1 /* keyring.c: keyring handling 2 * 3 * Copyright (C) 2004-5 Red Hat, Inc. All Rights Reserved. 4 * Written by David Howells (dhowells@redhat.com) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License 8 * as published by the Free Software Foundation; either version 9 * 2 of the License, or (at your option) any later version. 10 */ 11 12 #include <linux/module.h> 13 #include <linux/init.h> 14 #include <linux/sched.h> 15 #include <linux/slab.h> 16 #include <linux/seq_file.h> 17 #include <linux/err.h> 18 #include <asm/uaccess.h> 19 #include "internal.h" 20 21 /* 22 * when plumbing the depths of the key tree, this sets a hard limit set on how 23 * deep we're willing to go 24 */ 25 #define KEYRING_SEARCH_MAX_DEPTH 6 26 27 /* 28 * we keep all named keyrings in a hash to speed looking them up 29 */ 30 #define KEYRING_NAME_HASH_SIZE (1 << 5) 31 32 static struct list_head keyring_name_hash[KEYRING_NAME_HASH_SIZE]; 33 static DEFINE_RWLOCK(keyring_name_lock); 34 35 static inline unsigned keyring_hash(const char *desc) 36 { 37 unsigned bucket = 0; 38 39 for (; *desc; desc++) 40 bucket += (unsigned char) *desc; 41 42 return bucket & (KEYRING_NAME_HASH_SIZE - 1); 43 } 44 45 /* 46 * the keyring type definition 47 */ 48 static int keyring_instantiate(struct key *keyring, 49 const void *data, size_t datalen); 50 static int keyring_duplicate(struct key *keyring, const struct key *source); 51 static int keyring_match(const struct key *keyring, const void *criterion); 52 static void keyring_destroy(struct key *keyring); 53 static void keyring_describe(const struct key *keyring, struct seq_file *m); 54 static long keyring_read(const struct key *keyring, 55 char __user *buffer, size_t buflen); 56 57 struct key_type key_type_keyring = { 58 .name = "keyring", 59 .def_datalen = sizeof(struct keyring_list), 60 .instantiate = keyring_instantiate, 61 .duplicate = keyring_duplicate, 62 .match = keyring_match, 63 .destroy = keyring_destroy, 64 .describe = keyring_describe, 65 .read = keyring_read, 66 }; 67 68 /* 69 * semaphore to serialise link/link calls to prevent two link calls in parallel 70 * introducing a cycle 71 */ 72 DECLARE_RWSEM(keyring_serialise_link_sem); 73 74 /*****************************************************************************/ 75 /* 76 * publish the name of a keyring so that it can be found by name (if it has 77 * one) 78 */ 79 void keyring_publish_name(struct key *keyring) 80 { 81 int bucket; 82 83 if (keyring->description) { 84 bucket = keyring_hash(keyring->description); 85 86 write_lock(&keyring_name_lock); 87 88 if (!keyring_name_hash[bucket].next) 89 INIT_LIST_HEAD(&keyring_name_hash[bucket]); 90 91 list_add_tail(&keyring->type_data.link, 92 &keyring_name_hash[bucket]); 93 94 write_unlock(&keyring_name_lock); 95 } 96 97 } /* end keyring_publish_name() */ 98 99 /*****************************************************************************/ 100 /* 101 * initialise a keyring 102 * - we object if we were given any data 103 */ 104 static int keyring_instantiate(struct key *keyring, 105 const void *data, size_t datalen) 106 { 107 int ret; 108 109 ret = -EINVAL; 110 if (datalen == 0) { 111 /* make the keyring available by name if it has one */ 112 keyring_publish_name(keyring); 113 ret = 0; 114 } 115 116 return ret; 117 118 } /* end keyring_instantiate() */ 119 120 /*****************************************************************************/ 121 /* 122 * duplicate the list of subscribed keys from a source keyring into this one 123 */ 124 static int keyring_duplicate(struct key *keyring, const struct key *source) 125 { 126 struct keyring_list *sklist, *klist; 127 unsigned max; 128 size_t size; 129 int loop, ret; 130 131 const unsigned limit = 132 (PAGE_SIZE - sizeof(*klist)) / sizeof(struct key *); 133 134 ret = 0; 135 136 /* find out how many keys are currently linked */ 137 rcu_read_lock(); 138 sklist = rcu_dereference(source->payload.subscriptions); 139 max = 0; 140 if (sklist) 141 max = sklist->nkeys; 142 rcu_read_unlock(); 143 144 /* allocate a new payload and stuff load with key links */ 145 if (max > 0) { 146 BUG_ON(max > limit); 147 148 max = (max + 3) & ~3; 149 if (max > limit) 150 max = limit; 151 152 ret = -ENOMEM; 153 size = sizeof(*klist) + sizeof(struct key *) * max; 154 klist = kmalloc(size, GFP_KERNEL); 155 if (!klist) 156 goto error; 157 158 /* set links */ 159 rcu_read_lock(); 160 sklist = rcu_dereference(source->payload.subscriptions); 161 162 klist->maxkeys = max; 163 klist->nkeys = sklist->nkeys; 164 memcpy(klist->keys, 165 sklist->keys, 166 sklist->nkeys * sizeof(struct key *)); 167 168 for (loop = klist->nkeys - 1; loop >= 0; loop--) 169 atomic_inc(&klist->keys[loop]->usage); 170 171 rcu_read_unlock(); 172 173 rcu_assign_pointer(keyring->payload.subscriptions, klist); 174 ret = 0; 175 } 176 177 error: 178 return ret; 179 180 } /* end keyring_duplicate() */ 181 182 /*****************************************************************************/ 183 /* 184 * match keyrings on their name 185 */ 186 static int keyring_match(const struct key *keyring, const void *description) 187 { 188 return keyring->description && 189 strcmp(keyring->description, description) == 0; 190 191 } /* end keyring_match() */ 192 193 /*****************************************************************************/ 194 /* 195 * dispose of the data dangling from the corpse of a keyring 196 */ 197 static void keyring_destroy(struct key *keyring) 198 { 199 struct keyring_list *klist; 200 int loop; 201 202 if (keyring->description) { 203 write_lock(&keyring_name_lock); 204 205 if (keyring->type_data.link.next != NULL && 206 !list_empty(&keyring->type_data.link)) 207 list_del(&keyring->type_data.link); 208 209 write_unlock(&keyring_name_lock); 210 } 211 212 klist = rcu_dereference(keyring->payload.subscriptions); 213 if (klist) { 214 for (loop = klist->nkeys - 1; loop >= 0; loop--) 215 key_put(klist->keys[loop]); 216 kfree(klist); 217 } 218 219 } /* end keyring_destroy() */ 220 221 /*****************************************************************************/ 222 /* 223 * describe the keyring 224 */ 225 static void keyring_describe(const struct key *keyring, struct seq_file *m) 226 { 227 struct keyring_list *klist; 228 229 if (keyring->description) { 230 seq_puts(m, keyring->description); 231 } 232 else { 233 seq_puts(m, "[anon]"); 234 } 235 236 rcu_read_lock(); 237 klist = rcu_dereference(keyring->payload.subscriptions); 238 if (klist) 239 seq_printf(m, ": %u/%u", klist->nkeys, klist->maxkeys); 240 else 241 seq_puts(m, ": empty"); 242 rcu_read_unlock(); 243 244 } /* end keyring_describe() */ 245 246 /*****************************************************************************/ 247 /* 248 * read a list of key IDs from the keyring's contents 249 * - the keyring's semaphore is read-locked 250 */ 251 static long keyring_read(const struct key *keyring, 252 char __user *buffer, size_t buflen) 253 { 254 struct keyring_list *klist; 255 struct key *key; 256 size_t qty, tmp; 257 int loop, ret; 258 259 ret = 0; 260 klist = rcu_dereference(keyring->payload.subscriptions); 261 262 if (klist) { 263 /* calculate how much data we could return */ 264 qty = klist->nkeys * sizeof(key_serial_t); 265 266 if (buffer && buflen > 0) { 267 if (buflen > qty) 268 buflen = qty; 269 270 /* copy the IDs of the subscribed keys into the 271 * buffer */ 272 ret = -EFAULT; 273 274 for (loop = 0; loop < klist->nkeys; loop++) { 275 key = klist->keys[loop]; 276 277 tmp = sizeof(key_serial_t); 278 if (tmp > buflen) 279 tmp = buflen; 280 281 if (copy_to_user(buffer, 