1 /* keyring.c: keyring handling 2 * 3 * Copyright (C) 2004-5 Red Hat, Inc. All Rights Reserved. 4 * Written by David Howells (dhowells@redhat.com) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License 8 * as published by the Free Software Foundation; either version 9 * 2 of the License, or (at your option) any later version. 10 */ 11 12 #include <linux/module.h> 13 #include <linux/init.h> 14 #include <linux/sched.h> 15 #include <linux/slab.h> 16 #include <linux/seq_file.h> 17 #include <linux/err.h> 18 #include <asm/uaccess.h> 19 #include "internal.h" 20 21 /* 22 * when plumbing the depths of the key tree, this sets a hard limit set on how 23 * deep we're willing to go 24 */ 25 #define KEYRING_SEARCH_MAX_DEPTH 6 26 27 /* 28 * we keep all named keyrings in a hash to speed looking them up 29 */ 30 #define KEYRING_NAME_HASH_SIZE (1 << 5) 31 32 static struct list_head keyring_name_hash[KEYRING_NAME_HASH_SIZE]; 33 static DEFINE_RWLOCK(keyring_name_lock); 34 35 static inline unsigned keyring_hash(const char *desc) 36 { 37 unsigned bucket = 0; 38 39 for (; *desc; desc++) 40 bucket += (unsigned char) *desc; 41 42 return bucket & (KEYRING_NAME_HASH_SIZE - 1); 43 } 44 45 /* 46 * the keyring type definition 47 */ 48 static int keyring_instantiate(struct key *keyring, 49 const void *data, size_t datalen); 50 static int keyring_duplicate(struct key *keyring, const struct key *source); 51 static int keyring_match(const struct key *keyring, const void *criterion); 52 static void keyring_destroy(struct key *keyring); 53 static void keyring_describe(const struct key *keyring, struct seq_file *m); 54 static long keyring_read(const struct key *keyring, 55 char __user *buffer, size_t buflen); 56 57 struct key_type key_type_keyring = { 58 .name = "keyring", 59 .def_datalen = sizeof(struct keyring_list), 60 .instantiate = keyring_instantiate, 61 .duplicate = keyring_duplicate, 62 .match = keyring_match, 63 .destroy = keyring_destroy, 64 .describe = keyring_describe, 65 .read = keyring_read, 66 }; 67 68 /* 69 * semaphore to serialise link/link calls to prevent two link calls in parallel 70 * introducing a cycle 71 */ 72 DECLARE_RWSEM(keyring_serialise_link_sem); 73 74 /*****************************************************************************/ 75 /* 76 * publish the name of a keyring so that it can be found by name (if it has 77 * one) 78 */ 79 void keyring_publish_name(struct key *keyring) 80 { 81 int bucket; 82 83 if (keyring->description) { 84 bucket = keyring_hash(keyring->description); 85 86 write_lock(&keyring_name_lock); 87 88 if (!keyring_name_hash[bucket].next) 89 INIT_LIST_HEAD(&keyring_name_hash[bucket]); 90 91 list_add_tail(&keyring->type_data.link, 92 &keyring_name_hash[bucket]); 93 94 write_unlock(&keyring_name_lock); 95 } 96 97 } /* end keyring_publish_name() */ 98 99 /*****************************************************************************/ 100 /* 101 * initialise a keyring 102 * - we object if we were given any data 103 */ 104 static int keyring_instantiate(struct key *keyring, 105 const void *data, size_t datalen) 106 { 107 int ret; 108 109 ret = -EINVAL; 110 if (datalen == 0) { 111 /* make the keyring available by name if it has one */ 112 keyring_publish_name(keyring); 113 ret = 0; 114 } 115 116 return ret; 117 118 } /* end keyring_instantiate() */ 119 120 /*****************************************************************************/ 121 /* 122 * duplicate the list of subscribed keys from a source keyring into this one 123 */ 124 static int keyring_duplicate(struct key *keyring, const struct key *source) 125 { 126 struct keyring_list *sklist, *klist; 127 unsigned max; 128 size_t size; 129 int loop, ret; 130 131 const