1 /* keyring.c: keyring handling 2 * 3 * Copyright (C) 2004-5 Red Hat, Inc. All Rights Reserved. 4 * Written by David Howells (dhowells@redhat.com) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License 8 * as published by the Free Software Foundation; either version 9 * 2 of the License, or (at your option) any later version. 10 */ 11 12 #include <linux/module.h> 13 #include <linux/init.h> 14 #include <linux/sched.h> 15 #include <linux/slab.h> 16 #include <linux/security.h> 17 #include <linux/seq_file.h> 18 #include <linux/err.h> 19 #include <asm/uaccess.h> 20 #include "internal.h" 21 22 /* 23 * when plumbing the depths of the key tree, this sets a hard limit set on how 24 * deep we're willing to go 25 */ 26 #define KEYRING_SEARCH_MAX_DEPTH 6 27 28 /* 29 * we keep all named keyrings in a hash to speed looking them up 30 */ 31 #define KEYRING_NAME_HASH_SIZE (1 << 5) 32 33 static struct list_head keyring_name_hash[KEYRING_NAME_HASH_SIZE]; 34 static DEFINE_RWLOCK(keyring_name_lock); 35 36 static inline unsigned keyring_hash(const char *desc) 37 { 38 unsigned bucket = 0; 39 40 for (; *desc; desc++) 41 bucket += (unsigned char) *desc; 42 43 return bucket & (KEYRING_NAME_HASH_SIZE - 1); 44 } 45 46 /* 47 * the keyring type definition 48 */ 49 static int keyring_instantiate(struct key *keyring, 50 const void *data, size_t datalen); 51 static int keyring_match(const struct key *keyring, const void *criterion); 52 static void keyring_destroy(struct key *keyring); 53 static void keyring_describe(const struct key *keyring, struct seq_file *m); 54 static long keyring_read(const struct key *keyring, 55 char __user *buffer, size_t buflen); 56 57 struct key_type key_type_keyring = { 58 .name = "keyring", 59 .def_datalen = sizeof(struct keyring_list), 60 .instantiate = keyring_instantiate, 61 .match = keyring_match, 62 .destroy = keyring_destroy, 63 .describe = keyring_describe, 64 .read = keyring_read, 65 }; 66 67 /* 68 * semaphore to serialise link/link calls to prevent two link calls in parallel 69 * introducing a cycle 70 */ 71 static DECLARE_RWSEM(keyring_serialise_link_sem); 72 73 /*****************************************************************************/ 74 /* 75 * publish the name of a keyring so that it can be found by name (if it has 76 * one) 77 */ 78 void keyring_publish_name(struct key *keyring) 79 { 80 int bucket; 81 82 if (keyring->description) { 83 bucket = keyring_hash(keyring->description); 84 85 write_lock(&keyring_name_lock); 86 87 if (!keyring_name_hash[bucket].next) 88 INIT_LIST_HEAD(&keyring_name_hash[bucket]); 89 90 list_add_tail(&keyring->type_data.link, 91 &keyring_name_hash[bucket]); 92 93 write_unlock(&keyring_name_lock); 94 } 95 96 } /* end keyring_publish_name() */ 97 98 /*****************************************************************************/ 99 /* 100 * initialise a keyring 101 * - we object if we were given any data 102 */ 103 static int keyring_instantiate(struct key *keyring, 104 const void *data, size_t datalen) 105 { 106 int ret; 107 108 ret = -EINVAL; 109 if (datalen == 0) { 110 /* make the keyring available by name if it has one */ 111 keyring_publish_name(keyring); 112 ret = 0; 113 } 114 115 return ret; 116 117 } /* end keyring_instantiate() */ 118 119 /*****************************************************************************/ 120 /* 121 * match keyrings on their name 122 */ 123 static int keyring_match(const struct key *keyring, const void *description) 124 { 125 return keyring->description && 126 strcmp(keyring->description, description) == 