282 &key->serial, 283 tmp) != 0) 284 goto error; 285 286 buflen -= tmp; 287 if (buflen == 0) 288 break; 289 buffer += tmp; 290 } 291 } 292 293 ret = qty; 294 } 295 296 error: 297 return ret; 298 299 } /* end keyring_read() */ 300 301 /*****************************************************************************/ 302 /* 303 * allocate a keyring and link into the destination keyring 304 */ 305 struct key *keyring_alloc(const char *description, uid_t uid, gid_t gid, 306 int not_in_quota, struct key *dest) 307 { 308 struct key *keyring; 309 int ret; 310 311 keyring = key_alloc(&key_type_keyring, description, 312 uid, gid, KEY_POS_ALL | KEY_USR_ALL, not_in_quota); 313 314 if (!IS_ERR(keyring)) { 315 ret = key_instantiate_and_link(keyring, NULL, 0, dest, NULL); 316 if (ret < 0) { 317 key_put(keyring); 318 keyring = ERR_PTR(ret); 319 } 320 } 321 322 return keyring; 323 324 } /* end keyring_alloc() */ 325 326 /*****************************************************************************/ 327 /* 328 * search the supplied keyring tree for a key that matches the criterion 329 * - perform a breadth-then-depth search up to the prescribed limit 330 * - we only find keys on which we have search permission 331 * - we use the supplied match function to see if the description (or other 332 * feature of interest) matches 333 * - we rely on RCU to prevent the keyring lists from disappearing on us 334 * - we return -EAGAIN if we didn't find any matching key 335 * - we return -ENOKEY if we only found negative matching keys 336 * - we propagate the possession attribute from the keyring ref to the key ref 337 */ 338 key_ref_t keyring_search_aux(key_ref_t keyring_ref, 339 struct task_struct *context, 340 struct key_type *type, 341 const void *description, 342 key_match_func_t match) 343 { 344 struct { 345 struct keyring_list *keylist; 346 int kix; 347 } stack[KEYRING_SEARCH_MAX_DEPTH]; 348 349 struct keyring_list *keylist; 350 struct timespec now; 351 unsigned long possessed; 352 struct key *keyring, *key; 353 key_ref_t key_ref; 354 long err; 355 int sp, kix; 356 357 keyring = key_ref_to_ptr(keyring_ref); 358 possessed = is_key_possessed(keyring_ref); 359 key_check(keyring); 360 361 /* top keyring must have search permission to begin the search */ 362 key_ref = ERR_PTR(-EACCES); 363 if (!key_task_permission(keyring_ref, context, KEY_SEARCH)) 364 goto error; 365 366 key_ref = ERR_PTR(-ENOTDIR); 367 if (keyring->type != &key_type_keyring) 368 goto error; 369 370 rcu_read_lock(); 371 372 now = current_kernel_time(); 373 err = -EAGAIN; 374 sp = 0; 375 376 /* start processing a new keyring */ 377 descend: 378 if (test_bit(KEY_FLAG_REVOKED, &keyring->flags)) 379 goto not_this_keyring; 380 381 keylist = rcu_dereference(keyring->payload.subscriptions); 382 if (!keylist) 383 goto not_this_keyring; 384 385 /* iterate through the keys in this keyring first */ 386 for (kix = 0; kix < keylist->nkeys; kix++) { 387 key = keylist->keys[kix]; 388 389 /* ignore keys not of this type */ 390 if (key->type != type) 391 continue; 392 393 /* skip revoked keys and expired keys */ 394 if (test_bit(KEY_FLAG_REVOKED, &key->flags)) 395 continue; 396 397 if (key->expiry && now.tv_sec >= key->expiry) 398 continue; 399 400 /* keys that don't match */ 401 if (!match(key, description)) 402 continue; 403 404 /* key must have search permissions */ 405 if (!key_task_permission(make_key_ref(key, possessed), 406 context, KEY_SEARCH)) 407 continue; 408 409 /* we set a different error code if we find a negative key */ 410 if (test_bit(KEY_FLAG_NEGATIVE, &key->flags)) { 411 err = -ENOKEY; 412 continue; 413 } 414 415 goto found; 416 } 417 418 /* search through the keyrings nested in this one */ 419 kix = 0; 420 ascend: 421 for (; kix < keylist->nkeys; kix++) { 422 key = keylist->keys[kix]; 