Commit | Line | Data |
---|---|---|
1da177e4 LT |
1 | /* keyctl.c: userspace keyctl operations |
2 | * | |
3e30148c | 3 | * Copyright (C) 2004-5 Red Hat, Inc. All Rights Reserved. |
1da177e4 LT |
4 | * Written by David Howells (dhowells@redhat.com) |
5 | * | |
6 | * This program is free software; you can redistribute it and/or | |
7 | * modify it under the terms of the GNU General Public License | |
8 | * as published by the Free Software Foundation; either version | |
9 | * 2 of the License, or (at your option) any later version. | |
10 | */ | |
11 | ||
12 | #include <linux/module.h> | |
13 | #include <linux/init.h> | |
14 | #include <linux/sched.h> | |
15 | #include <linux/slab.h> | |
16 | #include <linux/syscalls.h> | |
17 | #include <linux/keyctl.h> | |
18 | #include <linux/fs.h> | |
c59ede7b | 19 | #include <linux/capability.h> |
0cb409d9 | 20 | #include <linux/string.h> |
1da177e4 | 21 | #include <linux/err.h> |
38bbca6b | 22 | #include <linux/vmalloc.h> |
70a5bb72 | 23 | #include <linux/security.h> |
1da177e4 LT |
24 | #include <asm/uaccess.h> |
25 | #include "internal.h" | |
26 | ||
0cb409d9 DA |
27 | static int key_get_type_from_user(char *type, |
28 | const char __user *_type, | |
29 | unsigned len) | |
30 | { | |
31 | int ret; | |
32 | ||
33 | ret = strncpy_from_user(type, _type, len); | |
34 | ||
35 | if (ret < 0) | |
36 | return -EFAULT; | |
37 | ||
38 | if (ret == 0 || ret >= len) | |
39 | return -EINVAL; | |
40 | ||
41 | if (type[0] == '.') | |
42 | return -EPERM; | |
43 | ||
44 | type[len - 1] = '\0'; | |
45 | ||
46 | return 0; | |
47 | } | |
48 | ||
1da177e4 LT |
49 | /*****************************************************************************/ |
50 | /* | |
51 | * extract the description of a new key from userspace and either add it as a | |
52 | * new key to the specified keyring or update a matching key in that keyring | |
53 | * - the keyring must be writable | |
54 | * - returns the new key's serial number | |
55 | * - implements add_key() | |
56 | */ | |
1e7bfb21 HC |
57 | SYSCALL_DEFINE5(add_key, const char __user *, _type, |
58 | const char __user *, _description, | |
59 | const void __user *, _payload, | |
60 | size_t, plen, | |
61 | key_serial_t, ringid) | |
1da177e4 | 62 | { |
664cceb0 | 63 | key_ref_t keyring_ref, key_ref; |
1da177e4 LT |
64 | char type[32], *description; |
65 | void *payload; | |
0cb409d9 | 66 | long ret; |
38bbca6b | 67 | bool vm; |
1da177e4 LT |
68 | |
69 | ret = -EINVAL; | |
38bbca6b | 70 | if (plen > 1024 * 1024 - 1) |
1da177e4 LT |
71 | goto error; |
72 | ||
73 | /* draw all the data into kernel space */ | |
0cb409d9 | 74 | ret = key_get_type_from_user(type, _type, sizeof(type)); |
1da177e4 LT |
75 | if (ret < 0) |
76 | goto error; | |
1da177e4 | 77 | |
0cb409d9 DA |
78 | description = strndup_user(_description, PAGE_SIZE); |
79 | if (IS_ERR(description)) { | |
80 | ret = PTR_ERR(description); | |
1da177e4 | 81 | goto error; |
0cb409d9 | 82 | } |
1da177e4 LT |
83 | |
84 | /* pull the payload in if one was supplied */ | |
85 | payload = NULL; | |
86 | ||
38bbca6b | 87 | vm = false; |
1da177e4 LT |
88 | if (_payload) { |
89 | ret = -ENOMEM; | |
90 | payload = kmalloc(plen, GFP_KERNEL); | |
38bbca6b DH |
91 | if (!payload) { |
92 | if (plen <= PAGE_SIZE) | |
93 | goto error2; | |
94 | vm = true; | |
95 | payload = vmalloc(plen); | |
96 | if (!payload) | |
97 | goto error2; | |
98 | } | |