0; 127 128 } /* end keyring_match() */ 129 130 /*****************************************************************************/ 131 /* 132 * dispose of the data dangling from the corpse of a keyring 133 */ 134 static void keyring_destroy(struct key *keyring) 135 { 136 struct keyring_list *klist; 137 int loop; 138 139 if (keyring->description) { 140 write_lock(&keyring_name_lock); 141 142 if (keyring->type_data.link.next != NULL && 143 !list_empty(&keyring->type_data.link)) 144 list_del(&keyring->type_data.link); 145 146 write_unlock(&keyring_name_lock); 147 } 148 149 klist = rcu_dereference(keyring->payload.subscriptions); 150 if (klist) { 151 for (loop = klist->nkeys - 1; loop >= 0; loop--) 152 key_put(klist->keys[loop]); 153 kfree(klist); 154 } 155 156 } /* end keyring_destroy() */ 157 158 /*****************************************************************************/ 159 /* 160 * describe the keyring 161 */ 162 static void keyring_describe(const struct key *keyring, struct seq_file *m) 163 { 164 struct keyring_list *klist; 165 166 if (keyring->description) { 167 seq_puts(m, keyring->description); 168 } 169 else { 170 seq_puts(m, "[anon]"); 171 } 172 173 rcu_read_lock(); 174 klist = rcu_dereference(keyring->payload.subscriptions); 175 if (klist) 176 seq_printf(m, ": %u/%u", klist->nkeys, klist->maxkeys); 177 else 178 seq_puts(m, ": empty"); 179 rcu_read_unlock(); 180 181 } /* end keyring_describe() */ 182 183 /*****************************************************************************/ 184 /* 185 * read a list of key IDs from the keyring's contents 186 * - the keyring's semaphore is read-locked 187 */ 188 static long keyring_read(const struct key *keyring, 189 char __user *buffer, size_t buflen) 190 { 191 struct keyring_list *klist; 192 struct key *key; 193 size_t qty, tmp; 194 int loop, ret; 195 196 ret = 0; 197 klist = rcu_dereference(keyring->payload.subscriptions); 198 199 if (klist) { 200 /* calculate how much data we could return */ 201 qty = klist->nkeys * sizeof(key_serial_t); 202 203 if (buffer && buflen > 0) { 204 if (buflen > qty) 205 buflen = qty; 206 207 /* copy the IDs of the subscribed keys into the 208 * buffer */ 209 ret = -EFAULT; 210 211 for (loop = 0; loop < klist->nkeys; loop++) { 212 key = klist->keys[loop]; 213 214 tmp = sizeof(key_serial_t); 215 if (tmp > buflen) 216 tmp = buflen; 217 218 if (copy_to_user(buffer, 219 &key->serial, 220 tmp) != 0) 221 goto error; 222 223 buflen -= tmp; 224 if (buflen == 0) 225 break; 226 buffer += tmp; 227 } 228 } 229 230 ret = qty; 231 } 232 233 error: 234 return ret; 235 236 } /* end keyring_read() */ 237 238 /*****************************************************************************/ 239 /* 240 * allocate a keyring and link into the destination keyring 241 */ 242 struct key *keyring_alloc(const char *description, uid_t uid, gid_t gid, 243 int not_in_quota, struct key *dest) 244 { 245 struct key *keyring; 246 int ret; 247 248 keyring = key_alloc(&key_type_keyring, description, 249 uid, gid, 250 (KEY_POS_ALL & ~KEY_POS_SETATTR) | KEY_USR_ALL, 251 not_in_quota); 252 253 if (!IS_ERR(keyring)) { 254 ret = key_instantiate_and_link(keyring, NULL, 0, dest, NULL); 255 if (ret < 0) { 256 key_put(keyring); 257 keyring = ERR_PTR(ret); 258 } 259 } 260 261 return keyring; 262 263 } /* end keyring_alloc() */ 264 265 /*****************************************************************************/ 266 /* 267 * search the supplied keyring tree for a key that matches the criterion 268 * - perform a breadth-then-depth search up to the