unsigned long)key | KEYRING_PTR_SUBTYPE);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 49) return key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 50) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 51)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 52) static DEFINE_RWLOCK(keyring_name_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 53)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 54) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 55) * Clean up the bits of user_namespace that belong to us.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 56) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 57) void key_free_user_ns(struct user_namespace *ns)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 58) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 59) write_lock(&keyring_name_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 60) list_del_init(&ns->keyring_name_list);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 61) write_unlock(&keyring_name_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 62)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 63) key_put(ns->user_keyring_register);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 64) #ifdef CONFIG_PERSISTENT_KEYRINGS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 65) key_put(ns->persistent_keyring_register);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 66) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 67) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 68)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 69) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 70) * The keyring key type definition. Keyrings are simply keys of this type and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 71) * can be treated as ordinary keys in addition to having their own special
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 72) * operations.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 73) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 74) static int keyring_preparse(struct key_preparsed_payload *prep);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 75) static void keyring_free_preparse(struct key_preparsed_payload *prep);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 76) static int keyring_instantiate(struct key *keyring,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 77) struct key_preparsed_payload *prep);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 78) static void keyring_revoke(struct key *keyring);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 79) static void keyring_destroy(struct key *keyring);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 80) static void keyring_describe(const struct key *keyring, struct seq_file *m);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 81) static long keyring_read(const struct key *keyring,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 82) char __user *buffer, size_t buflen);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 83)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 84) struct key_type key_type_keyring = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 85) .name = "keyring",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 86) .def_datalen = 0,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 87) .preparse = keyring_preparse,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 88) .free_preparse = keyring_free_preparse,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 89) .instantiate = keyring_instantiate,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 90) .revoke = keyring_revoke,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 91) .destroy = keyring_destroy,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 92) .describe = keyring_describe,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 93) .read = keyring_read,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 94) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 95) EXPORT_SYMBOL(key_type_keyring);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 96)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 97) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 98) * Semaphore to serialise link/link calls to prevent two link calls in parallel
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 99) * introducing a cycle.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) static DEFINE_MUTEX(keyring_serialise_link_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) * Publish the name of a keyring so that it can be found by name (if it has
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) * one and it doesn't begin with a dot).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) static void keyring_publish_name(struct key *keyring)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) struct user_namespace *ns = current_user_ns();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) if (keyring->description &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) keyring->description[0] &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) keyring->description[0] != '.') {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) write_lock(&keyring_name_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115) list_add_tail(&keyring->name_link, &ns->keyring_name_list);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116) write_unlock(&keyring_name_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121) * Preparse a keyring payload
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123) static int keyring_preparse(struct key_preparsed_payload *prep)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125) return prep->datalen != 0 ? -EINVAL : 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129) * Free a preparse of a user defined key payload
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131) static void keyring_free_preparse(struct key_preparsed_payload *prep)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 136) * Initialise a keyring.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 137) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 138) * Returns 0 on success, -EINVAL if given any data.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 139) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 140) static int keyring_instantiate(struct key *keyring,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 141) struct key_preparsed_payload *prep)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 142) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 143) assoc_array_init(&keyring->keys);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 144) /* make the keyring available by name if it has one */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 145) keyring_publish_name(keyring);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 146) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 147) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 148)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 149) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 150) * Multiply 64-bits by 32-bits to 96-bits and fold back to 64-bit. Ideally we'd
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 151) * fold the carry back too, but that requires inline asm.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 152) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 153) static u64 mult_64x32_and_fold(u64 x, u32 y)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 154) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 155) u64 hi = (u64)(u32)(x >> 32) * y;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 156) u64 lo = (u64)(u32)(x) * y;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 157) return lo + ((u64)(u32)hi << 32) + (u32)(hi >> 32);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 158) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 159)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 160) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 161) * Hash a key type and description.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 162) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 163) static void hash_key_type_and_desc(struct keyring_index_key *index_key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 164) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 165) const unsigned level_shift = ASSOC_ARRAY_LEVEL_STEP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 166) const unsigned long fan_mask = ASSOC_ARRAY_FAN_MASK;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 167) const char *description = index_key->description;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 168) unsigned long hash, type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 169) u32 piece;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 170) u64 acc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 171) int n, desc_len = index_key->desc_len;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 172)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 173) type = (unsigned long)index_key->type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 174) acc = mult_64x32_and_fold(type, desc_len + 13);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 175) acc = mult_64x32_and_fold(acc, 9207);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 176) piece = (unsigned long)index_key->domain_tag;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 177) acc = mult_64x32_and_fold(acc, piece);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 178) acc = mult_64x32_and_fold(acc, 9207);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 179)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 180) for (;;) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 181) n = desc_len;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 182) if (n <= 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 183) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 184) if (n > 4)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 185) n = 4;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 186) piece = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 187) memcpy(&piece, description, n);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 188) description += n;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 189) desc_len -= n;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 190) acc = mult_64x32_and_fold(acc, piece);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 191) acc = mult_64x32_and_fold(acc, 9207);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 192) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 193)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 194) /* Fold the hash down to 32 bits if need be. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 195) hash = acc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 196) if (ASSOC_ARRAY_KEY_CHUNK_SIZE == 32)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 197) hash ^= acc >> 32;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 198)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 199) /* Squidge all the keyrings into a separate part of the tree to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 200) * ordinary keys by making sure the lowest level segment in the hash is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 201) * zero for keyrings and non-zero otherwise.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 202) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 203) if (index_key->type != &key_type_keyring && (hash & fan_mask) == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 204) hash |= (hash >> (ASSOC_ARRAY_KEY_CHUNK_SIZE - level_shift)) | 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 205) else if (index_key->type == &key_type_keyring && (hash & fan_mask) != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 206) hash = (hash + (hash << level_shift)) & ~fan_mask;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 207) index_key->hash = hash;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 208) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 209)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 210) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 211) * Finalise an index key to include a part of the description actually in the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 212) * index key, to set the domain tag and to calculate the hash.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 213) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 214) void key_set_index_key(struct keyring_index_key *index_key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 215) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 216) static struct key_tag default_domain_tag = { .usage = REFCOUNT_INIT(1), };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 217) size_t n = min_t(size_t, index_key->desc_len, sizeof(index_key->desc));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 218)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 219) memcpy(index_key->desc, index_key->description, n);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 220)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 221) if (!index_key->domain_tag) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 222) if (index_key->type->flags & KEY_TYPE_NET_DOMAIN)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 223) index_key->domain_tag = current->nsproxy->net_ns->key_domain;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 224) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 225) index_key->domain_tag = &default_domain_tag;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 226) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 227)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 228) hash_key_type_and_desc(index_key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 229) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 230)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 231) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 232) * key_put_tag - Release a ref on a tag.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 233) * @tag: The tag to release.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 234) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 235) * This releases a reference the given tag and returns true if that ref was the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 236) * last one.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 237) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 238) bool key_put_tag(struct key_tag *tag)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 239) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 240) if (refcount_dec_and_test(&tag->usage)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 241) kfree_rcu(tag, rcu);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 242) return true;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 243) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 244)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 245) return false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 246) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 247)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 248) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 249) * key_remove_domain - Kill off a key domain and gc its keys
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 250) * @domain_tag: The domain tag to release.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 251) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 252) * This marks a domain tag as being dead and releases a ref on it. If that
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 253) * wasn't the last reference, the garbage collector is poked to try and delete
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 254) * all keys that were in the domain.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 255) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 256) void key_remove_domain(struct key_tag *domain_tag)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 257) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 258) domain_tag->removed = true;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 259) if (!key_put_tag(domain_tag))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 260) key_schedule_gc_links();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 261) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 262)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 263) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 264) * Build the next index key chunk.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 265) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 266) * We return it one word-sized chunk at a time.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 267) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 268) static unsigned long keyring_get_key_chunk(const void *data, int level)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 269) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 270) const struct keyring_index_key *index_key = data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 271) unsigned long chunk = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 272) const u8 *d;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 273) int desc_len = index_key->desc_len, n = sizeof(chunk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 274)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 275) level /= ASSOC_ARRAY_KEY_CHUNK_SIZE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 276) switch (level) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 277) case 0:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 278) return index_key->hash;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 279) case 1:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 280) return index_key->x;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 281) case 2:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 282) return (unsigned long)index_key->type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 283) case 3:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 284) return (unsigned long)index_key->domain_tag;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 285) default:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 286) level -= 4;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 287) if (desc_len <= sizeof(index_key->desc))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 288) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 289)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 290) d = index_key->description + sizeof(index_key->desc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 291) d += level * sizeof(long);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 292) desc_len -= sizeof(index_key->desc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 293) if (desc_len > n)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 294) desc_len = n;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 295) do {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 296) chunk <<= 8;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 297) chunk |= *d++;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 298) } while (--desc_len > 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 299) return chunk;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 300) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 301) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 302)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 303) static unsigned long keyring_get_object_key_chunk(const void *object, int level)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 304) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 305) const struct key *key = keyring_ptr_to_key(object);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 306) return keyring_get_key_chunk(&key->index_key, level);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 307) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 308)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 309) static bool keyring_compare_object(const void *object, const void *data)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 310) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 311) const struct keyring_index_key *index_key = data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 312) const struct key *key = keyring_ptr_to_key(object);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 313)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 314) return key->index_key.type == index_key->type &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 315) key->index_key.domain_tag == index_key->domain_tag &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 316) key->index_key.desc_len == index_key->desc_len &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 317) memcmp(key->index_key.description, index_key->description,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 318) index_key->desc_len) == 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 319) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 320)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 321) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 322) * Compare the index keys of a pair of objects and determine the bit position