unsigned limit = 132 (PAGE_SIZE - sizeof(*klist)) / sizeof(struct key *); 133 134 ret = 0; 135 136 /* find out how many keys are currently linked */ 137 rcu_read_lock(); 138 sklist = rcu_dereference(source->payload.subscriptions); 139 max = 0; 140 if (sklist) 141 max = sklist->nkeys; 142 rcu_read_unlock(); 143 144 /* allocate a new payload and stuff load with key links */ 145 if (max > 0) { 146 BUG_ON(max > limit); 147 148 max = (max + 3) & ~3; 149 if (max > limit) 150 max = limit; 151 152 ret = -ENOMEM; 153 size = sizeof(*klist) + sizeof(struct key *) * max; 154 klist = kmalloc(size, GFP_KERNEL); 155 if (!klist) 156 goto error; 157 158 /* set links */ 159 rcu_read_lock(); 160 sklist = rcu_dereference(source->payload.subscriptions); 161 162 klist->maxkeys = max; 163 klist->nkeys = sklist->nkeys; 164 memcpy(klist->keys, 165 sklist->keys, 166 sklist->nkeys * sizeof(struct key *)); 167 168 for (loop = klist->nkeys - 1; loop >= 0; loop--) 169 atomic_inc(&klist->keys[loop]->usage); 170 171 rcu_read_unlock(); 172 173 rcu_assign_pointer(keyring->payload.subscriptions, klist); 174 ret = 0; 175 } 176 177 error: 178 return ret; 179 180 } /* end keyring_duplicate() */ 181 182 /*****************************************************************************/ 183 /* 184 * match keyrings on their name 185 */ 186 static int keyring_match(const struct key *keyring, const void *description) 187 { 188 return keyring->description && 189 strcmp(keyring->description, description) == 0; 190 191 } /* end keyring_match() */ 192 193 /*****************************************************************************/ 194 /* 195 * dispose of the data dangling from the corpse of a keyring 196 */ 197 static void keyring_destroy(struct key *keyring) 198 { 199 struct keyring_list *klist; 200 int loop; 201 202 if (keyring->description) { 203 write_lock(&keyring_name_lock); 204 205 if (keyring->type_data.link.next != NULL && 206 !list_empty(&keyring->type_data.link)) 207 list_del(&keyring->type_data.link); 208 209 write_unlock(&keyring_name_lock); 210 } 211 212 klist = rcu_dereference(keyring->payload.subscriptions); 213 if (klist) { 214 for (loop = klist->nkeys - 1; loop >= 0; loop--) 215 key_put(klist->keys[loop]); 216 kfree(klist); 217 } 218 219 } /* end keyring_destroy() */ 220 221 /*****************************************************************************/ 222 /* 223 * describe the keyring 224 */ 225 static void keyring_describe(const struct key *keyring, struct seq_file *m) 226 { 227 struct keyring_list *klist; 228 229 if (keyring->description) { 230 seq_puts(m, keyring->description); 231 } 232 else { 233 seq_puts(m, "[anon]"); 234 } 235 236 rcu_read_lock(); 237 klist = rcu_dereference(keyring->payload.subscriptions); 238 if (klist) 239 seq_printf(m, ": %u/%u", klist->nkeys, klist->maxkeys); 240 else 241 seq_puts(m, ": empty"); 242 rcu_read_unlock(); 243 244 } /* end keyring_describe() */ 245 246 /*****************************************************************************/ 247 /* 248 * read a list of key IDs from the keyring's contents 249 * - the keyring's semaphore is read-locked 250 */ 251 static long keyring_read(const struct key *keyring, 252 char __user *buffer, size_t buflen) 253 { 254 struct keyring_list *klist; 255 struct key *key; 256 size_t qty, tmp; 257 int loop, ret; 258 259 ret = 0; 260 klist = rcu_dereference(keyring->payload.subscriptions); 261 262 if (klist) { 263 /* calculate how much data we could return */ 264 qty = klist->nkeys * sizeof(key_serial_t); 265 266 if (buffer && buflen > 0) { 267 if (buflen > qty) 268 buflen = qty; 269 270 /* copy the IDs of the subscribed keys into the 271 * buffer */ 272 ret = -EFAULT; 273 274 for (loop = 