prescribed limit 269 * - we only find keys on which we have search permission 270 * - we use the supplied match function to see if the description (or other 271 * feature of interest) matches 272 * - we rely on RCU to prevent the keyring lists from disappearing on us 273 * - we return -EAGAIN if we didn't find any matching key 274 * - we return -ENOKEY if we only found negative matching keys 275 * - we propagate the possession attribute from the keyring ref to the key ref 276 */ 277 key_ref_t keyring_search_aux(key_ref_t keyring_ref, 278 struct task_struct *context, 279 struct key_type *type, 280 const void *description, 281 key_match_func_t match) 282 { 283 struct { 284 struct keyring_list *keylist; 285 int kix; 286 } stack[KEYRING_SEARCH_MAX_DEPTH]; 287 288 struct keyring_list *keylist; 289 struct timespec now; 290 unsigned long possessed; 291 struct key *keyring, *key; 292 key_ref_t key_ref; 293 long err; 294 int sp, kix; 295 296 keyring = key_ref_to_ptr(keyring_ref); 297 possessed = is_key_possessed(keyring_ref); 298 key_check(keyring); 299 300 /* top keyring must have search permission to begin the search */ 301 err = key_task_permission(keyring_ref, context, KEY_SEARCH); 302 if (err < 0) { 303 key_ref = ERR_PTR(err); 304 goto error; 305 } 306 307 key_ref = ERR_PTR(-ENOTDIR); 308 if (keyring->type != &key_type_keyring) 309 goto error; 310 311 rcu_read_lock(); 312 313 now = current_kernel_time(); 314 err = -EAGAIN; 315 sp = 0; 316 317 /* start processing a new keyring */ 318 descend: 319 if (test_bit(KEY_FLAG_REVOKED, &keyring->flags)) 320 goto not_this_keyring; 321 322 keylist = rcu_dereference(keyring->payload.subscriptions); 323 if (!keylist) 324 goto not_this_keyring; 325 326 /* iterate through the keys in this keyring first */ 327 for (kix = 0; kix < keylist->nkeys; kix++) { 328 key = keylist->keys[kix]; 329 330 /* ignore keys not of this type */ 331 if (key->type != type) 332 continue; 333 334 /* skip revoked keys and expired keys */ 335 if (test_bit(KEY_FLAG_REVOKED, &key->flags)) 336 continue; 337 338 if (key->expiry && now.tv_sec >= key->expiry) 339 continue; 340 341 /* keys that don't match */ 342 if (!match(key, description)) 343 continue; 344 345 /* key must have search permissions */ 346 if (key_task_permission(make_key_ref(key, possessed), 347 context, KEY_SEARCH) < 0) 348 continue; 349 350 /* we set a different error code if we find a negative key */ 351 if (test_bit(KEY_FLAG_NEGATIVE, &key->flags)) { 352 err = -ENOKEY; 353 continue; 354 } 355 356 goto found; 357 } 358 359 /* search through the keyrings nested in this one */ 360 kix = 0; 361 ascend: 362 for (; kix < keylist->nkeys; kix++) { 363 key = keylist->keys[kix]; 364 if (key->type != &key_type_keyring) 365 continue; 366 367 /* recursively search nested keyrings 368 * - only search keyrings for which we have search permission 369 */ 370 if (sp >= KEYRING_SEARCH_MAX_DEPTH) 371 continue; 372 373 if (key_task_permission(make_key_ref(key, possessed), 374 context, KEY_SEARCH) < 0) 375 continue; 376 377 /* stack the current position */ 378 stack[sp].keylist = keylist; 379 stack[sp].kix = kix; 380 sp++; 381 382 /* begin again with the new keyring */ 383 keyring = key; 384 goto descend; 385 } 386 387 /* the keyring we're looking at was disqualified or didn't contain a 388 * matching key */ 389 not_this_keyring: 390 if (sp > 0) { 391 /* resume the processing of a keyring higher up in the tree */ 392 sp--; 393 keylist = stack[sp].keylist; 394 kix = stack[sp].kix + 1; 395 goto ascend; 396 } 397 398 key_ref = ERR_PTR(err); 