1 /* keyring.c: keyring handling 2 * 3 * Copyright (C) 2004-5 Red Hat, Inc. All Rights Reserved. 4 * Written by David Howells (dhowells@redhat.com) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License 8 * as published by the Free Software Foundation; either version 9 * 2 of the License, or (at your option) any later version. 10 */ 11 12 #include <linux/module.h> 13 #include <linux/init.h> 14 #include <linux/sched.h> 15 #include <linux/slab.h> 16 #include <linux/security.h> 17 #include <linux/seq_file.h> 18 #include <linux/err.h> 19 #include <asm/uaccess.h> 20 #include "internal.h" 21 22 /* 23 * when plumbing the depths of the key tree, this sets a hard limit set on how 24 * deep we're willing to go 25 */ 26 #define KEYRING_SEARCH_MAX_DEPTH 6 27 28 /* 29 * we keep all named keyrings in a hash to speed looking them up 30 */ 31 #define KEYRING_NAME_HASH_SIZE (1 << 5) 32 33 static struct list_head keyring_name_hash[KEYRING_NAME_HASH_SIZE]; 34 static DEFINE_RWLOCK(keyring_name_lock); 35 36 static inline unsigned keyring_hash(const char *desc) 37 { 38 unsigned bucket = 0; 39 40 for (; *desc; desc++) 41 bucket += (unsigned char) *desc; 42 43 return bucket & (KEYRING_NAME_HASH_SIZE - 1); 44 } 45 46 /* 47 * the keyring type definition 48 */ 49 static int keyring_instantiate(struct key *keyring, 50 const void *data, size_t datalen); 51 static int keyring_duplicate(struct key *keyring, const struct key *source); 52 static int keyring_match(const struct key *keyring, const void *criterion); 53 static void keyring_destroy(struct key *keyring); 54 static void keyring_describe(const struct key *keyring, struct seq_file *m); 55 static long keyring_read(const struct key *keyring, 56 char __user *buffer, size_t buflen); 57 58 struct key_type key_type_keyring = { 59 .name = "keyring", 60 .def_datalen = sizeof(struct keyring_list), 61 .instantiate = keyring_instantiate, 62 .duplicate = keyring_duplicate, 63 .match = keyring_match, 64 .destroy = keyring_destroy, 65 .describe = keyring_describe, 66 .read = keyring_read, 67 }; 68 69 /* 70 * semaphore to serialise link/link calls to prevent two link calls in parallel 71 * introducing a cycle 72 */ 73 DECLARE_RWSEM(keyring_serialise_link_sem); 74 75 /*****************************************************************************/ 76 /* 77 * publish the name of a keyring so that it can be found by name (if it has 78 * one) 79 */ 80 void keyring_publish_name(struct key *keyring) 81 { 82 int bucket; 83 84 if (keyring->description) { 85 bucket = keyring_hash(keyring->description); 86 87 write_lock(&keyring_name_lock); 88 89 if (!keyring_name_hash[bucket].next) 90 INIT_LIST_HEAD(&keyring_name_hash[bucket]); 91 92 list_add_tail(&keyring->type_data.link, 93 &keyring_name_hash[bucket]); 94 95 write_unlock(&keyring_name_lock); 96 } 97 98 } /* end keyring_publish_name() */ 99 100 /*****************************************************************************/ 101 /* 102 * initialise a keyring 103 * - we object if we were given any data 104 */ 105 static int keyring_instantiate(struct key *keyring, 106 const void *data, size_t datalen) 107 { 108 int ret; 109 110 ret = -EINVAL; 111 if (datalen == 0) { 112 /* make the keyring available by name if it has one */ 113 keyring_publish_name(keyring); 114 ret = 0; 115 } 116 117 return ret; 118 119 } /* end keyring_instantiate() */ 120 121 /*****************************************************************************/ 122 /* 123 * duplicate the list of subscribed keys from a source keyring into this one 124 */ 125 static int keyring_duplicate(struct key *keyring, const struct key *source) 126 { 127 struct keyring_list *sklist, *klist; 128 unsigned max; 129 size_t size; 130 int loop, ret; 131 132 const unsigned limit = 133 (PAGE_SIZE - sizeof(*klist)) / sizeof(struct