0; loop < klist->nkeys; loop++) { 275 key = klist->keys[loop]; 276 277 tmp = sizeof(key_serial_t); 278 if (tmp > buflen) 279 tmp = buflen; 280 281 if (copy_to_user(buffer, 282 &key->serial, 283 tmp) != 0) 284 goto error; 285 286 buflen -= tmp; 287 if (buflen == 0) 288 break; 289 buffer += tmp; 290 } 291 } 292 293 ret = qty; 294 } 295 296 error: 297 return ret; 298 299 } /* end keyring_read() */ 300 301 /*****************************************************************************/ 302 /* 303 * allocate a keyring and link into the destination keyring 304 */ 305 struct key *keyring_alloc(const char *description, uid_t uid, gid_t gid, 306 int not_in_quota, struct key *dest) 307 { 308 struct key *keyring; 309 int ret; 310 311 keyring = key_alloc(&key_type_keyring, description, 312 uid, gid, KEY_USR_ALL, not_in_quota); 313 314 if (!IS_ERR(keyring)) { 315 ret = key_instantiate_and_link(keyring, NULL, 0, dest, NULL); 316 if (ret < 0) { 317 key_put(keyring); 318 keyring = ERR_PTR(ret); 319 } 320 } 321 322 return keyring; 323 324 } /* end keyring_alloc() */ 325 326 /*****************************************************************************/ 327 /* 328 * search the supplied keyring tree for a key that matches the criterion 329 * - perform a breadth-then-depth search up to the prescribed limit 330 * - we only find keys on which we have search permission 331 * - we use the supplied match function to see if the description (or other 332 * feature of interest) matches 333 * - we rely on RCU to prevent the keyring lists from disappearing on us 334 * - we return -EAGAIN if we didn't find any matching key 335 * - we return -ENOKEY if we only found negative matching keys 336 */ 337 struct key *keyring_search_aux(struct key *keyring, 338 struct task_struct *context, 339 struct key_type *type, 340 const void *description, 341 key_match_func_t match) 342 { 343 struct { 344 struct keyring_list *keylist; 345 int kix; 346 } stack[KEYRING_SEARCH_MAX_DEPTH]; 347 348 struct keyring_list *keylist; 349 struct timespec now; 350 struct key *key; 351 long err; 352 int sp, kix; 353 354 key_check(keyring); 355 356 rcu_read_lock(); 357 358 /* top keyring must have search permission to begin the search */ 359 key = ERR_PTR(-EACCES); 360 if (!key_task_permission(keyring, context, KEY_SEARCH)) 361 goto error; 362 363 key = ERR_PTR(-ENOTDIR); 364 if (keyring->type != &key_type_keyring) 365 goto error; 366 367 now = current_kernel_time(); 368 err = -EAGAIN; 369 sp = 0; 370 371 /* start processing a new keyring */ 372 descend: 373 if (test_bit(KEY_FLAG_REVOKED, &keyring->flags)) 374 goto not_this_keyring; 375 376 keylist = rcu_dereference(keyring->payload.subscriptions); 377 if (!keylist) 378 goto not_this_keyring; 379 380 /* iterate through the keys in this keyring first */ 381 for (kix = 0; kix < keylist->nkeys; kix++) { 382 key = keylist->keys[kix]; 383 384 /* ignore keys not of this type */ 385 if (key->type != type) 386 continue; 387 388 /* skip revoked keys and expired keys */ 389 if (test_bit(KEY_FLAG_REVOKED, &key->flags)) 390 continue; 391 392 if (key->expiry && now.tv_sec >= key->expiry) 393 continue; 394 395 /* keys that don't match */ 396 if (!match(key, description)) 397 continue; 398 399 /* key must have search permissions */ 400 if (!key_task_permission(key, context, KEY_SEARCH)) 401 continue; 402 403 /* we set a different error code if we find a negative key */ 404 if (test_bit(KEY_FLAG_NEGATIVE, &key->flags)) { 405 err = -ENOKEY; 406 continue; 407 } 408 409 goto found; 410 } 411 412 /* search through the keyrings nested in this one */ 413 kix = 0; 414 ascend: 415 for (; kix < keylist->nkeys; kix++) { 416 key = keylist->keys[kix]; 417 if (key->type != &key_type_keyring) 418 continue; 419 420 /* recursively search nested keyrings 421 * - only search keyrings for which we have search permission 422 */ 423 if (sp >= KEYRING_SEARCH_MAX_DEPTH) 424 continue; 425 426 if (!key_task_permission(key, context, KEY_SEARCH)) 427 continue; 428 429 /* stack the current position */ 430 stack[sp].keylist = keylist; 431 stack[sp].kix = kix; 432 sp++; 433 434 /* begin again with the new keyring */ 435 keyring = key; 436 goto descend; 437 } 438 439 /* the keyring we're looking at was disqualified or didn't contain a 440 * matching key */ 441 not_this_keyring: 442 if (sp > 0) { 443 /* resume the processing of a keyring higher up in the tree */ 444 sp--; 445 keylist = stack[sp].keylist; 446 kix = stack[sp].kix + 1; 447 goto ascend; 448 } 449 450 key = ERR_PTR(err); 451 goto error; 452 453 /* we found a viable match */ 454 found: 455 atomic_inc(&key->usage); 456 key_check(key); 457 error: 458 rcu_read_unlock(); 459 return key; 460 461 } /* end keyring_search_aux() */ 462 463 /*****************************************************************************/ 464 /* 465 * search the supplied keyring tree for a key that matches the criterion 466 * - perform a breadth-then-depth search up to the prescribed limit 467 * - we only find keys on which we have search permission 468 * - we readlock the keyrings as we search down the tree 469 * - we return -EAGAIN if we didn't find any matching key 470 * - we return -ENOKEY if we only found negative matching keys 471 */ 472 struct key *keyring_search(struct key *keyring, 473 struct key_type *type, 474 const char *description) 475 { 476 if (!type->match) 477 return ERR_PTR(-ENOKEY); 478 479 return keyring_search_aux(keyring, current, 480 type, description, type->match); 481 482 } /* end keyring_search() */ 483 484 EXPORT_SYMBOL(keyring_search); 485 486 /*****************************************************************************/ 487 /* 488 * search the given keyring only (no recursion) 489 * - keyring must be locked by caller 490 */ 491 struct key *__keyring_search_one(struct key *keyring, 492 const struct key_type *ktype, 493 const char *description, 494 key_perm_t perm) 495 { 496 struct keyring_list *klist; 497 struct key *key; 498 int loop; 499 500 rcu_read_lock(); 501 502 klist = rcu_dereference(keyring->payload.subscriptions); 503 if (klist) { 504 for (loop = 0; loop < klist->nkeys; loop++) { 505 key = klist->keys[loop]; 506 507 if (key->type == ktype && 508 (!key->type->match || 509 key->type->match(key, description)) && 510 key_permission(key, perm) && 511 !test_bit(KEY_FLAG_REVOKED, &key->flags) 512 ) 513 goto found; 514 } 515 } 516 517 key = ERR_PTR(-ENOKEY); 518 goto error; 519 520 found: 521 atomic_inc(&key->usage); 522 error: 523 rcu_read_unlock(); 524 return key; 525 526 } /* end __keyring_search_one() */ 527 528 /*****************************************************************************/ 529 /* 530 * search for an instantiation authorisation key matching a target key 531 * - the RCU read lock must be held by the caller 532 * - a target_id of zero specifies any valid token 533 */ 534 struct key *keyring_search_instkey(struct key *keyring, 535 key_serial_t target_id) 536 { 537 struct request_key_auth *rka; 538 struct keyring_list *klist; 539 struct key *instkey; 540 int loop; 541 542 klist = rcu_dereference(keyring->payload.subscriptions); 543 if (klist) { 544 for (loop = 0; loop < klist->nkeys; loop++) { 545 instkey = klist->keys[loop]; 546 547 if (instkey->type != &key_type_request_key_auth) 548 continue; 549 550 rka = instkey->payload.data; 551 if (target_id && rka->target_key->serial != target_id) 552 continue; 553 554 /* the auth key is revoked