399 goto error_2; 400 401 /* we found a viable match */ 402 found: 403 atomic_inc(&key->usage); 404 key_check(key); 405 key_ref = make_key_ref(key, possessed); 406 error_2: 407 rcu_read_unlock(); 408 error: 409 return key_ref; 410 411 } /* end keyring_search_aux() */ 412 413 /*****************************************************************************/ 414 /* 415 * search the supplied keyring tree for a key that matches the criterion 416 * - perform a breadth-then-depth search up to the prescribed limit 417 * - we only find keys on which we have search permission 418 * - we readlock the keyrings as we search down the tree 419 * - we return -EAGAIN if we didn't find any matching key 420 * - we return -ENOKEY if we only found negative matching keys 421 */ 422 key_ref_t keyring_search(key_ref_t keyring, 423 struct key_type *type, 424 const char *description) 425 { 426 if (!type->match) 427 return ERR_PTR(-ENOKEY); 428 429 return keyring_search_aux(keyring, current, 430 type, description, type->match); 431 432 } /* end keyring_search() */ 433 434 EXPORT_SYMBOL(keyring_search); 435 436 /*****************************************************************************/ 437 /* 438 * search the given keyring only (no recursion) 439 * - keyring must be locked by caller 440 * - caller must guarantee that the keyring is a keyring 441 */ 442 key_ref_t __keyring_search_one(key_ref_t keyring_ref, 443 const struct key_type *ktype, 444 const char *description, 445 key_perm_t perm) 446 { 447 struct keyring_list *klist; 448 unsigned long possessed; 449 struct key *keyring, *key; 450 int loop; 451 452 keyring = key_ref_to_ptr(keyring_ref); 453 possessed = is_key_possessed(keyring_ref); 454 455 rcu_read_lock(); 456 457 klist = rcu_dereference(keyring->payload.subscriptions); 458 if (klist) { 459 for (loop = 0; loop < klist->nkeys; loop++) { 460 key = klist->keys[loop]; 461 462 if (key->type == ktype && 463 (!key->type->match || 464 key->type->match(key, description)) && 465 key_permission(make_key_ref(key, possessed), 466 perm) == 0 && 467 !test_bit(KEY_FLAG_REVOKED, &key->flags) 468 ) 469 goto found; 470 } 471 } 472 473 rcu_read_unlock(); 474 return ERR_PTR(-ENOKEY); 475 476 found: 477 atomic_inc(&key->usage); 478 rcu_read_unlock(); 479 return make_key_ref(key, possessed); 480 481 } /* end __keyring_search_one() */ 482 483 /*****************************************************************************/ 484 /* 485 * find a keyring with the specified name 486 * - all named keyrings are searched 487 * - only find keyrings with search permission for the process 488 * - only find keyrings with a serial number greater than the one specified 489 */ 490 struct key *find_keyring_by_name(const char *name, key_serial_t bound) 491 { 492 struct key *keyring; 493 int bucket; 494 495 keyring = ERR_PTR(-EINVAL); 496 if (!name) 497 goto error; 498 499 bucket = keyring_hash(name); 500 501 read_lock(&keyring_name_lock); 502 503 if (keyring_name_hash[bucket].next) { 504 /* search this hash bucket for a keyring with a matching name 505 * that's readable and that hasn't been revoked */ 506 list_for_each_entry(keyring, 507 &keyring_name_hash[bucket], 508 type_data.link 509 ) { 510 if (test_bit(KEY_FLAG_REVOKED, &keyring->flags)) 511 continue; 512 513 if (strcmp(keyring->description, name) != 0) 514 continue; 515 516 if (key_permission(make_key_ref(keyring, 0), 517 KEY_SEARCH) < 0) 518 continue; 519 520 /* found a potential candidate, but we still need to 521 * check the serial number */ 522 if (keyring->serial <= bound) 523 