1da177e4 LT |
99 | |
100 | ret = -EFAULT; | |
101 | if (copy_from_user(payload, _payload, plen) != 0) | |
102 | goto error3; | |
103 | } | |
104 | ||
105 | /* find the target keyring (which must be writable) */ | |
8bbf4976 | 106 | keyring_ref = lookup_user_key(ringid, 1, 0, KEY_WRITE); |
664cceb0 DH |
107 | if (IS_ERR(keyring_ref)) { |
108 | ret = PTR_ERR(keyring_ref); | |
1da177e4 LT |
109 | goto error3; |
110 | } | |
111 | ||
112 | /* create or update the requested key and add it to the target | |
113 | * keyring */ | |
664cceb0 | 114 | key_ref = key_create_or_update(keyring_ref, type, description, |
6b79ccb5 AR |
115 | payload, plen, KEY_PERM_UNDEF, |
116 | KEY_ALLOC_IN_QUOTA); | |
664cceb0 DH |
117 | if (!IS_ERR(key_ref)) { |
118 | ret = key_ref_to_ptr(key_ref)->serial; | |
119 | key_ref_put(key_ref); | |
1da177e4 LT |
120 | } |
121 | else { | |
664cceb0 | 122 | ret = PTR_ERR(key_ref); |
1da177e4 LT |
123 | } |
124 | ||
664cceb0 | 125 | key_ref_put(keyring_ref); |
1da177e4 | 126 | error3: |
38bbca6b DH |
127 | if (!vm) |
128 | kfree(payload); | |
129 | else | |
130 | vfree(payload); | |
1da177e4 LT |
131 | error2: |
132 | kfree(description); | |
133 | error: | |
134 | return ret; | |
135 | ||
136 | } /* end sys_add_key() */ | |
137 | ||
138 | /*****************************************************************************/ | |
139 | /* | |
140 | * search the process keyrings for a matching key | |
141 | * - nested keyrings may also be searched if they have Search permission | |
142 | * - if a key is found, it will be attached to the destination keyring if | |
143 | * there's one specified | |
144 | * - /sbin/request-key will be invoked if _callout_info is non-NULL | |
145 | * - the _callout_info string will be passed to /sbin/request-key | |
146 | * - if the _callout_info string is empty, it will be rendered as "-" | |
147 | * - implements request_key() | |
148 | */ | |
1e7bfb21 HC |
149 | SYSCALL_DEFINE4(request_key, const char __user *, _type, |
150 | const char __user *, _description, | |
151 | const char __user *, _callout_info, | |
152 | key_serial_t, destringid) | |
1da177e4 LT |
153 | { |
154 | struct key_type *ktype; | |
664cceb0 DH |
155 | struct key *key; |
156 | key_ref_t dest_ref; | |
4a38e122 | 157 | size_t callout_len; |
1da177e4 | 158 | char type[32], *description, *callout_info; |
0cb409d9 | 159 | long ret; |
1da177e4 LT |
160 | |
161 | /* pull the type into kernel space */ | |
0cb409d9 | 162 | ret = key_get_type_from_user(type, _type, sizeof(type)); |
1da177e4 LT |
163 | if (ret < 0) |
164 | goto error; | |
1260f801 | 165 | |
1da177e4 | 166 | /* pull the description into kernel space */ |
0cb409d9 DA |
167 | description = strndup_user(_description, PAGE_SIZE); |
168 | if (IS_ERR(description)) { | |
169 | ret = PTR_ERR(description); | |
1da177e4 | 170 | goto error; |
0cb409d9 | 171 | } |
1da177e4 LT |
172 | |
173 | /* pull the callout info into kernel space */ | |
174 | callout_info = NULL; | |
4a38e122 | 175 | callout_len = 0; |
1da177e4 | 176 | if (_callout_info) { |
0cb409d9 DA |
177 | callout_info = strndup_user(_callout_info, PAGE_SIZE); |
178 | if (IS_ERR(callout_info)) { | |
179 | ret = PTR_ERR(callout_info); | |
1da177e4 | 180 | goto error2; |
0cb409d9 | 181 | } |
4a38e122 | 182 | callout_len = strlen(callout_info); |
1da177e4 LT |
183 | } |
184 | ||
185 | /* get the destination keyring if specified */ | |