key *); 134 135 ret = 0; 136 137 /* find out how many keys are currently linked */ 138 rcu_read_lock(); 139 sklist = rcu_dereference(source->payload.subscriptions); 140 max = 0; 141 if (sklist) 142 max = sklist->nkeys; 143 rcu_read_unlock(); 144 145 /* allocate a new payload and stuff load with key links */ 146 if (max > 0) { 147 BUG_ON(max > limit); 148 149 max = (max + 3) & ~3; 150 if (max > limit) 151 max = limit; 152 153 ret = -ENOMEM; 154 size = sizeof(*klist) + sizeof(struct key *) * max; 155 klist = kmalloc(size, GFP_KERNEL); 156 if (!klist) 157 goto error; 158 159 /* set links */ 160 rcu_read_lock(); 161 sklist = rcu_dereference(source->payload.subscriptions); 162 163 klist->maxkeys = max; 164 klist->nkeys = sklist->nkeys; 165 memcpy(klist->keys, 166 sklist->keys, 167 sklist->nkeys * sizeof(struct key *)); 168 169 for (loop = klist->nkeys - 1; loop >= 0; loop--) 170 atomic_inc(&klist->keys[loop]->usage); 171 172 rcu_read_unlock(); 173 174 rcu_assign_pointer(keyring->payload.subscriptions, klist); 175 ret = 0; 176 } 177 178 error: 179 return ret; 180 181 } /* end keyring_duplicate() */ 182 183 /*****************************************************************************/ 184 /* 185 * match keyrings on their name 186 */ 187 static int keyring_match(const struct key *keyring, const void *description) 188 { 189 return keyring->description && 190 strcmp(keyring->description, description) == 0; 191 192 } /* end keyring_match() */ 193 194 /*****************************************************************************/ 195 /* 196 * dispose of the data dangling from the corpse of a keyring 197 */ 198 static void keyring_destroy(struct key *keyring) 199 { 200 struct keyring_list *klist; 201 int loop; 202 203 if (keyring->description) { 204 write_lock(&keyring_name_lock); 205 206 if (keyring->type_data.link.next != NULL && 207 !list_empty(&keyring->type_data.link)) 208 list_del(&keyring->type_data.link); 209 210 write_unlock(&keyring_name_lock); 211 } 212 213 klist = rcu_dereference(keyring->payload.subscriptions); 214 if (klist) { 215 for (loop = klist->nkeys - 1; loop >= 0; loop--) 216 key_put(klist->keys[loop]); 217 kfree(klist); 218 } 219 220 } /* end keyring_destroy() */ 221 222 /*****************************************************************************/ 223 /* 224 * describe the keyring 225 */ 226 static void keyring_describe(const struct key *keyring, struct seq_file *m) 227 { 228 struct keyring_list *klist; 229 230 if (keyring->description) { 231 seq_puts(m, keyring->description); 232 } 233 else { 234 seq_puts(m, "[anon]"); 235 } 236 237 rcu_read_lock(); 238 klist = rcu_dereference(keyring->payload.subscriptions); 239 if (klist) 240 seq_printf(m, ": %u/%u", klist->nkeys, klist->maxkeys); 241 else 242 seq_puts(m, ": empty"); 243 rcu_read_unlock(); 244 245 } /* end keyring_describe() */ 246 247 /*****************************************************************************/ 248 /* 249 * read a list of key IDs from the keyring's contents 250 * - the keyring's semaphore is read-locked 251 */ 252 static long keyring_read(const struct key *keyring, 253 char __user *buffer, size_t buflen) 254 { 255 struct keyring_list *klist; 256 struct key *key; 257 size_t qty, tmp; 258 int loop, ret; 259 260 ret = 0; 261 klist = rcu_dereference(keyring->payload.subscriptions); 262 263 if (klist) { 264 /* calculate how much data we could return */ 265 qty = klist->nkeys * sizeof(key_serial_t); 266 267 if (buffer && buflen > 0) { 268 if (buflen > qty) 269 buflen = qty; 270 271 /* copy the IDs of the subscribed keys into the 272 * buffer */ 273 ret = -EFAULT; 274 275 for (loop = 0; loop < klist->nkeys; loop++) { 276 key = klist->keys[loop]; 277 278 tmp = sizeof(key_serial_t); 279 if (tmp > buflen) 280 tmp = buflen; 281 282 if (copy_to_user(buffer, 