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 323) * at which they differ - if they differ.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 324) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 325) static int keyring_diff_objects(const void *object, const void *data)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 326) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 327) const struct key *key_a = keyring_ptr_to_key(object);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 328) const struct keyring_index_key *a = &key_a->index_key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 329) const struct keyring_index_key *b = data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 330) unsigned long seg_a, seg_b;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 331) int level, i;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 332)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 333) level = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 334) seg_a = a->hash;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 335) seg_b = b->hash;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 336) if ((seg_a ^ seg_b) != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 337) goto differ;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 338) level += ASSOC_ARRAY_KEY_CHUNK_SIZE / 8;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 339)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 340) /* The number of bits contributed by the hash is controlled by a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 341) * constant in the assoc_array headers. Everything else thereafter we
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 342) * can deal with as being machine word-size dependent.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 343) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 344) seg_a = a->x;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 345) seg_b = b->x;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 346) if ((seg_a ^ seg_b) != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 347) goto differ;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 348) level += sizeof(unsigned long);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 349)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 350) /* The next bit may not work on big endian */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 351) seg_a = (unsigned long)a->type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 352) seg_b = (unsigned long)b->type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 353) if ((seg_a ^ seg_b) != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 354) goto differ;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 355) level += sizeof(unsigned long);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 356)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 357) seg_a = (unsigned long)a->domain_tag;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 358) seg_b = (unsigned long)b->domain_tag;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 359) if ((seg_a ^ seg_b) != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 360) goto differ;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 361) level += sizeof(unsigned long);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 362)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 363) i = sizeof(a->desc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 364) if (a->desc_len <= i)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 365) goto same;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 366)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 367) for (; i < a->desc_len; i++) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 368) seg_a = *(unsigned char *)(a->description + i);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 369) seg_b = *(unsigned char *)(b->description + i);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 370) if ((seg_a ^ seg_b) != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 371) goto differ_plus_i;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 372) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 373)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 374) same:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 375) return -1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 376)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 377) differ_plus_i:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 378) level += i;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 379) differ:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 380) i = level * 8 + __ffs(seg_a ^ seg_b);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 381) return i;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 382) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 383)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 384) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 385) * Free an object after stripping the keyring flag off of the pointer.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 386) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 387) static void keyring_free_object(void *object)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 388) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 389) key_put(keyring_ptr_to_key(object));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 390) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 391)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 392) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 393) * Operations for keyring management by the index-tree routines.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 394) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 395) static const struct assoc_array_ops keyring_assoc_array_ops = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 396) .get_key_chunk = keyring_get_key_chunk,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 397) .get_object_key_chunk = keyring_get_object_key_chunk,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 398) .compare_object = keyring_compare_object,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 399) .diff_objects = keyring_diff_objects,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 400) .free_object = keyring_free_object,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 401) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 402)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 403) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 404) * Clean up a keyring when it is destroyed. Unpublish its name if it had one
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 405) * and dispose of its data.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 406) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 407) * The garbage collector detects the final key_put(), removes the keyring from
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 408) * the serial number tree and then does RCU synchronisation before coming here,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 409) * so we shouldn't need to worry about code poking around here with the RCU
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 410) * readlock held by this time.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 411) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 412) static void keyring_destroy(struct key *keyring)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 413) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 414) if (keyring->description) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 415) write_lock(&keyring_name_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 416)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 417) if (keyring->name_link.next != NULL &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 418) !list_empty(&keyring->name_link))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 419) list_del(&keyring->name_link);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 420)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 421) write_unlock(&keyring_name_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 422) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 423)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 424) if (keyring->restrict_link) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 425) struct key_restriction *keyres = keyring->restrict_link;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 426)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 427) key_put(keyres->key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 428) kfree(keyres);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 429) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 430)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 431) assoc_array_destroy(&keyring->keys, &keyring_assoc_array_ops);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 432) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 433)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 434) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 435) * Describe a keyring for /proc.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 436) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 437) static void keyring_describe(const struct key *keyring, struct seq_file *m)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 438) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 439) if (keyring->description)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 440) seq_puts(m, keyring->description);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 441) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 442) seq_puts(m, "[anon]");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 443)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 444) if (key_is_positive(keyring)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 445) if (keyring->keys.nr_leaves_on_tree != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 446) seq_printf(m, ": %lu", keyring->keys.nr_leaves_on_tree);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 447) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 448) seq_puts(m, ": empty");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 449) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 450) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 451)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 452) struct keyring_read_iterator_context {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 453) size_t buflen;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 454) size_t count;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 455) key_serial_t __user *buffer;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 456) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 457)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 458) static int keyring_read_iterator(const void *object, void *data)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 459) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 460) struct keyring_read_iterator_context *ctx = data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 461) const struct key *key = keyring_ptr_to_key(object);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 462)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 463) kenter("{%s,%d},,{%zu/%zu}",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 464) key->type->name, key->serial, ctx->count, ctx->buflen);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 465)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 466) if (ctx->count >= ctx->buflen)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 467) return 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 468)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 469) *ctx->buffer++ = key->serial;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 470) ctx->count += sizeof(key->serial);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 471) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 472) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 473)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 474) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 475) * Read a list of key IDs from the keyring's contents in binary form
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 476) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 477) * The keyring's semaphore is read-locked by the caller. This prevents someone
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 478) * from modifying it under us - which could cause us to read key IDs multiple
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 479) * times.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 480) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 481) static long keyring_read(const struct key *keyring,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 482) char __user *buffer, size_t buflen)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 483) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 484) struct keyring_read_iterator_context ctx;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 485) long ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 486)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 487) kenter("{%d},,%zu", key_serial(keyring), buflen);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 488)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 489) if (buflen & (sizeof(key_serial_t) - 1))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 490) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 491)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 492) /* Copy as many key IDs as fit into the buffer */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 493) if (buffer && buflen) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 494) ctx.buffer = (key_serial_t __user *)buffer;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 495) ctx.buflen = buflen;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 496) ctx.count = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 497) ret = assoc_array_iterate(&keyring->keys,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 498) keyring_read_iterator, &ctx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 499) if (ret < 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 500) kleave(" = %ld [iterate]", ret);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 501) return ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 502) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 503) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 504)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 505) /* Return the size of the buffer needed */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 506) ret = keyring->keys.nr_leaves_on_tree * sizeof(key_serial_t);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 507) if (ret <= buflen)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 508) kleave("= %ld [ok]", ret);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 509) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 510) kleave("= %ld [buffer too small]", ret);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 511) return ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 512) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 513)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 514) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 515) * Allocate a keyring and link into the destination keyring.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 516) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 517) struct key *keyring_alloc(const char *description, kuid_t uid, kgid_t gid,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 518) const struct cred *cred, key_perm_t perm,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 519) unsigned long flags,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 520) struct key_restriction *restrict_link,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 521) struct key *dest)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 522) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 523) struct key *keyring;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 524) int ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 525)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 526) keyring = key_alloc(&key_type_keyring, description,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 527) uid, gid, cred, perm, flags, restrict_link);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 528) if (!IS_ERR(keyring)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 529) ret = key_instantiate_and_link(keyring, NULL, 0, dest, NULL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 530) if (ret < 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 531) key_put(keyring);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 532) keyring = ERR_PTR(ret);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 533) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 534) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 535)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 536) return keyring;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 537) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 538) EXPORT_SYMBOL(keyring_alloc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 539)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 540) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 541) * restrict_link_reject - Give -EPERM to restrict link
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 542) * @keyring: The keyring being added to.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 543) * @type: The type of key being added.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 544) * @payload: The payload of the key intended to be added.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 545) * @restriction_key: Keys providing additional data for evaluating restriction.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 546) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 547) * Reject the addition of any links to a keyring. It can be overridden by
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 548) * passing KEY_ALLOC_BYPASS_RESTRICTION to key_instantiate_and_link() when
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 549) * adding a key to a keyring.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 550) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 551) * This is meant to be stored in a key_restriction structure which is passed
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 552) * in the restrict_link parameter to keyring_alloc().