continue; 524 525 /* we've got a match */ 526 atomic_inc(&keyring->usage); 527 read_unlock(&keyring_name_lock); 528 goto error; 529 } 530 } 531 532 read_unlock(&keyring_name_lock); 533 keyring = ERR_PTR(-ENOKEY); 534 535 error: 536 return keyring; 537 538 } /* end find_keyring_by_name() */ 539 540 /*****************************************************************************/ 541 /* 542 * see if a cycle will will be created by inserting acyclic tree B in acyclic 543 * tree A at the topmost level (ie: as a direct child of A) 544 * - since we are adding B to A at the top level, checking for cycles should 545 * just be a matter of seeing if node A is somewhere in tree B 546 */ 547 static int keyring_detect_cycle(struct key *A, struct key *B) 548 { 549 struct { 550 struct keyring_list *keylist; 551 int kix; 552 } stack[KEYRING_SEARCH_MAX_DEPTH]; 553 554 struct keyring_list *keylist; 555 struct key *subtree, *key; 556 int sp, kix, ret; 557 558 rcu_read_lock(); 559 560 ret = -EDEADLK; 561 if (A == B) 562 goto cycle_detected; 563 564 subtree = B; 565 sp = 0; 566 567 /* start processing a new keyring */ 568 descend: 569 if (test_bit(KEY_FLAG_REVOKED, &subtree->flags)) 570 goto not_this_keyring; 571 572 keylist = rcu_dereference(subtree->payload.subscriptions); 573 if (!keylist) 574 goto not_this_keyring; 575 kix = 0; 576 577 ascend: 578 /* iterate through the remaining keys in this keyring */ 579 for (; kix < keylist->nkeys; kix++) { 580 key = keylist->keys[kix]; 581 582 if (key == A) 583 goto cycle_detected; 584 585 /* recursively check nested keyrings */ 586 if (key->type == &key_type_keyring) { 587 if (sp >= KEYRING_SEARCH_MAX_DEPTH) 588 goto too_deep; 589 590 /* stack the current position */ 591 stack[sp].keylist = keylist; 592 stack[sp].kix = kix; 593 sp++; 594 595 /* begin again with the new keyring */ 596 subtree = key; 597 goto descend; 598 } 599 } 600 601 /* the keyring we're looking at was disqualified or didn't contain a 602 * matching key */ 603 not_this_keyring: 604 if (sp > 0) { 605 /* resume the checking of a keyring higher up in the tree */ 606 sp--; 607 keylist = stack[sp].keylist; 608 kix = stack[sp].kix + 1; 609 goto ascend; 610 } 611 612 ret = 0; /* no cycles detected */ 613 614 error: 615 rcu_read_unlock(); 616 return ret; 617 618 too_deep: 619 ret = -ELOOP; 620 goto error; 621 622 cycle_detected: 623 ret = -EDEADLK; 624 goto error; 625 626 } /* end keyring_detect_cycle() */ 627 628 /*****************************************************************************/ 629 /* 630 * dispose of a keyring list after the RCU grace period 631 */ 632 static void keyring_link_rcu_disposal(struct rcu_head *rcu) 633 { 634 struct keyring_list *klist = 635 container_of(rcu, struct keyring_list, rcu); 636 637 kfree(klist); 638 639 } /* end keyring_link_rcu_disposal() */ 640 641 /*****************************************************************************/ 642 /* 643 * dispose of a keyring list after the RCU grace period, freeing the unlinked 644 * key 645 */ 646 static void keyring_unlink_rcu_disposal(struct rcu_head *rcu) 647 { 648 struct keyring_list *klist = 649 container_of(rcu, struct keyring_list, rcu); 650 651 key_put(klist->keys[klist->delkey]); 652 kfree(klist); 653 654 } /* end keyring_unlink_rcu_disposal() */ 655 656 /*****************************************************************************/ 657 /* 658 * link a key into to a keyring 659 * - must be called with the keyring's semaphore write-locked 660 * - discard already extant link to matching key if there is one 661 */ 662 