283 &key->serial, 284 tmp) != 0) 285 goto error; 286 287 buflen -= tmp; 288 if (buflen == 0) 289 break; 290 buffer += tmp; 291 } 292 } 293 294 ret = qty; 295 } 296 297 error: 298 return ret; 299 300 } /* end keyring_read() */ 301 302 /*****************************************************************************/ 303 /* 304 * allocate a keyring and link into the destination keyring 305 */ 306 struct key *keyring_alloc(const char *description, uid_t uid, gid_t gid, 307 int not_in_quota, struct key *dest) 308 { 309 struct key *keyring; 310 int ret; 311 312 keyring = key_alloc(&key_type_keyring, description, 313 uid, gid, 314 (KEY_POS_ALL & ~KEY_POS_SETATTR) | KEY_USR_ALL, 315 not_in_quota); 316 317 if (!IS_ERR(keyring)) { 318 ret = key_instantiate_and_link(keyring, NULL, 0, dest, NULL); 319 if (ret < 0) { 320 key_put(keyring); 321 keyring = ERR_PTR(ret); 322 } 323 } 324 325 return keyring; 326 327 } /* end keyring_alloc() */ 328 329 /*****************************************************************************/ 330 /* 331 * search the supplied keyring tree for a key that matches the criterion 332 * - perform a breadth-then-depth search up to the prescribed limit 333 * - we only find keys on which we have search permission 334 * - we use the supplied match function to see if the description (or other 335 * feature of interest) matches 336 * - we rely on RCU to prevent the keyring lists from disappearing on us 337 * - we return -EAGAIN if we didn't find any matching key 338 * - we return -ENOKEY if we only found negative matching keys 339 * - we propagate the possession attribute from the keyring ref to the key ref 340 */ 341 key_ref_t keyring_search_aux(key_ref_t keyring_ref, 342 struct task_struct *context, 343 struct key_type *type, 344 const void *description, 345 key_match_func_t match) 346 { 347 struct { 348 struct keyring_list *keylist; 349 int kix; 350 } stack[KEYRING_SEARCH_MAX_DEPTH]; 351 352 struct keyring_list *keylist; 353 struct timespec now; 354 unsigned long possessed; 355 struct key *keyring, *key; 356 key_ref_t key_ref; 357 long err; 358 int sp, kix; 359 360 keyring = key_ref_to_ptr(keyring_ref); 361 possessed = is_key_possessed(keyring_ref); 362 key_check(keyring); 363 364 /* top keyring must have search permission to begin the search */ 365 err = key_task_permission(keyring_ref, context, KEY_SEARCH); 366 if (err < 0) { 367 key_ref = ERR_PTR(err); 368 goto error; 369 } 370 371 key_ref = ERR_PTR(-ENOTDIR); 372 if (keyring->type != &key_type_keyring) 373 goto error; 374 375 rcu_read_lock(); 376 377 now = current_kernel_time(); 378 err = -EAGAIN; 379 sp = 0; 380 381 /* start processing a new keyring */ 382 descend: 383 if (test_bit(KEY_FLAG_REVOKED, &keyring->flags)) 384 goto not_this_keyring; 385 386 keylist = rcu_dereference(keyring->payload.subscriptions); 387 if (!keylist) 388 goto not_this_keyring; 389 390 /* iterate through the keys in this keyring first */ 391 for (kix = 0; kix < keylist->nkeys; kix++) { 392 key = keylist->keys[kix]; 393 394 /* ignore keys not of this type */ 395 if (key->type != type) 396 continue; 397 398 /* skip revoked keys and expired keys */ 399 if (test_bit(KEY_FLAG_REVOKED, &key->flags)) 400 continue; 401 402 if (key->expiry && now.tv_sec >= key->expiry) 403 continue; 404 405 /* keys that don't match */ 406 if (!match(key, description)) 407 continue; 408 409 /* key must have search permissions */ 410 if (key_task_permission(make_key_ref(key, possessed), 411 context, KEY_SEARCH) < 0) 412 continue; 413 414 /* we set a different error code if we find a negative key */ 415 if (test_bit(KEY_FLAG_NEGATIVE, &key->flags)) { 416 err = -ENOKEY; 417 continue; 418 } 419 420 goto found; 421 } 422 423 /* search through the keyrings nested in this one */ 424 kix = 0; 425 ascend: 426 for (; kix < keylist->nkeys; kix++) { 427 key = keylist->keys[kix]; 428 if (key->type != &key_type_keyring) 429 continue; 430 431 /* recursively search nested keyrings 432 * - only search keyrings for which we have search permission 433 */ 434 if (sp >= KEYRING_SEARCH_MAX_DEPTH) 435 continue; 436 437 if (key_task_permission(make_key_ref(key, possessed), 438 context, KEY_SEARCH) < 0) 439 continue; 440 441 /* stack the current position */ 442 stack[sp].keylist = keylist; 443 stack[sp].kix = kix; 444 sp++; 445 446 /* begin again with the new keyring */ 447 keyring = key; 448 goto descend; 449 } 450 451 /* the keyring we're looking at was disqualified or didn't contain a 452 * matching key */ 453 not_this_keyring: 454 if (sp > 0) { 455 /* resume the processing of a keyring higher up in the tree */ 456 sp--; 457 keylist = stack[sp].keylist; 458 kix = stack[sp].kix + 1; 459 goto ascend; 460 } 461 462 key_ref = ERR_PTR(err); 463 goto error_2; 464 465 /* we found a viable match */ 466 found: 467 atomic_inc(&key->usage); 468 key_check(key); 469 key_ref = make_key_ref(key, possessed); 470 error_2: 471 rcu_read_unlock(); 472 error: 473 return key_ref; 474 475 } /* end keyring_search_aux() */ 476 477 /*****************************************************************************/ 478 /* 479 * search the supplied keyring tree for a key that matches the criterion 480 * - perform a breadth-then-depth search up to the prescribed limit 481 * - we only find keys on which we have search permission 482 * - we readlock the keyrings as we search down the tree 483 * - we return -EAGAIN if we didn't find any matching key 484 * - we return -ENOKEY if we only found negative matching keys 485 */ 486 key_ref_t keyring_search(key_ref_t keyring, 487 struct key_type *type, 488 const char *description) 489 { 490 if (!type->match) 491 return ERR_PTR(-ENOKEY); 492 493 return keyring_search_aux(keyring, current, 494 type, description, type->match); 495 496 } /* end keyring_search() */ 497 498 EXPORT_SYMBOL(keyring_search); 499 500 /*****************************************************************************/ 501 /* 502 * search the given keyring only (no recursion) 503 * - keyring must be locked by caller 504 */ 505 key_ref_t __keyring_search_one(key_ref_t keyring_ref, 506 const struct key_type *ktype, 507 const char *description, 508 key_perm_t perm) 509 { 510 struct keyring_list *klist; 511 unsigned long possessed; 512 struct key *keyring, *key; 513 int loop; 514 515 keyring = key_ref_to_ptr(keyring_ref); 516 possessed = is_key_possessed(keyring_ref); 517 518 rcu_read_lock(); 519 520 klist = rcu_dereference(keyring->payload.subscriptions); 521 if (klist) { 522 for (loop = 0; loop < klist->nkeys; loop++) { 523 key = klist->keys[loop]; 524 525 if (key->type == ktype && 526 (!key->type->match || 527 key->type->match(key, description)) && 528 key_permission(make_key_ref(key, possessed), 529 perm) == 0 && 530 !test_bit(KEY_FLAG_REVOKED, &key->flags) 531 ) 532 goto found; 533 } 534 } 535 536 rcu_read_unlock(); 537 return ERR_PTR(-ENOKEY); 538 539 found: 540 atomic_inc(&key->usage); 541 rcu_read_unlock(); 542 return make_key_ref(key, possessed); 543 544 } /* end __keyring_search_one() */ 545 546 /*****************************************************************************/ 547 /* 548 * search for an instantiation authorisation key matching a target key 549 * - the RCU read lock must be held by the caller 550 * - a target_id of zero specifies any valid token 551 */ 552 struct key *keyring_search_instkey(struct key *keyring, 553 key_serial_t target_id) 554 { 555 struct request_key_auth *rka; 556 struct keyring_list *klist; 557 struct key *instkey; 558 int loop; 559 560 klist = rcu_dereference(keyring->payload.subscriptions); 561 if (klist) { 562 for (loop = 0; loop < klist->nkeys; loop++) { 