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 553) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 554) int restrict_link_reject(struct key *keyring,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 555) const struct key_type *type,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 556) const union key_payload *payload,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 557) struct key *restriction_key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 558) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 559) return -EPERM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 560) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 561)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 562) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 563) * By default, we keys found by getting an exact match on their descriptions.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 564) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 565) bool key_default_cmp(const struct key *key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 566) const struct key_match_data *match_data)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 567) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 568) return strcmp(key->description, match_data->raw_data) == 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 569) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 570)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 571) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 572) * Iteration function to consider each key found.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 573) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 574) static int keyring_search_iterator(const void *object, void *iterator_data)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 575) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 576) struct keyring_search_context *ctx = iterator_data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 577) const struct key *key = keyring_ptr_to_key(object);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 578) unsigned long kflags = READ_ONCE(key->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 579) short state = READ_ONCE(key->state);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 580)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 581) kenter("{%d}", key->serial);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 582)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 583) /* ignore keys not of this type */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 584) if (key->type != ctx->index_key.type) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 585) kleave(" = 0 [!type]");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 586) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 587) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 588)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 589) /* skip invalidated, revoked and expired keys */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 590) if (ctx->flags & KEYRING_SEARCH_DO_STATE_CHECK) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 591) time64_t expiry = READ_ONCE(key->expiry);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 592)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 593) if (kflags & ((1 << KEY_FLAG_INVALIDATED) |
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 594) (1 << KEY_FLAG_REVOKED))) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 595) ctx->result = ERR_PTR(-EKEYREVOKED);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 596) kleave(" = %d [invrev]", ctx->skipped_ret);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 597) goto skipped;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 598) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 599)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 600) if (expiry && ctx->now >= expiry) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 601) if (!(ctx->flags & KEYRING_SEARCH_SKIP_EXPIRED))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 602) ctx->result = ERR_PTR(-EKEYEXPIRED);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 603) kleave(" = %d [expire]", ctx->skipped_ret);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 604) goto skipped;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 605) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 606) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 607)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 608) /* keys that don't match */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 609) if (!ctx->match_data.cmp(key, &ctx->match_data)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 610) kleave(" = 0 [!match]");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 611) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 612) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 613)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 614) /* key must have search permissions */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 615) if (!(ctx->flags & KEYRING_SEARCH_NO_CHECK_PERM) &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 616) key_task_permission(make_key_ref(key, ctx->possessed),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 617) ctx->cred, KEY_NEED_SEARCH) < 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 618) ctx->result = ERR_PTR(-EACCES);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 619) kleave(" = %d [!perm]", ctx->skipped_ret);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 620) goto skipped;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 621) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 622)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 623) if (ctx->flags & KEYRING_SEARCH_DO_STATE_CHECK) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 624) /* we set a different error code if we pass a negative key */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 625) if (state < 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 626) ctx->result = ERR_PTR(state);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 627) kleave(" = %d [neg]", ctx->skipped_ret);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 628) goto skipped;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 629) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 630) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 631)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 632) /* Found */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 633) ctx->result = make_key_ref(key, ctx->possessed);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 634) kleave(" = 1 [found]");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 635) return 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 636)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 637) skipped:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 638) return ctx->skipped_ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 639) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 640)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 641) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 642) * Search inside a keyring for a key. We can search by walking to it
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 643) * directly based on its index-key or we can iterate over the entire
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 644) * tree looking for it, based on the match function.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 645) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 646) static int search_keyring(struct key *keyring, struct keyring_search_context *ctx)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 647) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 648) if (ctx->match_data.lookup_type == KEYRING_SEARCH_LOOKUP_DIRECT) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 649) const void *object;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 650)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 651) object = assoc_array_find(&keyring->keys,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 652) &keyring_assoc_array_ops,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 653) &ctx->index_key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 654) return object ? ctx->iterator(object, ctx) : 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 655) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 656) return assoc_array_iterate(&keyring->keys, ctx->iterator, ctx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 657) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 658)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 659) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 660) * Search a tree of keyrings that point to other keyrings up to the maximum
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 661) * depth.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 662) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 663) static bool search_nested_keyrings(struct key *keyring,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 664) struct keyring_search_context *ctx)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 665) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 666) struct {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 667) struct key *keyring;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 668) struct assoc_array_node *node;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 669) int slot;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 670) } stack[KEYRING_SEARCH_MAX_DEPTH];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 671)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 672) struct assoc_array_shortcut *shortcut;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 673) struct assoc_array_node *node;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 674) struct assoc_array_ptr *ptr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 675) struct key *key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 676) int sp = 0, slot;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 677)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 678) kenter("{%d},{%s,%s}",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 679) keyring->serial,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 680) ctx->index_key.type->name,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 681) ctx->index_key.description);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 682)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 683) #define STATE_CHECKS (KEYRING_SEARCH_NO_STATE_CHECK | KEYRING_SEARCH_DO_STATE_CHECK)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 684) BUG_ON((ctx->flags & STATE_CHECKS) == 0 ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 685) (ctx->flags & STATE_CHECKS) == STATE_CHECKS);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 686)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 687) if (ctx->index_key.description)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 688) key_set_index_key(&ctx->index_key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 689)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 690) /* Check to see if this top-level keyring is what we are looking for
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 691) * and whether it is valid or not.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 692) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 693) if (ctx->match_data.lookup_type == KEYRING_SEARCH_LOOKUP_ITERATE ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 694) keyring_compare_object(keyring, &ctx->index_key)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 695) ctx->skipped_ret = 2;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 696) switch (ctx->iterator(keyring_key_to_ptr(keyring), ctx)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 697) case 1:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 698) goto found;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 699) case 2:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 700) return false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 701) default:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 702) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 703) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 704) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 705)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 706) ctx->skipped_ret = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 707)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 708) /* Start processing a new keyring */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 709) descend_to_keyring:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 710) kdebug("descend to %d", keyring->serial);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 711) if (keyring->flags & ((1 << KEY_FLAG_INVALIDATED) |
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 712) (1 << KEY_FLAG_REVOKED)))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 713) goto not_this_keyring;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 714)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 715) /* Search through the keys in this keyring before its searching its
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 716) * subtrees.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 717) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 718) if (search_keyring(keyring, ctx))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 719) goto found;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 720)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 721) /* Then manually iterate through the keyrings nested in this one.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 722) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 723) * Start from the root node of the index tree. Because of the way the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 724) * hash function has been set up, keyrings cluster on the leftmost
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 725) * branch of the root node (root slot 0) or in the root node itself.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 726) * Non-keyrings avoid the leftmost branch of the root entirely (root
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 727) * slots 1-15).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 728) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 729) if (!(ctx->flags & KEYRING_SEARCH_RECURSE))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 730) goto not_this_keyring;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 731)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 732) ptr = READ_ONCE(keyring->keys.root);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 733) if (!ptr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 734) goto not_this_keyring;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 735)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 736) if (assoc_array_ptr_is_shortcut(ptr)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 737) /* If the root is a shortcut, either the keyring only contains
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 738) * keyring pointers (everything clusters behind root slot 0) or
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 739) * doesn't contain any keyring pointers.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 740) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 741) shortcut = assoc_array_ptr_to_shortcut(ptr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 742) if ((shortcut->index_key[0] & ASSOC_ARRAY_FAN_MASK) != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 743) goto not_this_keyring;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 744)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 745) ptr = READ_ONCE(shortcut->next_node);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 746) node = assoc_array_ptr_to_node(ptr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 747) goto begin_node;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 748) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 749)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 750) node = assoc_array_ptr_to_node(ptr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 751) ptr = node->slots[0];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 752) if (!assoc_array_ptr_is_meta(ptr))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 753) goto begin_node;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 754)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 755) descend_to_node:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 756) /* Descend to a more distal node in this keyring's content tree and go