423 if (key->type != &key_type_keyring) 424 continue; 425 426 /* recursively search nested keyrings 427 * - only search keyrings for which we have search permission 428 */ 429 if (sp >= KEYRING_SEARCH_MAX_DEPTH) 430 continue; 431 432 if (!key_task_permission(make_key_ref(key, possessed), 433 context, KEY_SEARCH)) 434 continue; 435 436 /* stack the current position */ 437 stack[sp].keylist = keylist; 438 stack[sp].kix = kix; 439 sp++; 440 441 /* begin again with the new keyring */ 442 keyring = key; 443 goto descend; 444 } 445 446 /* the keyring we're looking at was disqualified or didn't contain a 447 * matching key */ 448 not_this_keyring: 449 if (sp > 0) { 450 /* resume the processing of a keyring higher up in the tree */ 451 sp--; 452 keylist = stack[sp].keylist; 453 kix = stack[sp].kix + 1; 454 goto ascend; 455 } 456 457 key_ref = ERR_PTR(err); 458 goto error_2; 459 460 /* we found a viable match */ 461 found: 462 atomic_inc(&key->usage); 463 key_check(key); 464 key_ref = make_key_ref(key, possessed); 465 error_2: 466 rcu_read_unlock(); 467 error: 468 return key_ref; 469 470 } /* end keyring_search_aux() */ 471 472 /*****************************************************************************/ 473 /* 474 * search the supplied keyring tree for a key that matches the criterion 475 * - perform a breadth-then-depth search up to the prescribed limit 476 * - we only find keys on which we have search permission 477 * - we readlock the keyrings as we search down the tree 478 * - we return -EAGAIN if we didn't find any matching key 479 * - we return -ENOKEY if we only found negative matching keys 480 */ 481 key_ref_t keyring_search(key_ref_t keyring, 482 struct key_type *type, 483 const char *description) 484 { 485 if (!type->match) 486 return ERR_PTR(-ENOKEY); 487 488 return keyring_search_aux(keyring, current, 489 type, description, type->match); 490 491 } /* end keyring_search() */ 492 493 EXPORT_SYMBOL(keyring_search); 494 495 /*****************************************************************************/ 496 /* 497 * search the given keyring only (no recursion) 498 * - keyring must be locked by caller 499 */ 500 key_ref_t __keyring_search_one(key_ref_t keyring_ref, 501 const struct key_type *ktype, 502 const char *description, 503 key_perm_t perm) 504 { 505 struct keyring_list *klist; 506 unsigned long possessed; 507 struct key *keyring, *key; 508 int loop; 509 510 keyring = key_ref_to_ptr(keyring_ref); 511 possessed = is_key_possessed(keyring_ref); 512 513 rcu_read_lock(); 514 515 klist = rcu_dereference(keyring->payload.subscriptions); 516 if (klist) { 517 for (loop = 0; loop < klist->nkeys; loop++) { 518 key = klist->keys[loop]; 519 520 if (key->type == ktype && 521 (!key->type->match || 522 key->type->match(key, description)) && 523 key_permission(make_key_ref(key, possessed), 524 perm) && 525 !test_bit(KEY_FLAG_REVOKED, &key->flags) 526 ) 527 goto found; 528 } 529 } 530 531 rcu_read_unlock(); 532 return ERR_PTR(-ENOKEY); 533 534 found: 535 atomic_inc(&key->usage); 536 rcu_read_unlock(); 537 return make_key_ref(key, possessed); 538 539 } /* end __keyring_search_one() */ 540 541 /*****************************************************************************/ 542 /* 543 * search for an instantiation authorisation key matching a target key 544 * - the RCU read lock must be held by the caller 545 * - a target_id of zero specifies any valid token 546 */ 547 struct key *keyring_search_instkey(struct key *keyring, 548 key_serial_t target_id) 549 { 550 struct request_key_auth *rka; 551 struct keyring_list *klist; 552 struct key *instkey; 553 int loop; 554 555 klist = rcu_dereference(keyring->payload.subscriptions); 556 if (klist) { 557 for (loop = 0; loop < klist->nkeys; loop++) { 558 instkey = klist->keys[loop]; 