int __key_link(struct key *keyring, struct key *key) 663 { 664 struct keyring_list *klist, *nklist; 665 unsigned max; 666 size_t size; 667 int loop, ret; 668 669 ret = -EKEYREVOKED; 670 if (test_bit(KEY_FLAG_REVOKED, &keyring->flags)) 671 goto error; 672 673 ret = -ENOTDIR; 674 if (keyring->type != &key_type_keyring) 675 goto error; 676 677 /* serialise link/link calls to prevent parallel calls causing a 678 * cycle when applied to two keyring in opposite orders */ 679 down_write(&keyring_serialise_link_sem); 680 681 /* check that we aren't going to create a cycle adding one keyring to 682 * another */ 683 if (key->type == &key_type_keyring) { 684 ret = keyring_detect_cycle(keyring, key); 685 if (ret < 0) 686 goto error2; 687 } 688 689 /* see if there's a matching key we can displace */ 690 klist = keyring->payload.subscriptions; 691 692 if (klist && klist->nkeys > 0) { 693 struct key_type *type = key->type; 694 695 for (loop = klist->nkeys - 1; loop >= 0; loop--) { 696 if (klist->keys[loop]->type == type && 697 strcmp(klist->keys[loop]->description, 698 key->description) == 0 699 ) { 700 /* found a match - replace with new key */ 701 size = sizeof(struct key *) * klist->maxkeys; 702 size += sizeof(*klist); 703 BUG_ON(size > PAGE_SIZE); 704 705 ret = -ENOMEM; 706 nklist = kmalloc(size, GFP_KERNEL); 707 if (!nklist) 708 goto error2; 709 710 memcpy(nklist, klist, size); 711 712 /* replace matched key */ 713 atomic_inc(&key->usage); 714 nklist->keys[loop] = key; 715 716 rcu_assign_pointer( 717 keyring->payload.subscriptions, 718 nklist); 719 720 /* dispose of the old keyring list and the 721 * displaced key */ 722 klist->delkey = loop; 723 call_rcu(&klist->rcu, 724 keyring_unlink_rcu_disposal); 725 726 goto done; 727 } 728 } 729 } 730 731 /* check that we aren't going to overrun the user's quota */ 732 ret = key_payload_reserve(keyring, 733 keyring->datalen + KEYQUOTA_LINK_BYTES); 734 if (ret < 0) 735 goto error2; 736 737 klist = keyring->payload.subscriptions; 738 739 if (klist && klist->nkeys < klist->maxkeys) { 740 /* there's sufficient slack space to add directly */ 741 atomic_inc(&key->usage); 742 743 klist->keys[klist->nkeys] = key; 744 smp_wmb(); 745 klist->nkeys++; 746 smp_wmb(); 747 } 748 else { 749 /* grow the key list */ 750 max = 4; 751 if (klist) 752 max += klist->maxkeys; 753 754 ret = -ENFILE; 755 if (max > 65535) 756 goto error3; 757 size = sizeof(*klist) + sizeof(struct key *) * max; 758 if (size > PAGE_SIZE) 759 goto error3; 760 761 ret = -ENOMEM; 762 nklist = kmalloc(size, GFP_KERNEL); 763 if (!nklist) 764 goto error3; 765 nklist->maxkeys = max; 766 nklist->nkeys = 0; 767 768 if (klist) { 769 nklist->nkeys = klist->nkeys; 770 memcpy(nklist->keys, 771 klist->keys, 772 sizeof(struct key *) * klist->nkeys); 773 } 774 775 /* add the key into the new space */ 776 atomic_inc(&key->usage); 777 nklist->keys[nklist->nkeys++] = key; 778 779 rcu_assign_pointer(keyring->payload.subscriptions, nklist); 780 781 /* dispose of the old keyring list */ 782 if (klist) 783 call_rcu(&klist->rcu, keyring_link_rcu_disposal); 784 } 785 786 done: 787 ret = 0; 788 error2: 789 up_write(&keyring_serialise_link_sem); 790 error: 791 return ret; 792 793 error3: 794 /* undo the quota changes */ 795 key_payload_reserve(keyring, 796 keyring->datalen - KEYQUOTA_LINK_BYTES); 797 goto error2; 798 799 } /* end __key_link() */ 800 801 /*****************************************************************************/ 802 /* 803 * link a key to a keyring 804 */ 805 int key_link(struct key *keyring, struct key *key) 806 { 807 int ret; 808 809 key_check(keyring); 810 key_check(key); 811 812 down_write(&keyring->sem); 813 ret = __key_link(keyring, key); 814 up_write(&keyring->sem); 815 816 return ret; 817 818 } /* end key_link() */ 819 820 EXPORT_SYMBOL(key_link); 821 822 /*****************************************************************************/ 823 /* 824 * unlink the first link to a key from a keyring 825 */ 826 int key_unlink(struct key *keyring, struct key *key) 827 { 828 struct keyring_list *klist, *nklist; 829 int loop, ret; 830 831 key_check(keyring); 832 key_check(key); 833 834 ret = -ENOTDIR; 835 if (keyring->type != &key_type_keyring) 836 goto error; 837 838 down_write(&keyring->sem); 839 840 klist = keyring->payload.subscriptions; 841 if (klist) { 842 /* search the keyring for the key */ 843 for (loop = 0; loop < klist->nkeys; loop++) 844 if (klist->keys[loop] == key) 845 goto key_is_present; 846 } 847 848 up_write(&keyring->sem); 849 ret = -ENOENT; 850 goto error; 851 852 key_is_present: 853 /* we need to copy the key list for RCU purposes */ 854 nklist = kmalloc(sizeof(*klist) + 855 sizeof(struct key *) * klist->maxkeys, 856 GFP_KERNEL); 857 if (!nklist) 858 goto nomem; 859 nklist->maxkeys = klist->maxkeys; 860 nklist->nkeys = klist->nkeys - 1; 861 862 if (loop > 0) 863 memcpy(&nklist->keys[0], 864 &klist->keys[0], 865 loop * sizeof(struct key *)); 866 867 if (loop < nklist->nkeys) 868 memcpy(&nklist->keys[loop], 869 &klist->keys[loop + 1], 870 (nklist->nkeys - loop) * sizeof(struct key *)); 871 872 /* adjust the user's quota */ 873 key_payload_reserve(keyring, 874 keyring->datalen - KEYQUOTA_LINK_BYTES); 875 876 rcu_assign_pointer(keyring->payload.subscriptions, nklist); 877 878 up_write(&keyring->sem); 879 880 /* schedule for later cleanup */ 881 klist->delkey = loop; 882 call_rcu(&klist->rcu, keyring_unlink_rcu_disposal); 883 884 ret = 0; 885 886 error: 887 return ret; 888 nomem: 889 ret = -ENOMEM; 890 up_write(&keyring->sem); 891 goto error; 892 893 } /* end key_unlink() */ 894 895 EXPORT_SYMBOL(key_unlink); 896 897 /*****************************************************************************/ 898 /* 899 * dispose of a keyring list after the RCU grace period, releasing the keys it 900 * links to 901 */ 902 static void keyring_clear_rcu_disposal(struct rcu_head *rcu) 903 { 904 struct keyring_list *klist; 905 int loop; 906 907 klist = container_of(rcu, struct keyring_list, rcu); 908 909 for (loop = klist->nkeys - 1; loop >= 0; loop--) 910 key_put(klist->keys[loop]); 911 912 kfree(klist); 913 914 } /* end keyring_clear_rcu_disposal() */ 915 916 /*****************************************************************************/ 917 /* 918 * clear the specified process keyring 919 * - implements keyctl(KEYCTL_CLEAR) 920 */ 921 int keyring_clear(struct key *keyring) 922 { 923 struct keyring_list *klist; 924 int ret; 925 926 ret = -ENOTDIR; 927 if (keyring->type == &key_type_keyring) { 928 /* detach the pointer block with the locks held */ 929 down_write(&keyring->sem); 930 931 klist = keyring->payload.subscriptions; 932 if (klist) { 933 /* adjust the quota */ 934 key_payload_reserve(keyring, 935 sizeof(struct keyring_list)); 936 937 rcu_assign_pointer(keyring->payload.subscriptions, 938 NULL); 939 } 940 941 up_write(&keyring->sem); 942 943 /* free the keys after the locks have been dropped */ 944 if (klist) 945 call_rcu(&klist->rcu, keyring_clear_rcu_disposal); 946 947 ret = 0; 948 } 949 950 return ret; 951 952 } /* end keyring_clear() */ 953 954 EXPORT_SYMBOL(keyring_clear); 955