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 757) * through that.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 758) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 759) kdebug("descend");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 760) if (assoc_array_ptr_is_shortcut(ptr)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 761) shortcut = assoc_array_ptr_to_shortcut(ptr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 762) ptr = READ_ONCE(shortcut->next_node);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 763) BUG_ON(!assoc_array_ptr_is_node(ptr));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 764) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 765) node = assoc_array_ptr_to_node(ptr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 766)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 767) begin_node:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 768) kdebug("begin_node");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 769) slot = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 770) ascend_to_node:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 771) /* Go through the slots in a node */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 772) for (; slot < ASSOC_ARRAY_FAN_OUT; slot++) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 773) ptr = READ_ONCE(node->slots[slot]);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 774)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 775) if (assoc_array_ptr_is_meta(ptr) && node->back_pointer)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 776) goto descend_to_node;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 777)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 778) if (!keyring_ptr_is_keyring(ptr))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 779) continue;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 780)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 781) key = keyring_ptr_to_key(ptr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 782)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 783) if (sp >= KEYRING_SEARCH_MAX_DEPTH) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 784) if (ctx->flags & KEYRING_SEARCH_DETECT_TOO_DEEP) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 785) ctx->result = ERR_PTR(-ELOOP);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 786) return false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 787) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 788) goto not_this_keyring;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 789) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 790)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 791) /* Search a nested keyring */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 792) if (!(ctx->flags & KEYRING_SEARCH_NO_CHECK_PERM) &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 793) key_task_permission(make_key_ref(key, ctx->possessed),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 794) ctx->cred, KEY_NEED_SEARCH) < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 795) continue;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 796)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 797) /* stack the current position */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 798) stack[sp].keyring = keyring;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 799) stack[sp].node = node;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 800) stack[sp].slot = slot;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 801) sp++;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 802)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 803) /* begin again with the new keyring */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 804) keyring = key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 805) goto descend_to_keyring;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 806) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 807)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 808) /* We've dealt with all the slots in the current node, so now we need
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 809) * to ascend to the parent and continue processing there.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 810) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 811) ptr = READ_ONCE(node->back_pointer);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 812) slot = node->parent_slot;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 813)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 814) if (ptr && assoc_array_ptr_is_shortcut(ptr)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 815) shortcut = assoc_array_ptr_to_shortcut(ptr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 816) ptr = READ_ONCE(shortcut->back_pointer);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 817) slot = shortcut->parent_slot;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 818) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 819) if (!ptr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 820) goto not_this_keyring;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 821) node = assoc_array_ptr_to_node(ptr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 822) slot++;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 823)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 824) /* If we've ascended to the root (zero backpointer), we must have just
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 825) * finished processing the leftmost branch rather than the root slots -
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 826) * so there can't be any more keyrings for us to find.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 827) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 828) if (node->back_pointer) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 829) kdebug("ascend %d", slot);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 830) goto ascend_to_node;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 831) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 832)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 833) /* The keyring we're looking at was disqualified or didn't contain a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 834) * matching key.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 835) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 836) not_this_keyring:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 837) kdebug("not_this_keyring %d", sp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 838) if (sp <= 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 839) kleave(" = false");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 840) return false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 841) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 842)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 843) /* Resume the processing of a keyring higher up in the tree */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 844) sp--;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 845) keyring = stack[sp].keyring;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 846) node = stack[sp].node;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 847) slot = stack[sp].slot + 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 848) kdebug("ascend to %d [%d]", keyring->serial, slot);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 849) goto ascend_to_node;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 850)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 851) /* We found a viable match */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 852) found:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 853) key = key_ref_to_ptr(ctx->result);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 854) key_check(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 855) if (!(ctx->flags & KEYRING_SEARCH_NO_UPDATE_TIME)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 856) key->last_used_at = ctx->now;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 857) keyring->last_used_at = ctx->now;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 858) while (sp > 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 859) stack[--sp].keyring->last_used_at = ctx->now;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 860) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 861) kleave(" = true");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 862) return true;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 863) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 864)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 865) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 866) * keyring_search_rcu - Search a keyring tree for a matching key under RCU
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 867) * @keyring_ref: A pointer to the keyring with possession indicator.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 868) * @ctx: The keyring search context.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 869) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 870) * Search the supplied keyring tree for a key that matches the criteria given.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 871) * The root keyring and any linked keyrings must grant Search permission to the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 872) * caller to be searchable and keys can only be found if they too grant Search
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 873) * to the caller. The possession flag on the root keyring pointer controls use
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 874) * of the possessor bits in permissions checking of the entire tree. In
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 875) * addition, the LSM gets to forbid keyring searches and key matches.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 876) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 877) * The search is performed as a breadth-then-depth search up to the prescribed
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 878) * limit (KEYRING_SEARCH_MAX_DEPTH). The caller must hold the RCU read lock to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 879) * prevent keyrings from being destroyed or rearranged whilst they are being
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 880) * searched.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 881) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 882) * Keys are matched to the type provided and are then filtered by the match
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 883) * function, which is given the description to use in any way it sees fit. The
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 884) * match function may use any attributes of a key that it wishes to to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 885) * determine the match. Normally the match function from the key type would be
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 886) * used.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 887) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 888) * RCU can be used to prevent the keyring key lists from disappearing without
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 889) * the need to take lots of locks.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 890) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 891) * Returns a pointer to the found key and increments the key usage count if
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 892) * successful; -EAGAIN if no matching keys were found, or if expired or revoked
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 893) * keys were found; -ENOKEY if only negative keys were found; -ENOTDIR if the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 894) * specified keyring wasn't a keyring.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 895) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 896) * In the case of a successful return, the possession attribute from
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 897) * @keyring_ref is propagated to the returned key reference.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 898) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 899) key_ref_t keyring_search_rcu(key_ref_t keyring_ref,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 900) struct keyring_search_context *ctx)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 901) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 902) struct key *keyring;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 903) long err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 904)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 905) ctx->iterator = keyring_search_iterator;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 906) ctx->possessed = is_key_possessed(keyring_ref);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 907) ctx->result = ERR_PTR(-EAGAIN);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 908)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 909) keyring = key_ref_to_ptr(keyring_ref);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 910) key_check(keyring);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 911)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 912) if (keyring->type != &key_type_keyring)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 913) return ERR_PTR(-ENOTDIR);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 914)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 915) if (!(ctx->flags & KEYRING_SEARCH_NO_CHECK_PERM)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 916) err = key_task_permission(keyring_ref, ctx->cred, KEY_NEED_SEARCH);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 917) if (err < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 918) return ERR_PTR(err);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 919) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 920)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 921) ctx->now = ktime_get_real_seconds();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 922) if (search_nested_keyrings(keyring, ctx))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 923) __key_get(key_ref_to_ptr(ctx->result));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 924) return ctx->result;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 925) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 926)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 927) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 928) * keyring_search - Search the supplied keyring tree for a matching key
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 929) * @keyring: The root of the keyring tree to be searched.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 930) * @type: The type of keyring we want to find.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 931) * @description: The name of the keyring we want to find.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 932) * @recurse: True to search the children of @keyring also
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 933) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 934) * As keyring_search_rcu() above, but using the current task's credentials and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 935) * type's default matching function and preferred search method.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 936) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 937) key_ref_t keyring_search(key_ref_t keyring,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 938) struct key_type *type,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 939) const char *description,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 940) bool recurse)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 941) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 942) struct keyring_search_context ctx = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 943) .index_key.type = type,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 944) .index_key.description = description,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 945) .index_key.desc_len = strlen(description),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 946) .cred = current_cred(),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 947) .match_data.cmp = key_default_cmp,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 948) .match_data.raw_data = description,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 949) .match_data.lookup_type = KEYRING_SEARCH_LOOKUP_DIRECT,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 950) .flags = KEYRING_SEARCH_DO_STATE_CHECK,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 951) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 952) key_ref_t key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 953) int ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 954)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 955) if (recurse)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 956) ctx.flags |= KEYRING_SEARCH_RECURSE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 957) if (type->match_preparse) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 958) ret = type->match_preparse(&ctx.match_data);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 959) if (ret < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 960) return ERR_PTR(ret);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 961) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 962)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 963) rcu_read_lock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 964) key = keyring_search_rcu(keyring, &ctx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 965) rcu_read_unlock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 966)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 967) if (type->match_free)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 968) type->match_free(&ctx.match_data);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 969) return key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 970) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 971) EXPORT_SYMBOL(keyring_search);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 972)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 973) static struct key_restriction *keyring_restriction_alloc(