664cceb0 | 186 | dest_ref = NULL; |
1da177e4 | 187 | if (destringid) { |
8bbf4976 | 188 | dest_ref = lookup_user_key(destringid, 1, 0, KEY_WRITE); |
664cceb0 DH |
189 | if (IS_ERR(dest_ref)) { |
190 | ret = PTR_ERR(dest_ref); | |
1da177e4 LT |
191 | goto error3; |
192 | } | |
193 | } | |
194 | ||
195 | /* find the key type */ | |
196 | ktype = key_type_lookup(type); | |
197 | if (IS_ERR(ktype)) { | |
198 | ret = PTR_ERR(ktype); | |
199 | goto error4; | |
200 | } | |
201 | ||
202 | /* do the search */ | |
4a38e122 DH |
203 | key = request_key_and_link(ktype, description, callout_info, |
204 | callout_len, NULL, key_ref_to_ptr(dest_ref), | |
7e047ef5 | 205 | KEY_ALLOC_IN_QUOTA); |
1da177e4 LT |
206 | if (IS_ERR(key)) { |
207 | ret = PTR_ERR(key); | |
208 | goto error5; | |
209 | } | |
210 | ||
1da177e4 LT |
211 | ret = key->serial; |
212 | ||
3e30148c | 213 | key_put(key); |
1da177e4 LT |
214 | error5: |
215 | key_type_put(ktype); | |
216 | error4: | |
664cceb0 | 217 | key_ref_put(dest_ref); |
1da177e4 LT |
218 | error3: |
219 | kfree(callout_info); | |
220 | error2: | |
221 | kfree(description); | |
222 | error: | |
223 | return ret; | |
224 | ||
225 | } /* end sys_request_key() */ | |
226 | ||
227 | /*****************************************************************************/ | |
228 | /* | |
229 | * get the ID of the specified process keyring | |
230 | * - the keyring must have search permission to be found | |
231 | * - implements keyctl(KEYCTL_GET_KEYRING_ID) | |
232 | */ | |
233 | long keyctl_get_keyring_ID(key_serial_t id, int create) | |
234 | { | |
664cceb0 | 235 | key_ref_t key_ref; |
1da177e4 LT |
236 | long ret; |
237 | ||
8bbf4976 | 238 | key_ref = lookup_user_key(id, create, 0, KEY_SEARCH); |
664cceb0 DH |
239 | if (IS_ERR(key_ref)) { |
240 | ret = PTR_ERR(key_ref); | |
1da177e4 LT |
241 | goto error; |
242 | } | |
243 | ||
664cceb0 DH |
244 | ret = key_ref_to_ptr(key_ref)->serial; |
245 | key_ref_put(key_ref); | |
1da177e4 LT |
246 | error: |
247 | return ret; | |
248 | ||
249 | } /* end keyctl_get_keyring_ID() */ | |
250 | ||
251 | /*****************************************************************************/ | |
252 | /* | |
253 | * join the session keyring | |
254 | * - implements keyctl(KEYCTL_JOIN_SESSION_KEYRING) | |
255 | */ | |
256 | long keyctl_join_session_keyring(const char __user *_name) | |
257 | { | |
258 | char *name; | |
0cb409d9 | 259 | long ret; |
1da177e4 LT |
260 | |
261 | /* fetch the name from userspace */ | |
262 | name = NULL; | |
263 | if (_name) { | |
0cb409d9 DA |
264 | name = strndup_user(_name, PAGE_SIZE); |
265 | if (IS_ERR(name)) { | |
266 | ret = PTR_ERR(name); | |
1da177e4 | 267 | goto error; |
0cb409d9 | 268 | } |
1da177e4 LT |
269 | } |
270 | ||
271 | /* join the session */ | |
272 | ret = join_session_keyring(name); | |
0d54ee1c | 273 | kfree(name); |
1da177e4 | 274 | |
1da177e4 LT |
275 | error: |
276 | return ret; | |
277 | ||
278 | } /* end keyctl_join_session_keyring() */ | |
279 | ||
280 | /*****************************************************************************/ | |
281 | /* | |
282 | * update a key's data payload | |
283 | * - the key must be writable | |
284 | * - implements keyctl(KEYCTL_UPDATE) | |
285 | */ | |
286 | long keyctl_update_key(key_serial_t id, | |
287 | const void __user *_payload, | |
288 | size_t plen) | |
289 | { | |
664cceb0 | 290 | key_ref_t key_ref; |
