[linux-block.git] / security / keys / compat.c

// SPDX-License-Identifier: GPL-2.0-or-later
/* 32-bit compatibility syscall for 64-bit systems
 *
 * Copyright (C) 2004-5 Red Hat, Inc. All Rights Reserved.
 * Written by David Howells (dhowells@redhat.com)
 */

#include <linux/syscalls.h>
#include <linux/keyctl.h>
#include <linux/compat.h>
#include <linux/slab.h>
#include "internal.h"

/*
 * Instantiate a key with the specified compatibility multipart payload and
 * link the key into the destination keyring if one is given.
 *
 * The caller must have the appropriate instantiation permit set for this to
 * work (see keyctl_assume_authority).  No other permissions are required.
 *
 * If successful, 0 will be returned.
 */
static long compat_keyctl_instantiate_key_iov(
	key_serial_t id,
	const struct compat_iovec __user *_payload_iov,
	unsigned ioc,
	key_serial_t ringid)
{
	struct iovec iovstack[UIO_FASTIOV], *iov = iovstack;
	struct iov_iter from;
	long ret;

	if (!_payload_iov)
		ioc = 0;

	ret = compat_import_iovec(WRITE, _payload_iov, ioc,
				  ARRAY_SIZE(iovstack), &iov,
				  &from);
	if (ret < 0)
		return ret;

	ret = keyctl_instantiate_key_common(id, &from, ringid);
	kfree(iov);
	return ret;
}

/*
 * The key control system call, 32-bit compatibility version for 64-bit archs
 */
COMPAT_SYSCALL_DEFINE5(keyctl, u32, option,
		       u32, arg2, u32, arg3, u32, arg4, u32, arg5)
{
	switch (option) {
	case KEYCTL_GET_KEYRING_ID:
		return keyctl_get_keyring_ID(arg2, arg3);

	case KEYCTL_JOIN_SESSION_KEYRING:
		return keyctl_join_session_keyring(compat_ptr(arg2));

	case KEYCTL_UPDATE:
		return keyctl_update_key(arg2, compat_ptr(arg3), arg4);

	case KEYCTL_REVOKE:
		return keyctl_revoke_key(arg2);

	case KEYCTL_DESCRIBE:
		return keyctl_describe_key(arg2, compat_ptr(arg3), arg4);

	case KEYCTL_CLEAR:
		return keyctl_keyring_clear(arg2);

	case KEYCTL_LINK:
		return keyctl_keyring_link(arg2, arg3);

	case KEYCTL_UNLINK:
		return keyctl_keyring_unlink(arg2, arg3);

	case KEYCTL_SEARCH:
		return keyctl_keyring_search(arg2, compat_ptr(arg3),
					     compat_ptr(arg4), arg5);

	case KEYCTL_READ:
		return keyctl_read_key(arg2, compat_ptr(arg3), arg4);

	case KEYCTL_CHOWN:
		return keyctl_chown_key(arg2, arg3, arg4);

	case KEYCTL_SETPERM:
		return keyctl_setperm_key(arg2, arg3);

	case KEYCTL_INSTANTIATE:
		return keyctl_instantiate_key(arg2, compat_ptr(arg3), arg4,
					      arg5);

	case KEYCTL_NEGATE:
		return keyctl_negate_key(arg2, arg3, arg4);

	case KEYCTL_SET_REQKEY_KEYRING:
		return keyctl_set_reqkey_keyring(arg2);

	case KEYCTL_SET_TIMEOUT:
		return keyctl_set_timeout(arg2, arg3);

	case KEYCTL_ASSUME_AUTHORITY:
		return keyctl_assume_authority(arg2);

	case KEYCTL_GET_SECURITY:
		return keyctl_get_security(arg2, compat_ptr(arg3), arg4);

	case KEYCTL_SESSION_TO_PARENT:
		return keyctl_session_to_parent();

	case KEYCTL_REJECT:
		return keyctl_reject_key(arg2, arg3, arg4, arg5);

	case KEYCTL_INSTANTIATE_IOV:
		return compat_keyctl_instantiate_key_iov(
			arg2, compat_ptr(arg3), arg4, arg5);

	case KEYCTL_INVALIDATE:
		return keyctl_invalidate_key(arg2);

	case KEYCTL_GET_PERSISTENT:
		return keyctl_get_persistent(arg2, arg3);

	case KEYCTL_DH_COMPUTE:
		return compat_keyctl_dh_compute(compat_ptr(arg2),
						compat_ptr(arg3),
						arg4, compat_ptr(arg5));