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 974) key_restrict_link_func_t check)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 975) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 976) struct key_restriction *keyres =
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 977) kzalloc(sizeof(struct key_restriction), GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 978)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 979) if (!keyres)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 980) return ERR_PTR(-ENOMEM);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 981)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 982) keyres->check = check;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 983)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 984) return keyres;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 985) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 986)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 987) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 988) * Semaphore to serialise restriction setup to prevent reference count
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 989) * cycles through restriction key pointers.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 990) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 991) static DECLARE_RWSEM(keyring_serialise_restrict_sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 992)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 993) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 994) * Check for restriction cycles that would prevent keyring garbage collection.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 995) * keyring_serialise_restrict_sem must be held.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 996) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 997) static bool keyring_detect_restriction_cycle(const struct key *dest_keyring,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 998) struct key_restriction *keyres)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 999) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1000) while (keyres && keyres->key &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1001) keyres->key->type == &key_type_keyring) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1002) if (keyres->key == dest_keyring)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1003) return true;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1004)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1005) keyres = keyres->key->restrict_link;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1006) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1007)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1008) return false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1009) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1010)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1011) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1012) * keyring_restrict - Look up and apply a restriction to a keyring
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1013) * @keyring_ref: The keyring to be restricted
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1014) * @type: The key type that will provide the restriction checker.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1015) * @restriction: The restriction options to apply to the keyring
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1016) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1017) * Look up a keyring and apply a restriction to it. The restriction is managed
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1018) * by the specific key type, but can be configured by the options specified in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1019) * the restriction string.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1020) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1021) int keyring_restrict(key_ref_t keyring_ref, const char *type,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1022) const char *restriction)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1023) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1024) struct key *keyring;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1025) struct key_type *restrict_type = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1026) struct key_restriction *restrict_link;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1027) int ret = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1028)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1029) keyring = key_ref_to_ptr(keyring_ref);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1030) key_check(keyring);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1031)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1032) if (keyring->type != &key_type_keyring)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1033) return -ENOTDIR;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1034)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1035) if (!type) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1036) restrict_link = keyring_restriction_alloc(restrict_link_reject);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1037) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1038) restrict_type = key_type_lookup(type);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1039)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1040) if (IS_ERR(restrict_type))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1041) return PTR_ERR(restrict_type);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1042)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1043) if (!restrict_type->lookup_restriction) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1044) ret = -ENOENT;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1045) goto error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1046) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1047)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1048) restrict_link = restrict_type->lookup_restriction(restriction);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1049) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1050)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1051) if (IS_ERR(restrict_link)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1052) ret = PTR_ERR(restrict_link);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1053) goto error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1054) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1055)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1056) down_write(&keyring->sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1057) down_write(&keyring_serialise_restrict_sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1058)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1059) if (keyring->restrict_link) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1060) ret = -EEXIST;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1061) } else if (keyring_detect_restriction_cycle(keyring, restrict_link)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1062) ret = -EDEADLK;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1063) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1064) keyring->restrict_link = restrict_link;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1065) notify_key(keyring, NOTIFY_KEY_SETATTR, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1066) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1067)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1068) up_write(&keyring_serialise_restrict_sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1069) up_write(&keyring->sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1070)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1071) if (ret < 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1072) key_put(restrict_link->key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1073) kfree(restrict_link);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1074) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1075)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1076) error:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1077) if (restrict_type)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1078) key_type_put(restrict_type);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1079)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1080) return ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1081) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1082) EXPORT_SYMBOL(keyring_restrict);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1083)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1084) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1085) * Search the given keyring for a key that might be updated.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1086) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1087) * The caller must guarantee that the keyring is a keyring and that the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1088) * permission is granted to modify the keyring as no check is made here. The
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1089) * caller must also hold a lock on the keyring semaphore.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1090) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1091) * Returns a pointer to the found key with usage count incremented if
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1092) * successful and returns NULL if not found. Revoked and invalidated keys are
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1093) * skipped over.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1094) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1095) * If successful, the possession indicator is propagated from the keyring ref
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1096) * to the returned key reference.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1097) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1098) key_ref_t find_key_to_update(key_ref_t keyring_ref,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1099) const struct keyring_index_key *index_key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1100) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1101) struct key *keyring, *key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1102) const void *object;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1103)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1104) keyring = key_ref_to_ptr(keyring_ref);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1105)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1106) kenter("{%d},{%s,%s}",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1107) keyring->serial, index_key->type->name, index_key->description);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1108)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1109) object = assoc_array_find(&keyring->keys, &keyring_assoc_array_ops,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1110) index_key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1111)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1112) if (object)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1113) goto found;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1114)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1115) kleave(" = NULL");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1116) return NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1117)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1118) found:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1119) key = keyring_ptr_to_key(object);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1120) if (key->flags & ((1 << KEY_FLAG_INVALIDATED) |
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1121) (1 << KEY_FLAG_REVOKED))) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1122) kleave(" = NULL [x]");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1123) return NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1124) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1125) __key_get(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1126) kleave(" = {%d}", key->serial);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1127) return make_key_ref(key, is_key_possessed(keyring_ref));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1128) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1129)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1130) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1131) * Find a keyring with the specified name.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1132) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1133) * Only keyrings that have nonzero refcount, are not revoked, and are owned by a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1134) * user in the current user namespace are considered. If @uid_keyring is %true,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1135) * the keyring additionally must have been allocated as a user or user session
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1136) * keyring; otherwise, it must grant Search permission directly to the caller.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1137) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1138) * Returns a pointer to the keyring with the keyring's refcount having being
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1139) * incremented on success. -ENOKEY is returned if a key could not be found.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1140) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1141) struct key *find_keyring_by_name(const char *name, bool uid_keyring)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1142) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1143) struct user_namespace *ns = current_user_ns();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1144) struct key *keyring;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1145)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1146) if (!name)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1147) return ERR_PTR(-EINVAL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1148)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1149) read_lock(&keyring_name_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1150)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1151) /* Search this hash bucket for a keyring with a matching name that
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1152) * grants Search permission and that hasn't been revoked
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1153) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1154) list_for_each_entry(keyring, &ns->keyring_name_list, name_link) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1155) if (!kuid_has_mapping(ns, keyring->user->uid))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1156) continue;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1157)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1158) if (test_bit(KEY_FLAG_REVOKED, &keyring->flags))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1159) continue;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1160)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1161) if (strcmp(keyring->description, name) != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1162) continue;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1163)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1164) if (uid_keyring) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1165) if (!test_bit(KEY_FLAG_UID_KEYRING,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1166) &keyring->flags))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1167) continue;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1168) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1169) if (key_permission(make_key_ref(keyring, 0),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1170) KEY_NEED_SEARCH) < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1171) continue;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1172) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1173)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1174) /* we've got a match but we might end up racing with
