22  * Allocate a key to use as a placeholder for anonymous user security.
26 	struct key *key;  in afs_alloc_anon_key()  local
29 	key = cell->anonymous_key;  in afs_alloc_anon_key()
30 	if (!key) {  in afs_alloc_anon_key()
31 		key = rxrpc_get_null_key(cell->key_desc);  in afs_alloc_anon_key()
32 		if (!IS_ERR(key))  in afs_alloc_anon_key()
33 			cell->anonymous_key = key;  in afs_alloc_anon_key()
37 	if (IS_ERR(key))  in afs_alloc_anon_key()
38 		return PTR_ERR(key);  in afs_alloc_anon_key()
40 	_debug("anon key %p{%x}",  in afs_alloc_anon_key()
46  * get a key
48 struct key *afs_request_key(struct afs_cell *cell)  in afs_request_key()
50 	struct key *key;  in afs_request_key()  local
55 	_debug("key %s", cell->key_desc);  in afs_request_key()
56 	key = request_key_net(&key_type_rxrpc, cell->key_desc,  in afs_request_key()
58 	if (IS_ERR(key)) {  in afs_request_key()
59 		if (PTR_ERR(key) != -ENOKEY) {  in afs_request_key()
60 			_leave(" = %ld", PTR_ERR(key));  in afs_request_key()
61 			return key;  in afs_request_key()
75 		_leave(" = {%x} [auth]", key_serial(key));  in afs_request_key()
76 		return key;  in afs_request_key()
81  * Get a key when pathwalk is in rcuwalk mode.
83 struct key *afs_request_key_rcu(struct afs_cell *cell)  in afs_request_key_rcu()
85 	struct key *key;  in afs_request_key_rcu()  local
89 	_debug("key %s", cell->key_desc);  in afs_request_key_rcu()
90 	key = request_key_net_rcu(&key_type_rxrpc, cell->key_desc,  in afs_request_key_rcu()
92 	if (IS_ERR(key)) {  in afs_request_key_rcu()
93 		if (PTR_ERR(key) != -ENOKEY) {  in afs_request_key_rcu()
94 			_leave(" = %ld", PTR_ERR(key));  in afs_request_key_rcu()
95 			return key;  in afs_request_key_rcu()
105 		_leave(" = {%x} [auth]", key_serial(key));  in afs_request_key_rcu()
106 		return key;  in afs_request_key_rcu()
120 		key_put(permits->permits[i].key);  in afs_permits_rcu()
163 		h += (unsigned long)permits->permits[i].key / sizeof(void *);  in afs_hash_permits()
172  * that returned a vnode status for a particular key.  If a callback break
176 void afs_cache_permit(struct afs_vnode *vnode, struct key *key,  in afs_cache_permit()  argument
186 	       vnode->fid.vid, vnode->fid.vnode, key_serial(key), caller_access);  in afs_cache_permit()
197 				if (permits->permits[i].key < key)  in afs_cache_permit()
199 				if (permits->permits[i].key > key)  in afs_cache_permit()
251 	 * We fill in the key pointers at this time, but we don't get the refs  in afs_cache_permit()
264 			if (j == i && permits->permits[i].key > key) {  in afs_cache_permit()
265 				new->permits[j].key = key;  in afs_cache_permit()
269 			new->permits[j].key = permits->permits[i].key;  in afs_cache_permit()
276 		new->permits[j].key = key;  in afs_cache_permit()
302 		key_get(new->permits[i].key);  in afs_cache_permit()
336 static bool afs_check_permit_rcu(struct afs_vnode *vnode, struct key *key,  in afs_check_permit_rcu()  argument
343 	       vnode->fid.vid, vnode->fid.vnode, key_serial(key));  in afs_check_permit_rcu()
346 	if (key == vnode->volume->cell->anonymous_key) {  in afs_check_permit_rcu()
355 			if (permits->permits[i].key < key)  in afs_check_permit_rcu()
357 			if (permits->permits[i].key > key)  in afs_check_permit_rcu()
375 int afs_check_permit(struct afs_vnode *vnode, struct key *key,  in afs_check_permit()  argument
383 	       vnode->fid.vid, vnode->fid.vnode, key_serial(key));  in afs_check_permit()
386 	if (key == vnode->volume->cell->anonymous_key) {  in afs_check_permit()
395 				if (permits->permits[i].key < key)  in afs_check_permit()
397 				if (permits->permits[i].key > key)  in afs_check_permit()
414 		ret = afs_fetch_status(vnode, key, false, _access);  in afs_check_permit()
436 	struct key *key;  in afs_permission()  local
443 		key = afs_request_key_rcu(vnode->volume->cell);  in afs_permission()
444 		if (IS_ERR_OR_NULL(key))  in afs_permission()
449 		    !afs_check_permit_rcu(vnode, key, &access))  in afs_permission()
452 		key = afs_request_key(vnode->volume->cell);  in afs_permission()
453 		if (IS_ERR(key)) {  in afs_permission()
454 			_leave(" = %ld [key]", PTR_ERR(key));  in afs_permission()
455 			return PTR_ERR(key);  in afs_permission()
458 		ret = afs_validate(vnode, key);  in afs_permission()
463 		ret = afs_check_permit(vnode, key, &access);  in afs_permission()
501 	key_put(key);  in afs_permission()
508 	key_put(key);  in afs_permission()