563 instkey = klist->keys[loop]; 564 565 if (instkey->type != &key_type_request_key_auth) 566 continue; 567 568 rka = instkey->payload.data; 569 if (target_id && rka->target_key->serial != target_id) 570 continue; 571 572 /* the auth key is revoked during instantiation */ 573 if (!test_bit(KEY_FLAG_REVOKED, &instkey->flags)) 574 goto found; 575 576 instkey = ERR_PTR(-EKEYREVOKED); 577 goto error; 578 } 579 } 580 581 instkey = ERR_PTR(-EACCES); 582 goto error; 583 584 found: 585 atomic_inc(&instkey->usage); 586 error: 587 return instkey; 588 589 } /* end keyring_search_instkey() */ 590 591 /*****************************************************************************/ 592 /* 593 * find a keyring with the specified name 594 * - all named keyrings are searched 595 * - only find keyrings with search permission for the process 596 * - only find keyrings with a serial number greater than the one specified 597 */ 598 struct key *find_keyring_by_name(const char *name, key_serial_t bound) 599 { 600 struct key *keyring; 601 int bucket; 602 603 keyring = ERR_PTR(-EINVAL); 604 if (!name) 605 goto error; 606 607 bucket = keyring_hash(name); 608 609 read_lock(&keyring_name_lock); 610 611 if (keyring_name_hash[bucket].next) { 612 /* search this hash bucket for a keyring with a matching name 613 * that's readable and that hasn't been revoked */ 614 list_for_each_entry(keyring, 615 &keyring_name_hash[bucket], 616 type_data.link 617 ) { 618 if (test_bit(KEY_FLAG_REVOKED, &keyring->flags)) 619 continue; 620 621 if (strcmp(keyring->description, name) != 0) 622 continue; 623 624 if (key_permission(make_key_ref(keyring, 0), 625 KEY_SEARCH) < 0) 626 continue; 627 628 /* found a potential candidate, but we still need to 629 * check the serial number */ 630 if (keyring->serial <= bound) 631 continue; 632 633 /* we've got a match */ 634 atomic_inc(&keyring->usage); 635 read_unlock(&keyring_name_lock); 636 goto error; 637 } 638 } 639 640 read_unlock(&keyring_name_lock); 641 keyring = ERR_PTR(-ENOKEY); 642 643 error: 644 return keyring; 645 646 } /* end find_keyring_by_name() */ 647 648 /*****************************************************************************/ 649 /* 650 * see if a cycle will will be created by inserting acyclic tree B in acyclic 651 * tree A at the topmost level (ie: as a direct child of A) 652 * - since we are adding B to A at the top level, checking for cycles should 653 * just be a matter of seeing if node A is somewhere in tree B 654 */ 655 static int keyring_detect_cycle(struct key *A, struct key *B) 656 { 657 struct { 658 struct keyring_list *keylist; 659 int kix; 660 } stack[KEYRING_SEARCH_MAX_DEPTH]; 661 662 struct keyring_list *keylist; 663 struct key *subtree, *key; 664 int sp, kix, ret; 665 666 rcu_read_lock(); 667 668 ret = -EDEADLK; 669 if (A == B) 670 goto cycle_detected; 671 672 subtree = B; 673 sp = 0; 674 675 /* start processing a new keyring */ 676 descend: 677 if (test_bit(KEY_FLAG_REVOKED, &subtree->flags)) 678 goto not_this_keyring; 679 680 keylist = rcu_dereference(subtree->payload.subscriptions); 681 if (!keylist) 682 goto not_this_keyring; 683 kix = 0; 684 685 ascend: 686 /* iterate through the remaining keys in this keyring */ 687 for (; kix < keylist->nkeys; kix++) { 688 key = keylist->keys[kix]; 689 690 if (key == A) 691 goto cycle_detected; 692 693 /* recursively check nested keyrings */ 694 if (key->type == &key_type_keyring) { 695 if (sp >= KEYRING_SEARCH_MAX_DEPTH) 696 goto too_deep; 697 698 /* stack the current position */ 699 stack[sp].keylist = keylist; 700 stack[sp].kix = kix; 701 sp++; 702 703 /* begin again with the new keyring */ 704 subtree = key; 705 goto descend; 706 } 707 } 708 709 /* the keyring we're looking at was disqualified or didn't contain a 710 * matching key */ 711 