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1175) * key_cleanup() if the keyring is currently 'dead'
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1176) * (ie. it has a zero usage count) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1177) if (!refcount_inc_not_zero(&keyring->usage))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1178) continue;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1179) keyring->last_used_at = ktime_get_real_seconds();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1180) goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1181) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1182)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1183) keyring = ERR_PTR(-ENOKEY);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1184) out:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1185) read_unlock(&keyring_name_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1186) return keyring;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1187) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1188)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1189) static int keyring_detect_cycle_iterator(const void *object,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1190) void *iterator_data)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1191) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1192) struct keyring_search_context *ctx = iterator_data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1193) const struct key *key = keyring_ptr_to_key(object);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1194)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1195) kenter("{%d}", key->serial);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1196)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1197) /* We might get a keyring with matching index-key that is nonetheless a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1198) * different keyring. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1199) if (key != ctx->match_data.raw_data)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1200) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1201)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1202) ctx->result = ERR_PTR(-EDEADLK);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1203) return 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1204) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1205)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1206) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1207) * See if a cycle will will be created by inserting acyclic tree B in acyclic
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1208) * tree A at the topmost level (ie: as a direct child of A).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1209) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1210) * Since we are adding B to A at the top level, checking for cycles should just
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1211) * be a matter of seeing if node A is somewhere in tree B.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1212) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1213) static int keyring_detect_cycle(struct key *A, struct key *B)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1214) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1215) struct keyring_search_context ctx = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1216) .index_key = A->index_key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1217) .match_data.raw_data = A,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1218) .match_data.lookup_type = KEYRING_SEARCH_LOOKUP_DIRECT,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1219) .iterator = keyring_detect_cycle_iterator,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1220) .flags = (KEYRING_SEARCH_NO_STATE_CHECK |
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1221) KEYRING_SEARCH_NO_UPDATE_TIME |
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1222) KEYRING_SEARCH_NO_CHECK_PERM |
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1223) KEYRING_SEARCH_DETECT_TOO_DEEP |
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1224) KEYRING_SEARCH_RECURSE),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1225) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1226)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1227) rcu_read_lock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1228) search_nested_keyrings(B, &ctx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1229) rcu_read_unlock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1230) return PTR_ERR(ctx.result) == -EAGAIN ? 0 : PTR_ERR(ctx.result);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1231) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1232)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1233) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1234) * Lock keyring for link.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1235) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1236) int __key_link_lock(struct key *keyring,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1237) const struct keyring_index_key *index_key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1238) __acquires(&keyring->sem)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1239) __acquires(&keyring_serialise_link_lock)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1240) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1241) if (keyring->type != &key_type_keyring)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1242) return -ENOTDIR;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1243)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1244) down_write(&keyring->sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1245)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1246) /* Serialise link/link calls to prevent parallel calls causing a cycle
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1247) * when linking two keyring in opposite orders.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1248) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1249) if (index_key->type == &key_type_keyring)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1250) mutex_lock(&keyring_serialise_link_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1251)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1252) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1253) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1254)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1255) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1256) * Lock keyrings for move (link/unlink combination).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1257) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1258) int __key_move_lock(struct key *l_keyring, struct key *u_keyring,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1259) const struct keyring_index_key *index_key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1260) __acquires(&l_keyring->sem)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1261) __acquires(&u_keyring->sem)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1262) __acquires(&keyring_serialise_link_lock)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1263) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1264) if (l_keyring->type != &key_type_keyring ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1265) u_keyring->type != &key_type_keyring)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1266) return -ENOTDIR;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1267)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1268) /* We have to be very careful here to take the keyring locks in the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1269) * right order, lest we open ourselves to deadlocking against another
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1270) * move operation.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1271) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1272) if (l_keyring < u_keyring) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1273) down_write(&l_keyring->sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1274) down_write_nested(&u_keyring->sem, 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1275) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1276) down_write(&u_keyring->sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1277) down_write_nested(&l_keyring->sem, 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1278) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1279)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1280) /* Serialise link/link calls to prevent parallel calls causing a cycle
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1281) * when linking two keyring in opposite orders.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1282) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1283) if (index_key->type == &key_type_keyring)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1284) mutex_lock(&keyring_serialise_link_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1285)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1286) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1287) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1288)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1289) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1290) * Preallocate memory so that a key can be linked into to a keyring.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1291) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1292) int __key_link_begin(struct key *keyring,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1293) const struct keyring_index_key *index_key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1294) struct assoc_array_edit **_edit)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1295) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1296) struct assoc_array_edit *edit;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1297) int ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1298)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1299) kenter("%d,%s,%s,",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1300) keyring->serial, index_key->type->name, index_key->description);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1301)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1302) BUG_ON(index_key->desc_len == 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1303) BUG_ON(*_edit != NULL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1304)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1305) *_edit = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1306)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1307) ret = -EKEYREVOKED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1308) if (test_bit(KEY_FLAG_REVOKED, &keyring->flags))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1309) goto error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1310)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1311) /* Create an edit script that will insert/replace the key in the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1312) * keyring tree.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1313) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1314) edit = assoc_array_insert(&keyring->keys,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1315) &keyring_assoc_array_ops,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1316) index_key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1317) NULL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1318) if (IS_ERR(edit)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1319) ret = PTR_ERR(edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1320) goto error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1321) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1322)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1323) /* If we're not replacing a link in-place then we're going to need some
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1324) * extra quota.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1325) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1326) if (!edit->dead_leaf) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1327) ret = key_payload_reserve(keyring,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1328) keyring->datalen + KEYQUOTA_LINK_BYTES);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1329) if (ret < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1330) goto error_cancel;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1331) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1332)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1333) *_edit = edit;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1334) kleave(" = 0");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1335) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1336)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1337) error_cancel:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1338) assoc_array_cancel_edit(edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1339) error:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1340) kleave(" = %d", ret);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1341) return ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1342) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1343)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1344) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1345) * Check already instantiated keys aren't going to be a problem.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1346) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1347) * The caller must have called __key_link_begin(). Don't need to call this for
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1348) * keys that were created since __key_link_begin() was called.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1349) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1350) int __key_link_check_live_key(struct key *keyring, struct key *key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1351) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1352) if (key->type == &key_type_keyring)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1353) /* check that we aren't going to create a cycle by linking one
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1354) * keyring to another */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1355) return keyring_detect_cycle(keyring, key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1356) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1357) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1358)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1359) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1360) * Link a key into to a keyring.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1361) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1362) * Must be called with __key_link_begin() having being called. Discards any
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1363) * already extant link to matching key if there is one, so that each keyring
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1364) * holds at most one link to any given key of a particular type+description