1da177e4 LT |
291 | void *payload; |
292 | long ret; | |
293 | ||
294 | ret = -EINVAL; | |
295 | if (plen > PAGE_SIZE) | |
296 | goto error; | |
297 | ||
298 | /* pull the payload in if one was supplied */ | |
299 | payload = NULL; | |
300 | if (_payload) { | |
301 | ret = -ENOMEM; | |
302 | payload = kmalloc(plen, GFP_KERNEL); | |
303 | if (!payload) | |
304 | goto error; | |
305 | ||
306 | ret = -EFAULT; | |
307 | if (copy_from_user(payload, _payload, plen) != 0) | |
308 | goto error2; | |
309 | } | |
310 | ||
311 | /* find the target key (which must be writable) */ | |
8bbf4976 | 312 | key_ref = lookup_user_key(id, 0, 0, KEY_WRITE); |
664cceb0 DH |
313 | if (IS_ERR(key_ref)) { |
314 | ret = PTR_ERR(key_ref); | |
1da177e4 LT |
315 | goto error2; |
316 | } | |
317 | ||
318 | /* update the key */ | |
664cceb0 | 319 | ret = key_update(key_ref, payload, plen); |
1da177e4 | 320 | |
664cceb0 | 321 | key_ref_put(key_ref); |
1da177e4 LT |
322 | error2: |
323 | kfree(payload); | |
324 | error: | |
325 | return ret; | |
326 | ||
327 | } /* end keyctl_update_key() */ | |
328 | ||
329 | /*****************************************************************************/ | |
330 | /* | |
331 | * revoke a key | |
332 | * - the key must be writable | |
333 | * - implements keyctl(KEYCTL_REVOKE) | |
334 | */ | |
335 | long keyctl_revoke_key(key_serial_t id) | |
336 | { | |
664cceb0 | 337 | key_ref_t key_ref; |
1da177e4 LT |
338 | long ret; |
339 | ||
8bbf4976 | 340 | key_ref = lookup_user_key(id, 0, 0, KEY_WRITE); |
664cceb0 DH |
341 | if (IS_ERR(key_ref)) { |
342 | ret = PTR_ERR(key_ref); | |
1da177e4 LT |
343 | goto error; |
344 | } | |
345 | ||
664cceb0 | 346 | key_revoke(key_ref_to_ptr(key_ref)); |
1da177e4 LT |
347 | ret = 0; |
348 | ||
664cceb0 | 349 | key_ref_put(key_ref); |
1da177e4 | 350 | error: |
1260f801 | 351 | return ret; |
1da177e4 LT |
352 | |
353 | } /* end keyctl_revoke_key() */ | |
354 | ||
355 | /*****************************************************************************/ | |
356 | /* | |
357 | * clear the specified process keyring | |
358 | * - the keyring must be writable | |
359 | * - implements keyctl(KEYCTL_CLEAR) | |
360 | */ | |
361 | long keyctl_keyring_clear(key_serial_t ringid) | |
362 | { | |
664cceb0 | 363 | key_ref_t keyring_ref; |
1da177e4 LT |
364 | long ret; |
365 | ||
8bbf4976 | 366 | keyring_ref = lookup_user_key(ringid, 1, 0, KEY_WRITE); |
664cceb0 DH |
367 | if (IS_ERR(keyring_ref)) { |
368 | ret = PTR_ERR(keyring_ref); | |
1da177e4 LT |
369 | goto error; |
370 | } | |
371 | ||
664cceb0 | 372 | ret = keyring_clear(key_ref_to_ptr(keyring_ref)); |
1da177e4 | 373 | |
664cceb0 | 374 | key_ref_put(keyring_ref); |
1da177e4 LT |
375 | error: |
376 | return ret; | |
377 | ||
378 | } /* end keyctl_keyring_clear() */ | |
379 | ||
380 | /*****************************************************************************/ | |
381 | /* | |
382 | * link a key into a keyring | |
383 | * - the keyring must be writable | |
384 | * - the key must be linkable | |
385 | * - implements keyctl(KEYCTL_LINK) | |
386 | */ | |
387 | long keyctl_keyring_link(key_serial_t id, key_serial_t ringid) | |
388 | { | |
664cceb0 | 389 | key_ref_t keyring_ref, key_ref; |
1da177e4 LT |
390 | long ret; |
391 | ||
8bbf4976 | 392 | keyring_ref = lookup_user_key(ringid, 1, 0, KEY_WRITE); |
664cceb0 DH |
393 | if (IS_ERR(keyring_ref)) { |
394 | ret = PTR_ERR(keyring_ref); | |