not_this_keyring: 712 if (sp > 0) { 713 /* resume the checking of a keyring higher up in the tree */ 714 sp--; 715 keylist = stack[sp].keylist; 716 kix = stack[sp].kix + 1; 717 goto ascend; 718 } 719 720 ret = 0; /* no cycles detected */ 721 722 error: 723 rcu_read_unlock(); 724 return ret; 725 726 too_deep: 727 ret = -ELOOP; 728 goto error; 729 730 cycle_detected: 731 ret = -EDEADLK; 732 goto error; 733 734 } /* end keyring_detect_cycle() */ 735 736 /*****************************************************************************/ 737 /* 738 * dispose of a keyring list after the RCU grace period 739 */ 740 static void keyring_link_rcu_disposal(struct rcu_head *rcu) 741 { 742 struct keyring_list *klist = 743 container_of(rcu, struct keyring_list, rcu); 744 745 kfree(klist); 746 747 } /* end keyring_link_rcu_disposal() */ 748 749 /*****************************************************************************/ 750 /* 751 * link a key into to a keyring 752 * - must be called with the keyring's semaphore write-locked 753 */ 754 int __key_link(struct key *keyring, struct key *key) 755 { 756 struct keyring_list *klist, *nklist; 757 unsigned max; 758 size_t size; 759 int ret; 760 761 ret = -EKEYREVOKED; 762 if (test_bit(KEY_FLAG_REVOKED, &keyring->flags)) 763 goto error; 764 765 ret = -ENOTDIR; 766 if (keyring->type != &key_type_keyring) 767 goto error; 768 769 /* serialise link/link calls to prevent parallel calls causing a 770 * cycle when applied to two keyring in opposite orders */ 771 down_write(&keyring_serialise_link_sem); 772 773 /* check that we aren't going to create a cycle adding one keyring to 774 * another */ 775 if (key->type == &key_type_keyring) { 776 ret = keyring_detect_cycle(keyring, key); 777 if (ret < 0) 778 goto error2; 779 } 780 781 /* check that we aren't going to overrun the user's quota */ 782 ret = key_payload_reserve(keyring, 783 keyring->datalen + KEYQUOTA_LINK_BYTES); 784 if (ret < 0) 785 goto error2; 786 787 klist = keyring->payload.subscriptions; 788 789 if (klist && klist->nkeys < klist->maxkeys) { 790 /* there's sufficient slack space to add directly */ 791 atomic_inc(&key->usage); 792 793 klist->keys[klist->nkeys] = key; 794 smp_wmb(); 795 klist->nkeys++; 796 smp_wmb(); 797 798 ret = 0; 799 } 800 else { 801 /* grow the key list */ 802 max = 4; 803 if (klist) 804 max += klist->maxkeys; 805 806 ret = -ENFILE; 807 if (max > 65535) 808 goto error3; 809 size = sizeof(*klist) + sizeof(struct key *) * max; 810 if (size > PAGE_SIZE) 811 goto error3; 812 813 ret = -ENOMEM; 814 nklist = kmalloc(size, GFP_KERNEL); 815 if (!nklist) 816 goto error3; 817 nklist->maxkeys = max; 818 nklist->nkeys = 0; 819 820 if (klist) { 821 nklist->nkeys = klist->nkeys; 822 memcpy(nklist->keys, 823 klist->keys, 824 sizeof(struct key *) * klist->nkeys); 825 } 826 827 /* add the key into the new space */ 828 atomic_inc(&key->usage); 829 nklist->keys[nklist->nkeys++] = key; 830 831 rcu_assign_pointer(keyring->payload.subscriptions, nklist); 832 833 /* dispose of the old keyring list */ 834 if (klist) 835 call_rcu(&klist->rcu, keyring_link_rcu_disposal); 836 837 ret = 0; 838 } 839 840 error2: 841 up_write(&keyring_serialise_link_sem); 842 error: 843 return ret; 844 845 error3: 846 /* undo the quota changes */ 847 key_payload_reserve(keyring, 848 keyring->datalen - KEYQUOTA_LINK_BYTES); 849 goto error2; 850 851 } /* end __key_link() */ 852 853 /*****************************************************************************/ 854 /* 855 * link a key to a keyring 856 */ 857 int key_link(struct key *keyring, struct key *key) 858 { 859 int ret; 860 861 key_check(keyring); 862 key_check(key); 863 864 down_write(&keyring->sem); 865 ret = __key_link(keyring, key); 866 up_write(&keyring->sem); 867 868 return ret; 869 870 } /* end key_link() */ 871 872 