	case KEYCTL_RESTRICT_KEYRING:
		return keyctl_restrict_keyring(arg2, compat_ptr(arg3),
					       compat_ptr(arg4));

	case KEYCTL_PKEY_QUERY:
		if (arg3 != 0)
			return -EINVAL;
		return keyctl_pkey_query(arg2,
					 compat_ptr(arg4),
					 compat_ptr(arg5));

	case KEYCTL_PKEY_ENCRYPT:
	case KEYCTL_PKEY_DECRYPT:
	case KEYCTL_PKEY_SIGN:
		return keyctl_pkey_e_d_s(option,
					 compat_ptr(arg2), compat_ptr(arg3),
					 compat_ptr(arg4), compat_ptr(arg5));

	case KEYCTL_PKEY_VERIFY:
		return keyctl_pkey_verify(compat_ptr(arg2), compat_ptr(arg3),
					  compat_ptr(arg4), compat_ptr(arg5));

	case KEYCTL_MOVE:
		return keyctl_keyring_move(arg2, arg3, arg4, arg5);

	case KEYCTL_CAPABILITIES:
		return keyctl_capabilities(compat_ptr(arg2), arg3);

	case KEYCTL_WATCH_KEY:
		return keyctl_watch_key(arg2, arg3, arg4);

	default:
		return -EOPNOTSUPP;
	}
}
Commit	Line	Data
2874c5fd	1	// SPDX-License-Identifier: GPL-2.0-or-later
973c9f4f	2	/* 32-bit compatibility syscall for 64-bit systems
1da177e4	3	*
3e30148c	4	* Copyright (C) 2004-5 Red Hat, Inc. All Rights Reserved.
1da177e4	5	* Written by David Howells (dhowells@redhat.com)
1da177e4 LT	6	*/
1da177e4 LT	7
1da177e4 LT	8	#include <linux/syscalls.h>
	9	#include <linux/keyctl.h>
	10	#include <linux/compat.h>
ee009e4a	11	#include <linux/slab.h>
1da177e4 LT	12	#include "internal.h"
1da177e4 LT	13
ee009e4a DH	14	/*
	15	* Instantiate a key with the specified compatibility multipart payload and
	16	* link the key into the destination keyring if one is given.
	17	*
	18	* The caller must have the appropriate instantiation permit set for this to
	19	* work (see keyctl_assume_authority). No other permissions are required.
	20	*
	21	* If successful, 0 will be returned.
	22	*/
423b9788	23	static long compat_keyctl_instantiate_key_iov(
ee009e4a DH	24	key_serial_t id,
	25	const struct compat_iovec __user *_payload_iov,
	26	unsigned ioc,
	27	key_serial_t ringid)
	28	{
	29	struct iovec iovstack[UIO_FASTIOV], *iov = iovstack;
b353a1f7	30	struct iov_iter from;
ee009e4a DH	31	long ret;
ee009e4a DH	32
b353a1f7 AV	33	if (!_payload_iov)
b353a1f7 AV	34	ioc = 0;
ee009e4a	35
b353a1f7 AV	36	ret = compat_import_iovec(WRITE, _payload_iov, ioc,
	37	ARRAY_SIZE(iovstack), &iov,
	38	&from);
ee009e4a	39	if (ret < 0)
b353a1f7	40	return ret;
ee009e4a	41
b353a1f7 AV	42	ret = keyctl_instantiate_key_common(id, &from, ringid);
b353a1f7 AV	43	kfree(iov);
ee009e4a	44	return ret;
ee009e4a DH	45	}
ee009e4a DH	46
1da177e4	47	/*
973c9f4f	48	* The key control system call, 32-bit compatibility version for 64-bit archs
1da177e4	49	*/
875ec3da HC	50	COMPAT_SYSCALL_DEFINE5(keyctl, u32, option,
875ec3da HC	51	u32, arg2, u32, arg3, u32, arg4, u32, arg5)
1da177e4 LT	52	{
	53	switch (option) {
	54	case KEYCTL_GET_KEYRING_ID:
	55	return keyctl_get_keyring_ID(arg2, arg3);
	56
	57	case KEYCTL_JOIN_SESSION_KEYRING:
	58	return keyctl_join_session_keyring(compat_ptr(arg2));
	59
	60	case KEYCTL_UPDATE:
	61	return keyctl_update_key(arg2, compat_ptr(arg3), arg4);