during instantiation */ 555 if (!test_bit(KEY_FLAG_REVOKED, &instkey->flags)) 556 goto found; 557 558 instkey = ERR_PTR(-EKEYREVOKED); 559 goto error; 560 } 561 } 562 563 instkey = ERR_PTR(-EACCES); 564 goto error; 565 566 found: 567 atomic_inc(&instkey->usage); 568 error: 569 return instkey; 570 571 } /* end keyring_search_instkey() */ 572 573 /*****************************************************************************/ 574 /* 575 * find a keyring with the specified name 576 * - all named keyrings are searched 577 * - only find keyrings with search permission for the process 578 * - only find keyrings with a serial number greater than the one specified 579 */ 580 struct key *find_keyring_by_name(const char *name, key_serial_t bound) 581 { 582 struct key *keyring; 583 int bucket; 584 585 keyring = ERR_PTR(-EINVAL); 586 if (!name) 587 goto error; 588 589 bucket = keyring_hash(name); 590 591 read_lock(&keyring_name_lock); 592 593 if (keyring_name_hash[bucket].next) { 594 /* search this hash bucket for a keyring with a matching name 595 * that's readable and that hasn't been revoked */ 596 list_for_each_entry(keyring, 597 &keyring_name_hash[bucket], 598 type_data.link 599 ) { 600 if (test_bit(KEY_FLAG_REVOKED, &keyring->flags)) 601 continue; 602 603 if (strcmp(keyring->description, name) != 0) 604 continue; 605 606 if (!key_permission(keyring, KEY_SEARCH)) 607 continue; 608 609 /* found a potential candidate, but we still need to 610 * check the serial number */ 611 if (keyring->serial <= bound) 612 continue; 613 614 /* we've got a match */ 615 atomic_inc(&keyring->usage); 616 read_unlock(&keyring_name_lock); 617 goto error; 618 } 619 } 620 621 read_unlock(&keyring_name_lock); 622 keyring = ERR_PTR(-ENOKEY); 623 624 error: 625 return keyring; 626 627 } /* end find_keyring_by_name() */ 628 629 /*****************************************************************************/ 630 /* 631 * see if a cycle will will be created by inserting acyclic tree B in acyclic 632 * tree A at the topmost level (ie: as a direct child of A) 633 * - since we are adding B to A at the top level, checking for cycles should 634 * just be a matter of seeing if node A is somewhere in tree B 635 */ 636 static int keyring_detect_cycle(struct key *A, struct key *B) 637 { 638 struct { 639 struct keyring_list *keylist; 640 int kix; 641 } stack[KEYRING_SEARCH_MAX_DEPTH]; 642 643 struct keyring_list *keylist; 644 struct key *subtree, *key; 645 int sp, kix, ret; 646 647 rcu_read_lock(); 648 649 ret = -EDEADLK; 650 if (A == B) 651 goto cycle_detected; 652 653 subtree = B; 654 sp = 0; 655 656 /* start processing a new keyring */ 657 descend: 658 if (test_bit(KEY_FLAG_REVOKED, &subtree->flags)) 659 goto not_this_keyring; 660 661 keylist = rcu_dereference(subtree->payload.subscriptions); 662 if (!keylist) 663 goto not_this_keyring; 664 kix = 0; 665 666 ascend: 667 /* iterate through the remaining keys in this keyring */ 668 for (; kix < keylist->nkeys; kix++) { 669 key = keylist->keys[kix]; 670 671 if (key == A) 672 goto cycle_detected; 673 674 /* recursively check nested keyrings */ 675 if (key->type == &key_type_keyring) { 676 if (sp >= KEYRING_SEARCH_MAX_DEPTH) 677 goto too_deep; 678 679 /* stack the current position */ 680 stack[sp].keylist = keylist; 681 stack[sp].kix = kix; 682 sp++; 683 684 /* begin again with the new keyring */ 685 subtree = key; 686 goto descend; 687 } 688 } 689 690 /* the keyring we're looking at was disqualified or didn't contain a 691 * matching key */ 692 not_this_keyring: 693 if (sp > 0) { 694 /* resume the checking of a keyring higher up in the tree */ 695 sp--; 696 keylist = stack[sp].keylist; 697 kix = stack[sp].kix + 1; 698 goto ascend; 