EXPORT_SYMBOL(key_link); 873 874 /*****************************************************************************/ 875 /* 876 * dispose of a keyring list after the RCU grace period, freeing the unlinked 877 * key 878 */ 879 static void keyring_unlink_rcu_disposal(struct rcu_head *rcu) 880 { 881 struct keyring_list *klist = 882 container_of(rcu, struct keyring_list, rcu); 883 884 key_put(klist->keys[klist->delkey]); 885 kfree(klist); 886 887 } /* end keyring_unlink_rcu_disposal() */ 888 889 /*****************************************************************************/ 890 /* 891 * unlink the first link to a key from a keyring 892 */ 893 int key_unlink(struct key *keyring, struct key *key) 894 { 895 struct keyring_list *klist, *nklist; 896 int loop, ret; 897 898 key_check(keyring); 899 key_check(key); 900 901 ret = -ENOTDIR; 902 if (keyring->type != &key_type_keyring) 903 goto error; 904 905 down_write(&keyring->sem); 906 907 klist = keyring->payload.subscriptions; 908 if (klist) { 909 /* search the keyring for the key */ 910 for (loop = 0; loop < klist->nkeys; loop++) 911 if (klist->keys[loop] == key) 912 goto key_is_present; 913 } 914 915 up_write(&keyring->sem); 916 ret = -ENOENT; 917 goto error; 918 919 key_is_present: 920 /* we need to copy the key list for RCU purposes */ 921 nklist = kmalloc(sizeof(*klist) + 922 sizeof(struct key *) * klist->maxkeys, 923 GFP_KERNEL); 924 if (!nklist) 925 goto nomem; 926 nklist->maxkeys = klist->maxkeys; 927 nklist->nkeys = klist->nkeys - 1; 928 929 if (loop > 0) 930 memcpy(&nklist->keys[0], 931 &klist->keys[0], 932 loop * sizeof(struct key *)); 933 934 if (loop < nklist->nkeys) 935 memcpy(&nklist->keys[loop], 936 &klist->keys[loop + 1], 937 (nklist->nkeys - loop) * sizeof(struct key *)); 938 939 /* adjust the user's quota */ 940 key_payload_reserve(keyring, 941 keyring->datalen - KEYQUOTA_LINK_BYTES); 942 943 rcu_assign_pointer(keyring->payload.subscriptions, nklist); 944 945 up_write(&keyring->sem); 946 947 /* schedule for later cleanup */ 948 klist->delkey = loop; 949 call_rcu(&klist->rcu, keyring_unlink_rcu_disposal); 950 951 ret = 0; 952 953 error: 954 return ret; 955 nomem: 956 ret = -ENOMEM; 957 up_write(&keyring->sem); 958 goto error; 959 960 } /* end key_unlink() */ 961 962 EXPORT_SYMBOL(key_unlink); 963 964 /*****************************************************************************/ 965 /* 966 * dispose of a keyring list after the RCU grace period, releasing the keys it 967 * links to 968 */ 969 static void keyring_clear_rcu_disposal(struct rcu_head *rcu) 970 { 971 struct keyring_list *klist; 972 int loop; 973 974 klist = container_of(rcu, struct keyring_list, rcu); 975 976 for (loop = klist->nkeys - 1; loop >= 0; loop--) 977 key_put(klist->keys[loop]); 978 979 kfree(klist); 980 981 } /* end keyring_clear_rcu_disposal() */ 982 983 /*****************************************************************************/ 984 /* 985 * clear the specified process keyring 986 * - implements keyctl(KEYCTL_CLEAR) 987 */ 988 int keyring_clear(struct key *keyring) 989 { 990 struct keyring_list *klist; 991 int ret; 992 993 ret = -ENOTDIR; 994 if (keyring->type == &key_type_keyring) { 995 /* detach the pointer block with the locks held */ 996 down_write(&keyring->sem); 997 998 klist = keyring->payload.subscriptions; 999 if (klist) { 1000 /* adjust the quota */ 1001 key_payload_reserve(keyring, 1002 sizeof(struct keyring_list)); 1003 1004 rcu_assign_pointer(keyring->payload.subscriptions, 1005 NULL); 1006 } 1007 1008 up_write(&keyring->sem); 1009 1010 /* free the keys after the locks have been dropped */ 1011 if (klist) 1012 call_rcu(&klist->rcu, keyring_clear_rcu_disposal); 1013 1014 ret = 0; 1015 } 1016 1017 return ret; 1018 1019 } /* end keyring_clear() */ 1020 1021 EXPORT_SYMBOL(keyring_clear); 1022