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1365) * combination.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1366) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1367) void __key_link(struct key *keyring, struct key *key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1368) struct assoc_array_edit **_edit)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1369) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1370) __key_get(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1371) assoc_array_insert_set_object(*_edit, keyring_key_to_ptr(key));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1372) assoc_array_apply_edit(*_edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1373) *_edit = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1374) notify_key(keyring, NOTIFY_KEY_LINKED, key_serial(key));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1375) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1376)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1377) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1378) * Finish linking a key into to a keyring.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1379) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1380) * Must be called with __key_link_begin() having being called.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1381) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1382) void __key_link_end(struct key *keyring,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1383) const struct keyring_index_key *index_key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1384) struct assoc_array_edit *edit)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1385) __releases(&keyring->sem)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1386) __releases(&keyring_serialise_link_lock)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1387) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1388) BUG_ON(index_key->type == NULL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1389) kenter("%d,%s,", keyring->serial, index_key->type->name);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1390)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1391) if (edit) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1392) if (!edit->dead_leaf) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1393) key_payload_reserve(keyring,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1394) keyring->datalen - KEYQUOTA_LINK_BYTES);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1395) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1396) assoc_array_cancel_edit(edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1397) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1398) up_write(&keyring->sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1399)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1400) if (index_key->type == &key_type_keyring)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1401) mutex_unlock(&keyring_serialise_link_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1402) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1403)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1404) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1405) * Check addition of keys to restricted keyrings.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1406) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1407) static int __key_link_check_restriction(struct key *keyring, struct key *key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1408) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1409) if (!keyring->restrict_link || !keyring->restrict_link->check)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1410) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1411) return keyring->restrict_link->check(keyring, key->type, &key->payload,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1412) keyring->restrict_link->key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1413) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1414)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1415) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1416) * key_link - Link a key to a keyring
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1417) * @keyring: The keyring to make the link in.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1418) * @key: The key to link to.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1419) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1420) * Make a link in a keyring to a key, such that the keyring holds a reference
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1421) * on that key and the key can potentially be found by searching that keyring.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1422) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1423) * This function will write-lock the keyring's semaphore and will consume some
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1424) * of the user's key data quota to hold the link.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1425) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1426) * Returns 0 if successful, -ENOTDIR if the keyring isn't a keyring,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1427) * -EKEYREVOKED if the keyring has been revoked, -ENFILE if the keyring is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1428) * full, -EDQUOT if there is insufficient key data quota remaining to add
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1429) * another link or -ENOMEM if there's insufficient memory.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1430) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1431) * It is assumed that the caller has checked that it is permitted for a link to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1432) * be made (the keyring should have Write permission and the key Link
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1433) * permission).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1434) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1435) int key_link(struct key *keyring, struct key *key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1436) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1437) struct assoc_array_edit *edit = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1438) int ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1439)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1440) kenter("{%d,%d}", keyring->serial, refcount_read(&keyring->usage));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1441)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1442) key_check(keyring);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1443) key_check(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1444)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1445) ret = __key_link_lock(keyring, &key->index_key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1446) if (ret < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1447) goto error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1448)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1449) ret = __key_link_begin(keyring, &key->index_key, &edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1450) if (ret < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1451) goto error_end;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1452)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1453) kdebug("begun {%d,%d}", keyring->serial, refcount_read(&keyring->usage));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1454) ret = __key_link_check_restriction(keyring, key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1455) if (ret == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1456) ret = __key_link_check_live_key(keyring, key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1457) if (ret == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1458) __key_link(keyring, key, &edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1459)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1460) error_end:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1461) __key_link_end(keyring, &key->index_key, edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1462) error:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1463) kleave(" = %d {%d,%d}", ret, keyring->serial, refcount_read(&keyring->usage));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1464) return ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1465) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1466) EXPORT_SYMBOL(key_link);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1467)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1468) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1469) * Lock a keyring for unlink.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1470) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1471) static int __key_unlink_lock(struct key *keyring)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1472) __acquires(&keyring->sem)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1473) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1474) if (keyring->type != &key_type_keyring)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1475) return -ENOTDIR;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1476)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1477) down_write(&keyring->sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1478) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1479) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1480)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1481) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1482) * Begin the process of unlinking a key from a keyring.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1483) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1484) static int __key_unlink_begin(struct key *keyring, struct key *key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1485) struct assoc_array_edit **_edit)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1486) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1487) struct assoc_array_edit *edit;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1488)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1489) BUG_ON(*_edit != NULL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1490)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1491) edit = assoc_array_delete(&keyring->keys, &keyring_assoc_array_ops,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1492) &key->index_key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1493) if (IS_ERR(edit))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1494) return PTR_ERR(edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1495)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1496) if (!edit)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1497) return -ENOENT;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1498)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1499) *_edit = edit;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1500) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1501) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1502)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1503) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1504) * Apply an unlink change.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1505) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1506) static void __key_unlink(struct key *keyring, struct key *key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1507) struct assoc_array_edit **_edit)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1508) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1509) assoc_array_apply_edit(*_edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1510) notify_key(keyring, NOTIFY_KEY_UNLINKED, key_serial(key));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1511) *_edit = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1512) key_payload_reserve(keyring, keyring->datalen - KEYQUOTA_LINK_BYTES);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1513) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1514)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1515) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1516) * Finish unlinking a key from to a keyring.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1517) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1518) static void __key_unlink_end(struct key *keyring,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1519) struct key *key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1520) struct assoc_array_edit *edit)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1521) __releases(&keyring->sem)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1522) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1523) if (edit)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1524) assoc_array_cancel_edit(edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1525) up_write(&keyring->sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1526) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1527)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1528) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1529) * key_unlink - Unlink the first link to a key from a keyring.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1530) * @keyring: The keyring to remove the link from.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1531) * @key: The key the link is to.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1532) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1533) * Remove a link from a keyring to a key.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1534) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1535) * This function will write-lock the keyring's semaphore.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1536) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1537) * Returns 0 if successful, -ENOTDIR if the keyring isn't a keyring, -ENOENT if
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1538) * the key isn't linked to by the keyring or -ENOMEM if there's insufficient
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1539) * memory.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1540) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1541) * It is assumed that the caller has checked that it is permitted for a link to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1542) * be removed (the keyring should have Write permission; no permissions are
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1543) * required on the key).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1544) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1545) int key_unlink(struct key *keyring, struct key *key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1546) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1547) struct assoc_array_edit *edit = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1548) int ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1549)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1550) key_check(keyring);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1551) key_check(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1552)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1553) ret = __key_unlink_lock(keyring);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1554) if (ret < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1555) return ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1556)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1557) ret = __key_unlink_begin(keyring, key, &edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1558) if (ret == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1559) __key_unlink(keyring, key, &edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1560) __key_unlink_end(keyring, key, edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1561) return ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1562) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1563) EXPORT_SYMBOL(key_unlink);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1564)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1565) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1566) * key_move - Move a key from one keyring to another
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1567) * @key: The key to move
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1568) * @from_keyring: The keyring to remove the link from.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1569) * @to_keyring: The keyring to make the link in.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1570) * @flags: Qualifying flags, such as KEYCTL_MOVE_EXCL.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1571) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1572) * Make a link in @to_keyring to a key, such that the keyring holds a reference
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1573) * on that key and the key can potentially be found by searching that keyring
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1574) * whilst simultaneously removing a link to the key from @from_keyring.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1575) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1576) * This function will write-lock both keyring's semaphores and will consume
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1577) * some of the user's key data quota to hold the link on @to_keyring.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1578) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1579) * Returns 0 if successful, -ENOTDIR if either keyring isn't a keyring,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1580) * -EKEYREVOKED if either keyring has been revoked, -ENFILE if the second
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1581) * keyring is full, -EDQUOT if there is insufficient key data quota remaining
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1582) * to add another link or -ENOMEM if there's insufficient memory. If