699 } 700 701 ret = 0; /* no cycles detected */ 702 703 error: 704 rcu_read_unlock(); 705 return ret; 706 707 too_deep: 708 ret = -ELOOP; 709 goto error; 710 711 cycle_detected: 712 ret = -EDEADLK; 713 goto error; 714 715 } /* end keyring_detect_cycle() */ 716 717 /*****************************************************************************/ 718 /* 719 * dispose of a keyring list after the RCU grace period 720 */ 721 static void keyring_link_rcu_disposal(struct rcu_head *rcu) 722 { 723 struct keyring_list *klist = 724 container_of(rcu, struct keyring_list, rcu); 725 726 kfree(klist); 727 728 } /* end keyring_link_rcu_disposal() */ 729 730 /*****************************************************************************/ 731 /* 732 * link a key into to a keyring 733 * - must be called with the keyring's semaphore write-locked 734 */ 735 int __key_link(struct key *keyring, struct key *key) 736 { 737 struct keyring_list *klist, *nklist; 738 unsigned max; 739 size_t size; 740 int ret; 741 742 ret = -EKEYREVOKED; 743 if (test_bit(KEY_FLAG_REVOKED, &keyring->flags)) 744 goto error; 745 746 ret = -ENOTDIR; 747 if (keyring->type != &key_type_keyring) 748 goto error; 749 750 /* serialise link/link calls to prevent parallel calls causing a 751 * cycle when applied to two keyring in opposite orders */ 752 down_write(&keyring_serialise_link_sem); 753 754 /* check that we aren't going to create a cycle adding one keyring to 755 * another */ 756 if (key->type == &key_type_keyring) { 757 ret = keyring_detect_cycle(keyring, key); 758 if (ret < 0) 759 goto error2; 760 } 761 762 /* check that we aren't going to overrun the user's quota */ 763 ret = key_payload_reserve(keyring, 764 keyring->datalen + KEYQUOTA_LINK_BYTES); 765 if (ret < 0) 766 goto error2; 767 768 klist = keyring->payload.subscriptions; 769 770 if (klist && klist->nkeys < klist->maxkeys) { 771 /* there's sufficient slack space to add directly */ 772 atomic_inc(&key->usage); 773 774 klist->keys[klist->nkeys] = key; 775 smp_wmb(); 776 klist->nkeys++; 777 smp_wmb(); 778 779 ret = 0; 780 } 781 else { 782 /* grow the key list */ 783 max = 4; 784 if (klist) 785 max += klist->maxkeys; 786 787 ret = -ENFILE; 788 if (max > 65535) 789 goto error3; 790 size = sizeof(*klist) + sizeof(struct key *) * max; 791 if (size > PAGE_SIZE) 792 goto error3; 793 794 ret = -ENOMEM; 795 nklist = kmalloc(size, GFP_KERNEL); 796 if (!nklist) 797 goto error3; 798 nklist->maxkeys = max; 799 nklist->nkeys = 0; 800 801 if (klist) { 802 nklist->nkeys = klist->nkeys; 803 memcpy(nklist->keys, 804 klist->keys, 805 sizeof(struct key *) * klist->nkeys); 806 } 807 808 /* add the key into the new space */ 809 atomic_inc(&key->usage); 810 nklist->keys[nklist->nkeys++] = key; 811 812 rcu_assign_pointer(keyring->payload.subscriptions, nklist); 813 814 /* dispose of the old keyring list */ 815 if (klist) 816 call_rcu(&klist->rcu, keyring_link_rcu_disposal); 817 818 ret = 0; 819 } 820 821 error2: 822 up_write(&keyring_serialise_link_sem); 823 error: 824 return ret; 825 826 error3: 827 /* undo the quota changes */ 828 key_payload_reserve(keyring, 829 keyring->datalen - KEYQUOTA_LINK_BYTES); 830 goto error2; 831 832 } /* end __key_link() */ 833 834 /*****************************************************************************/ 835 /* 836 * link a key to a keyring 837 */ 838 int key_link(struct key *keyring, struct key *key) 839 { 840 int ret; 841 842 key_check(keyring); 843 key_check(key); 844 845 down_write(&keyring->sem); 846 ret = __key_link(keyring, key); 847 up_write(&keyring->sem); 848 849 return ret; 850 851 } /* end key_link() */ 852 853 EXPORT_SYMBOL(key_link); 854 855 /*****************************************************************************/ 