559 560 if (instkey->type != &key_type_request_key_auth) 561 continue; 562 563 rka = instkey->payload.data; 564 if (target_id && rka->target_key->serial != target_id) 565 continue; 566 567 /* the auth key is revoked during instantiation */ 568 if (!test_bit(KEY_FLAG_REVOKED, &instkey->flags)) 569 goto found; 570 571 instkey = ERR_PTR(-EKEYREVOKED); 572 goto error; 573 } 574 } 575 576 instkey = ERR_PTR(-EACCES); 577 goto error; 578 579 found: 580 atomic_inc(&instkey->usage); 581 error: 582 return instkey; 583 584 } /* end keyring_search_instkey() */ 585 586 /*****************************************************************************/ 587 /* 588 * find a keyring with the specified name 589 * - all named keyrings are searched 590 * - only find keyrings with search permission for the process 591 * - only find keyrings with a serial number greater than the one specified 592 */ 593 struct key *find_keyring_by_name(const char *name, key_serial_t bound) 594 { 595 struct key *keyring; 596 int bucket; 597 598 keyring = ERR_PTR(-EINVAL); 599 if (!name) 600 goto error; 601 602 bucket = keyring_hash(name); 603 604 read_lock(&keyring_name_lock); 605 606 if (keyring_name_hash[bucket].next) { 607 /* search this hash bucket for a keyring with a matching name 608 * that's readable and that hasn't been revoked */ 609 list_for_each_entry(keyring, 610 &keyring_name_hash[bucket], 611 type_data.link 612 ) { 613 if (test_bit(KEY_FLAG_REVOKED, &keyring->flags)) 614 continue; 615 616 if (strcmp(keyring->description, name) != 0) 617 continue; 618 619 if (!key_permission(make_key_ref(keyring, 0), 620 KEY_SEARCH)) 621 continue; 622 623 /* found a potential candidate, but we still need to 624 * check the serial number */ 625 if (keyring->serial <= bound) 626 continue; 627 628 /* we've got a match */ 629 atomic_inc(&keyring->usage); 630 read_unlock(&keyring_name_lock); 631 goto error; 632 } 633 } 634 635 read_unlock(&keyring_name_lock); 636 keyring = ERR_PTR(-ENOKEY); 637 638 error: 639 return keyring; 640 641 } /* end find_keyring_by_name() */ 642 643 /*****************************************************************************/ 644 /* 645 * see if a cycle will will be created by inserting acyclic tree B in acyclic 646 * tree A at the topmost level (ie: as a direct child of A) 647 * - since we are adding B to A at the top level, checking for cycles should 648 * just be a matter of seeing if node A is somewhere in tree B 649 */ 650 static int keyring_detect_cycle(struct key *A, struct key *B) 651 { 652 struct { 653 struct keyring_list *keylist; 654 int kix; 655 } stack[KEYRING_SEARCH_MAX_DEPTH]; 656 657 struct keyring_list *keylist; 658 struct key *subtree, *key; 659 int sp, kix, ret; 660 661 rcu_read_lock(); 662 663 ret = -EDEADLK; 664 if (A == B) 665 goto cycle_detected; 666 667 subtree = B; 668 sp = 0; 669 670 /* start processing a new keyring */ 671 descend: 672 if (test_bit(KEY_FLAG_REVOKED, &subtree->flags)) 673 goto not_this_keyring; 674 675 keylist = rcu_dereference(subtree->payload.subscriptions); 676 if (!keylist) 677 goto not_this_keyring; 678 kix = 0; 679 680 ascend: 681 /* iterate through the remaining keys in this keyring */ 682 for (; kix < keylist->nkeys; kix++) { 683 key = keylist->keys[kix]; 684 685 if (key == A) 686 goto cycle_detected; 687 688 /* recursively check nested keyrings */ 689 if (key->type == &key_type_keyring) { 690 if (sp >= KEYRING_SEARCH_MAX_DEPTH) 691 goto too_deep; 692 693 /* stack the current position */ 694 stack[sp].keylist = keylist; 695 stack[sp].kix = kix; 696 sp++; 697 698 /* begin again with the new keyring */ 699 subtree = key; 700 goto descend; 701 } 702 } 703 704 /* the keyring we're looking at was disqualified or didn't contain a 705 * matching key */ 706 not_this_keyring: 707 if (sp > 