	62
	63	case KEYCTL_REVOKE:
	64	return keyctl_revoke_key(arg2);
	65
	66	case KEYCTL_DESCRIBE:
	67	return keyctl_describe_key(arg2, compat_ptr(arg3), arg4);
	68
	69	case KEYCTL_CLEAR:
	70	return keyctl_keyring_clear(arg2);
	71
	72	case KEYCTL_LINK:
	73	return keyctl_keyring_link(arg2, arg3);
	74
	75	case KEYCTL_UNLINK:
	76	return keyctl_keyring_unlink(arg2, arg3);
	77
	78	case KEYCTL_SEARCH:
	79	return keyctl_keyring_search(arg2, compat_ptr(arg3),
	80	compat_ptr(arg4), arg5);
	81
	82	case KEYCTL_READ:
	83	return keyctl_read_key(arg2, compat_ptr(arg3), arg4);
	84
	85	case KEYCTL_CHOWN:
	86	return keyctl_chown_key(arg2, arg3, arg4);
	87
	88	case KEYCTL_SETPERM:
	89	return keyctl_setperm_key(arg2, arg3);
	90
	91	case KEYCTL_INSTANTIATE:
	92	return keyctl_instantiate_key(arg2, compat_ptr(arg3), arg4,
	93	arg5);
	94
	95	case KEYCTL_NEGATE:
	96	return keyctl_negate_key(arg2, arg3, arg4);
	97
3e30148c DH	98	case KEYCTL_SET_REQKEY_KEYRING:
	99	return keyctl_set_reqkey_keyring(arg2);
	100
017679c4 DH	101	case KEYCTL_SET_TIMEOUT:
	102	return keyctl_set_timeout(arg2, arg3);
	103
b5f545c8 DH	104	case KEYCTL_ASSUME_AUTHORITY:
	105	return keyctl_assume_authority(arg2);
	106
70a5bb72 DH	107	case KEYCTL_GET_SECURITY:
	108	return keyctl_get_security(arg2, compat_ptr(arg3), arg4);
	109
ee18d64c DH	110	case KEYCTL_SESSION_TO_PARENT:
	111	return keyctl_session_to_parent();
	112
fdd1b945 DH	113	case KEYCTL_REJECT:
	114	return keyctl_reject_key(arg2, arg3, arg4, arg5);
	115
ee009e4a DH	116	case KEYCTL_INSTANTIATE_IOV:
	117	return compat_keyctl_instantiate_key_iov(
	118	arg2, compat_ptr(arg3), arg4, arg5);
	119
fd75815f DH	120	case KEYCTL_INVALIDATE:
	121	return keyctl_invalidate_key(arg2);
	122
f36f8c75 DH	123	case KEYCTL_GET_PERSISTENT:
	124	return keyctl_get_persistent(arg2, arg3);
	125
ddbb4114	126	case KEYCTL_DH_COMPUTE:
f1c316a3 SM	127	return compat_keyctl_dh_compute(compat_ptr(arg2),
	128	compat_ptr(arg3),
	129	arg4, compat_ptr(arg5));
ddbb4114	130
6563c91f MM	131	case KEYCTL_RESTRICT_KEYRING:
	132	return keyctl_restrict_keyring(arg2, compat_ptr(arg3),
	133	compat_ptr(arg4));
	134
00d60fd3 DH	135	case KEYCTL_PKEY_QUERY:
	136	if (arg3 != 0)
	137	return -EINVAL;
	138	return keyctl_pkey_query(arg2,
	139	compat_ptr(arg4),
	140	compat_ptr(arg5));
	141
	142	case KEYCTL_PKEY_ENCRYPT:
	143	case KEYCTL_PKEY_DECRYPT:
	144	case KEYCTL_PKEY_SIGN:
	145	return keyctl_pkey_e_d_s(option,
	146	compat_ptr(arg2), compat_ptr(arg3),
	147	compat_ptr(arg4), compat_ptr(arg5));
	148
	149	case KEYCTL_PKEY_VERIFY:
	150	return keyctl_pkey_verify(compat_ptr(arg2), compat_ptr(arg3),
	151	compat_ptr(arg4), compat_ptr(arg5));
	152
ed0ac5c7 DH	153	case KEYCTL_MOVE:
	154	return keyctl_keyring_move(arg2, arg3, arg4, arg5);
	155
45e0f30c DH	156	case KEYCTL_CAPABILITIES:
	157	return keyctl_capabilities(compat_ptr(arg2), arg3);
	158
f7e47677 DH	159	case KEYCTL_WATCH_KEY:
	160	return keyctl_watch_key(arg2, arg3, arg4);
	161
1da177e4 LT	162	default:
	163	return -EOPNOTSUPP;
	164	}
a8b17ed0	165	}