856 /* 857 * dispose of a keyring list after the RCU grace period, freeing the unlinked 858 * key 859 */ 860 static void keyring_unlink_rcu_disposal(struct rcu_head *rcu) 861 { 862 struct keyring_list *klist = 863 container_of(rcu, struct keyring_list, rcu); 864 865 key_put(klist->keys[klist->delkey]); 866 kfree(klist); 867 868 } /* end keyring_unlink_rcu_disposal() */ 869 870 /*****************************************************************************/ 871 /* 872 * unlink the first link to a key from a keyring 873 */ 874 int key_unlink(struct key *keyring, struct key *key) 875 { 876 struct keyring_list *klist, *nklist; 877 int loop, ret; 878 879 key_check(keyring); 880 key_check(key); 881 882 ret = -ENOTDIR; 883 if (keyring->type != &key_type_keyring) 884 goto error; 885 886 down_write(&keyring->sem); 887 888 klist = keyring->payload.subscriptions; 889 if (klist) { 890 /* search the keyring for the key */ 891 for (loop = 0; loop < klist->nkeys; loop++) 892 if (klist->keys[loop] == key) 893 goto key_is_present; 894 } 895 896 up_write(&keyring->sem); 897 ret = -ENOENT; 898 goto error; 899 900 key_is_present: 901 /* we need to copy the key list for RCU purposes */ 902 nklist = kmalloc(sizeof(*klist) + 903 sizeof(struct key *) * klist->maxkeys, 904 GFP_KERNEL); 905 if (!nklist) 906 goto nomem; 907 nklist->maxkeys = klist->maxkeys; 908 nklist->nkeys = klist->nkeys - 1; 909 910 if (loop > 0) 911 memcpy(&nklist->keys[0], 912 &klist->keys[0], 913 loop * sizeof(struct key *)); 914 915 if (loop < nklist->nkeys) 916 memcpy(&nklist->keys[loop], 917 &klist->keys[loop + 1], 918 (nklist->nkeys - loop) * sizeof(struct key *)); 919 920 /* adjust the user's quota */ 921 key_payload_reserve(keyring, 922 keyring->datalen - KEYQUOTA_LINK_BYTES); 923 924 rcu_assign_pointer(keyring->payload.subscriptions, nklist); 925 926 up_write(&keyring->sem); 927 928 /* schedule for later cleanup */ 929 klist->delkey = loop; 930 call_rcu(&klist->rcu, keyring_unlink_rcu_disposal); 931 932 ret = 0; 933 934 error: 935 return ret; 936 nomem: 937 ret = -ENOMEM; 938 up_write(&keyring->sem); 939 goto error; 940 941 } /* end key_unlink() */ 942 943 EXPORT_SYMBOL(key_unlink); 944 945 /*****************************************************************************/ 946 /* 947 * dispose of a keyring list after the RCU grace period, releasing the keys it 948 * links to 949 */ 950 static void keyring_clear_rcu_disposal(struct rcu_head *rcu) 951 { 952 struct keyring_list *klist; 953 int loop; 954 955 klist = container_of(rcu, struct keyring_list, rcu); 956 957 for (loop = klist->nkeys - 1; loop >= 0; loop--) 958 key_put(klist->keys[loop]); 959 960 kfree(klist); 961 962 } /* end keyring_clear_rcu_disposal() */ 963 964 /*****************************************************************************/ 965 /* 966 * clear the specified process keyring 967 * - implements keyctl(KEYCTL_CLEAR) 968 */ 969 int keyring_clear(struct key *keyring) 970 { 971 struct keyring_list *klist; 972 int ret; 973 974 ret = -ENOTDIR; 975 if (keyring->type == &key_type_keyring) { 976 /* detach the pointer block with the locks held */ 977 down_write(&keyring->sem); 978 979 klist = keyring->payload.subscriptions; 980 if (klist) { 981 /* adjust the quota */ 982 key_payload_reserve(keyring, 983 sizeof(struct keyring_list)); 984 985 rcu_assign_pointer(keyring->payload.subscriptions, 986 NULL); 987 } 988 989 up_write(&keyring->sem); 990 991 /* free the keys after the locks have been dropped */ 992 if (klist) 993 call_rcu(&klist->rcu, keyring_clear_rcu_disposal); 994 995 ret = 0; 996 } 997 998 return ret; 999 1000 } /* end keyring_clear() */ 1001 1002 EXPORT_SYMBOL(keyring_clear); 1003