0) { 708 /* resume the checking of a keyring higher up in the tree */ 709 sp--; 710 keylist = stack[sp].keylist; 711 kix = stack[sp].kix + 1; 712 goto ascend; 713 } 714 715 ret = 0; /* no cycles detected */ 716 717 error: 718 rcu_read_unlock(); 719 return ret; 720 721 too_deep: 722 ret = -ELOOP; 723 goto error; 724 725 cycle_detected: 726 ret = -EDEADLK; 727 goto error; 728 729 } /* end keyring_detect_cycle() */ 730 731 /*****************************************************************************/ 732 /* 733 * dispose of a keyring list after the RCU grace period 734 */ 735 static void keyring_link_rcu_disposal(struct rcu_head *rcu) 736 { 737 struct keyring_list *klist = 738 container_of(rcu, struct keyring_list, rcu); 739 740 kfree(klist); 741 742 } /* end keyring_link_rcu_disposal() */ 743 744 /*****************************************************************************/ 745 /* 746 * link a key into to a keyring 747 * - must be called with the keyring's semaphore write-locked 748 */ 749 int __key_link(struct key *keyring, struct key *key) 750 { 751 struct keyring_list *klist, *nklist; 752 unsigned max; 753 size_t size; 754 int ret; 755 756 ret = -EKEYREVOKED; 757 if (test_bit(KEY_FLAG_REVOKED, &keyring->flags)) 758 goto error; 759 760 ret = -ENOTDIR; 761 if (keyring->type != &key_type_keyring) 762 goto error; 763 764 /* serialise link/link calls to prevent parallel calls causing a 765 * cycle when applied to two keyring in opposite orders */ 766 down_write(&keyring_serialise_link_sem); 767 768 /* check that we aren't going to create a cycle adding one keyring to 769 * another */ 770 if (key->type == &key_type_keyring) { 771 ret = keyring_detect_cycle(keyring, key); 772 if (ret < 0) 773 goto error2; 774 } 775 776 /* check that we aren't going to overrun the user's quota */ 777 ret = key_payload_reserve(keyring, 778 keyring->datalen + KEYQUOTA_LINK_BYTES); 779 if (ret < 0) 780 goto error2; 781 782 klist = keyring->payload.subscriptions; 783 784 if (klist && klist->nkeys < klist->maxkeys) { 785 /* there's sufficient slack space to add directly */ 786 atomic_inc(&key->usage); 787 788 klist->keys[klist->nkeys] = key; 789 smp_wmb(); 790 klist->nkeys++; 791 smp_wmb(); 792 793 ret = 0; 794 } 795 else { 796 /* grow the key list */ 797 max = 4; 798 if (klist) 799 max += klist->maxkeys; 800 801 ret = -ENFILE; 802 if (max > 65535) 803 goto error3; 804 size = sizeof(*klist) + sizeof(struct key *) * max; 805 if (size > PAGE_SIZE) 806 goto error3; 807 808 ret = -ENOMEM; 809 nklist = kmalloc(size, GFP_KERNEL); 810 if (!nklist) 811 goto error3; 812 nklist->maxkeys = max; 813 nklist->nkeys = 0; 814 815 if (klist) { 816 nklist->nkeys = klist->nkeys; 817 memcpy(nklist->keys, 818 klist->keys, 819 sizeof(struct key *) * klist->nkeys); 820 } 821 822 /* add the key into the new space */ 823 atomic_inc(&key->usage); 824 nklist->keys[nklist->nkeys++] = key; 825 826 rcu_assign_pointer(keyring->payload.subscriptions, nklist); 827 828 /* dispose of the old keyring list */ 829 if (klist) 830 call_rcu(&klist->rcu, keyring_link_rcu_disposal); 831 832 ret = 0; 833 } 834 835 error2: 836 up_write(&keyring_serialise_link_sem); 837 error: 838 return ret; 839 840 error3: 841 /* undo the quota changes */ 842 key_payload_reserve(keyring, 843 keyring->datalen - KEYQUOTA_LINK_BYTES); 844 goto error2; 845 846 } /* end __key_link() */ 847 848 /*****************************************************************************/ 849 /* 850 * link a key to a keyring 851 */ 852 int key_link(struct key *keyring, struct key *key) 853 { 854 int ret; 855 856 key_check(keyring); 857 key_check(key); 858 859 down_write(&keyring->sem); 860 ret = __key_link(keyring, key); 861 up_write(&keyring->sem); 862 863 return ret; 864 865 } /* end key_link() */ 866 867 EXPORT_SYMBOL(key_link); 