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1583) * KEYCTL_MOVE_EXCL is set, then -EEXIST will be returned if there's already a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1584) * matching key in @to_keyring.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1585) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1586) * It is assumed that the caller has checked that it is permitted for a link to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1587) * be made (the keyring should have Write permission and the key Link
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1588) * permission).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1589) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1590) int key_move(struct key *key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1591) struct key *from_keyring,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1592) struct key *to_keyring,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1593) unsigned int flags)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1594) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1595) struct assoc_array_edit *from_edit = NULL, *to_edit = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1596) int ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1597)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1598) kenter("%d,%d,%d", key->serial, from_keyring->serial, to_keyring->serial);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1599)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1600) if (from_keyring == to_keyring)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1601) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1602)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1603) key_check(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1604) key_check(from_keyring);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1605) key_check(to_keyring);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1606)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1607) ret = __key_move_lock(from_keyring, to_keyring, &key->index_key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1608) if (ret < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1609) goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1610) ret = __key_unlink_begin(from_keyring, key, &from_edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1611) if (ret < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1612) goto error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1613) ret = __key_link_begin(to_keyring, &key->index_key, &to_edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1614) if (ret < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1615) goto error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1616)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1617) ret = -EEXIST;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1618) if (to_edit->dead_leaf && (flags & KEYCTL_MOVE_EXCL))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1619) goto error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1620)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1621) ret = __key_link_check_restriction(to_keyring, key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1622) if (ret < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1623) goto error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1624) ret = __key_link_check_live_key(to_keyring, key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1625) if (ret < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1626) goto error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1627)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1628) __key_unlink(from_keyring, key, &from_edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1629) __key_link(to_keyring, key, &to_edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1630) error:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1631) __key_link_end(to_keyring, &key->index_key, to_edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1632) __key_unlink_end(from_keyring, key, from_edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1633) out:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1634) kleave(" = %d", ret);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1635) return ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1636) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1637) EXPORT_SYMBOL(key_move);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1638)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1639) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1640) * keyring_clear - Clear a keyring
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1641) * @keyring: The keyring to clear.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1642) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1643) * Clear the contents of the specified keyring.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1644) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1645) * Returns 0 if successful or -ENOTDIR if the keyring isn't a keyring.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1646) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1647) int keyring_clear(struct key *keyring)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1648) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1649) struct assoc_array_edit *edit;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1650) int ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1651)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1652) if (keyring->type != &key_type_keyring)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1653) return -ENOTDIR;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1654)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1655) down_write(&keyring->sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1656)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1657) edit = assoc_array_clear(&keyring->keys, &keyring_assoc_array_ops);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1658) if (IS_ERR(edit)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1659) ret = PTR_ERR(edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1660) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1661) if (edit)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1662) assoc_array_apply_edit(edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1663) notify_key(keyring, NOTIFY_KEY_CLEARED, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1664) key_payload_reserve(keyring, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1665) ret = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1666) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1667)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1668) up_write(&keyring->sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1669) return ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1670) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1671) EXPORT_SYMBOL(keyring_clear);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1672)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1673) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1674) * Dispose of the links from a revoked keyring.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1675) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1676) * This is called with the key sem write-locked.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1677) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1678) static void keyring_revoke(struct key *keyring)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1679) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1680) struct assoc_array_edit *edit;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1681)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1682) edit = assoc_array_clear(&keyring->keys, &keyring_assoc_array_ops);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1683) if (!IS_ERR(edit)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1684) if (edit)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1685) assoc_array_apply_edit(edit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1686) key_payload_reserve(keyring, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1687) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1688) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1689)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1690) static bool keyring_gc_select_iterator(void *object, void *iterator_data)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1691) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1692) struct key *key = keyring_ptr_to_key(object);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1693) time64_t *limit = iterator_data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1694)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1695) if (key_is_dead(key, *limit))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1696) return false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1697) key_get(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1698) return true;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1699) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1700)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1701) static int keyring_gc_check_iterator(const void *object, void *iterator_data)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1702) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1703) const struct key *key = keyring_ptr_to_key(object);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1704) time64_t *limit = iterator_data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1705)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1706) key_check(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1707) return key_is_dead(key, *limit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1708) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1709)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1710) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1711) * Garbage collect pointers from a keyring.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1712) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1713) * Not called with any locks held. The keyring's key struct will not be
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1714) * deallocated under us as only our caller may deallocate it.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1715) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1716) void keyring_gc(struct key *keyring, time64_t limit)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1717) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1718) int result;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1719)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1720) kenter("%x{%s}", keyring->serial, keyring->description ?: "");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1721)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1722) if (keyring->flags & ((1 << KEY_FLAG_INVALIDATED) |
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1723) (1 << KEY_FLAG_REVOKED)))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1724) goto dont_gc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1725)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1726) /* scan the keyring looking for dead keys */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1727) rcu_read_lock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1728) result = assoc_array_iterate(&keyring->keys,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1729) keyring_gc_check_iterator, &limit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1730) rcu_read_unlock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1731) if (result == true)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1732) goto do_gc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1733)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1734) dont_gc:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1735) kleave(" [no gc]");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1736) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1737)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1738) do_gc:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1739) down_write(&keyring->sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1740) assoc_array_gc(&keyring->keys, &keyring_assoc_array_ops,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1741) keyring_gc_select_iterator, &limit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1742) up_write(&keyring->sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1743) kleave(" [gc]");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1744) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1745)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1746) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1747) * Garbage collect restriction pointers from a keyring.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1748) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1749) * Keyring restrictions are associated with a key type, and must be cleaned
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1750) * up if the key type is unregistered. The restriction is altered to always
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1751) * reject additional keys so a keyring cannot be opened up by unregistering
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1752) * a key type.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1753) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1754) * Not called with any keyring locks held. The keyring's key struct will not
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1755) * be deallocated under us as only our caller may deallocate it.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1756) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1757) * The caller is required to hold key_types_sem and dead_type->sem. This is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1758) * fulfilled by key_gc_keytype() holding the locks on behalf of
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1759) * key_garbage_collector(), which it invokes on a workqueue.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1760) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1761) void keyring_restriction_gc(struct key *keyring, struct key_type *dead_type)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1762) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1763) struct key_restriction *keyres;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1764)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1765) kenter("%x{%s}", keyring->serial, keyring->description ?: "");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1766)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1767) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1768) * keyring->restrict_link is only assigned at key allocation time
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1769) * or with the key type locked, so the only values that could be
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1770) * concurrently assigned to keyring->restrict_link are for key
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1771) * types other than dead_type. Given this, it's ok to check
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1772) * the key type before acquiring keyring->sem.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1773) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1774) if (!dead_type || !keyring->restrict_link ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1775) keyring->restrict_link->keytype != dead_type) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1776) kleave(" [no restriction gc]");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1777) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1778) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1779)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1780) /* Lock the keyring to ensure that a link is not in progress */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1781) down_write(&keyring->sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1782)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1783) keyres = keyring->restrict_link;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1784)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1785) keyres->check = restrict_link_reject;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1786)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1787) key_put(keyres->key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1788) keyres->key = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1789) keyres->keytype = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1790)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1791) up_write(&keyring->sem);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1792)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1793) kleave(" [restriction gc]");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1794) }
Orange Pi5 kernel
Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards
3 Commits
0 Branches
0 Tags