868 869 /*****************************************************************************/ 870 /* 871 * dispose of a keyring list after the RCU grace period, freeing the unlinked 872 * key 873 */ 874 static void keyring_unlink_rcu_disposal(struct rcu_head *rcu) 875 { 876 struct keyring_list *klist = 877 container_of(rcu, struct keyring_list, rcu); 878 879 key_put(klist->keys[klist->delkey]); 880 kfree(klist); 881 882 } /* end keyring_unlink_rcu_disposal() */ 883 884 /*****************************************************************************/ 885 /* 886 * unlink the first link to a key from a keyring 887 */ 888 int key_unlink(struct key *keyring, struct key *key) 889 { 890 struct keyring_list *klist, *nklist; 891 int loop, ret; 892 893 key_check(keyring); 894 key_check(key); 895 896 ret = -ENOTDIR; 897 if (keyring->type != &key_type_keyring) 898 goto error; 899 900 down_write(&keyring->sem); 901 902 klist = keyring->payload.subscriptions; 903 if (klist) { 904 /* search the keyring for the key */ 905 for (loop = 0; loop < klist->nkeys; loop++) 906 if (klist->keys[loop] == key) 907 goto key_is_present; 908 } 909 910 up_write(&keyring->sem); 911 ret = -ENOENT; 912 goto error; 913 914 key_is_present: 915 /* we need to copy the key list for RCU purposes */ 916 nklist = kmalloc(sizeof(*klist) + 917 sizeof(struct key *) * klist->maxkeys, 918 GFP_KERNEL); 919 if (!nklist) 920 goto nomem; 921 nklist->maxkeys = klist->maxkeys; 922 nklist->nkeys = klist->nkeys - 1; 923 924 if (loop > 0) 925 memcpy(&nklist->keys[0], 926 &klist->keys[0], 927 loop * sizeof(struct key *)); 928 929 if (loop < nklist->nkeys) 930 memcpy(&nklist->keys[loop], 931 &klist->keys[loop + 1], 932 (nklist->nkeys - loop) * sizeof(struct key *)); 933 934 /* adjust the user's quota */ 935 key_payload_reserve(keyring, 936 keyring->datalen - KEYQUOTA_LINK_BYTES); 937 938 rcu_assign_pointer(keyring->payload.subscriptions, nklist); 939 940 up_write(&keyring->sem); 941 942 /* schedule for later cleanup */ 943 klist->delkey = loop; 944 call_rcu(&klist->rcu, keyring_unlink_rcu_disposal); 945 946 ret = 0; 947 948 error: 949 return ret; 950 nomem: 951 ret = -ENOMEM; 952 up_write(&keyring->sem); 953 goto error; 954 955 } /* end key_unlink() */ 956 957 EXPORT_SYMBOL(key_unlink); 958 959 /*****************************************************************************/ 960 /* 961 * dispose of a keyring list after the RCU grace period, releasing the keys it 962 * links to 963 */ 964 static void keyring_clear_rcu_disposal(struct rcu_head *rcu) 965 { 966 struct keyring_list *klist; 967 int loop; 968 969 klist = container_of(rcu, struct keyring_list, rcu); 970 971 for (loop = klist->nkeys - 1; loop >= 0; loop--) 972 key_put(klist->keys[loop]); 973 974 kfree(klist); 975 976 } /* end keyring_clear_rcu_disposal() */ 977 978 /*****************************************************************************/ 979 /* 980 * clear the specified process keyring 981 * - implements keyctl(KEYCTL_CLEAR) 982 */ 983 int keyring_clear(struct key *keyring) 984 { 985 struct keyring_list *klist; 986 int ret; 987 988 ret = -ENOTDIR; 989 if (keyring->type == &key_type_keyring) { 990 /* detach the pointer block with the locks held */ 991 down_write(&keyring->sem); 992 993 klist = keyring->payload.subscriptions; 994 if (klist) { 995 /* adjust the quota */ 996 key_payload_reserve(keyring, 997 sizeof(struct keyring_list)); 998 999 rcu_assign_pointer(keyring->payload.subscriptions, 1000 NULL); 1001 } 1002 1003 up_write(&keyring->sem); 1004 1005 /* free the keys after the locks have been dropped */ 1006 if (klist) 1007 call_rcu(&klist->rcu, keyring_clear_rcu_disposal); 1008 1009 ret = 0; 1010 } 1011 1012 return ret; 1013 1014 } /* end keyring_clear() */ 1015 1016 EXPORT_SYMBOL(keyring_clear); 1017