1da177e4 LT |
395 | goto error; |
396 | } | |
397 | ||
8bbf4976 | 398 | key_ref = lookup_user_key(id, 1, 0, KEY_LINK); |
664cceb0 DH |
399 | if (IS_ERR(key_ref)) { |
400 | ret = PTR_ERR(key_ref); | |
1da177e4 LT |
401 | goto error2; |
402 | } | |
403 | ||
664cceb0 | 404 | ret = key_link(key_ref_to_ptr(keyring_ref), key_ref_to_ptr(key_ref)); |
1da177e4 | 405 | |
664cceb0 | 406 | key_ref_put(key_ref); |
1da177e4 | 407 | error2: |
664cceb0 | 408 | key_ref_put(keyring_ref); |
1da177e4 LT |
409 | error: |
410 | return ret; | |
411 | ||
412 | } /* end keyctl_keyring_link() */ | |
413 | ||
414 | /*****************************************************************************/ | |
415 | /* | |
416 | * unlink the first attachment of a key from a keyring | |
417 | * - the keyring must be writable | |
418 | * - we don't need any permissions on the key | |
419 | * - implements keyctl(KEYCTL_UNLINK) | |
420 | */ | |
421 | long keyctl_keyring_unlink(key_serial_t id, key_serial_t ringid) | |
422 | { | |
664cceb0 | 423 | key_ref_t keyring_ref, key_ref; |
1da177e4 LT |
424 | long ret; |
425 | ||
8bbf4976 | 426 | keyring_ref = lookup_user_key(ringid, 0, 0, KEY_WRITE); |
664cceb0 DH |
427 | if (IS_ERR(keyring_ref)) { |
428 | ret = PTR_ERR(keyring_ref); | |
1da177e4 LT |
429 | goto error; |
430 | } | |
431 | ||
8bbf4976 | 432 | key_ref = lookup_user_key(id, 0, 0, 0); |
664cceb0 DH |
433 | if (IS_ERR(key_ref)) { |
434 | ret = PTR_ERR(key_ref); | |
1da177e4 LT |
435 | goto error2; |
436 | } | |
437 | ||
664cceb0 | 438 | ret = key_unlink(key_ref_to_ptr(keyring_ref), key_ref_to_ptr(key_ref)); |
1da177e4 | 439 | |
664cceb0 | 440 | key_ref_put(key_ref); |
1da177e4 | 441 | error2: |
664cceb0 | 442 | key_ref_put(keyring_ref); |
1da177e4 LT |
443 | error: |
444 | return ret; | |
445 | ||
446 | } /* end keyctl_keyring_unlink() */ | |
447 | ||
448 | /*****************************************************************************/ | |
449 | /* | |
450 | * describe a user key | |
451 | * - the key must have view permission | |
452 | * - if there's a buffer, we place up to buflen bytes of data into it | |
453 | * - unless there's an error, we return the amount of description available, | |
454 | * irrespective of how much we may have copied | |
455 | * - the description is formatted thus: | |
456 | * type;uid;gid;perm;description<NUL> | |
457 | * - implements keyctl(KEYCTL_DESCRIBE) | |
458 | */ | |
459 | long keyctl_describe_key(key_serial_t keyid, | |
460 | char __user *buffer, | |
461 | size_t buflen) | |
462 | { | |
3e30148c | 463 | struct key *key, *instkey; |
664cceb0 | 464 | key_ref_t key_ref; |
1da177e4 LT |
465 | char *tmpbuf; |
466 | long ret; | |
467 | ||
8bbf4976 | 468 | key_ref = lookup_user_key(keyid, 0, 1, KEY_VIEW); |
664cceb0 | 469 | if (IS_ERR(key_ref)) { |
3e30148c DH |
470 | /* viewing a key under construction is permitted if we have the |
471 | * authorisation token handy */ | |
664cceb0 | 472 | if (PTR_ERR(key_ref) == -EACCES) { |
3e30148c DH |
473 | instkey = key_get_instantiation_authkey(keyid); |
474 | if (!IS_ERR(instkey)) { | |
475 | key_put(instkey); | |
8bbf4976 | 476 | key_ref = lookup_user_key(keyid, |
664cceb0 DH |
477 | 0, 1, 0); |
478 | if (!IS_ERR(key_ref)) | |
3e30148c DH |
479 | goto okay; |
480 | } | |
481 | } | |
482 | ||
664cceb0 | 483 | ret = PTR_ERR(key_ref); |
1da177e4 LT |
484 | goto error; |
485 | } | |
486 | ||
3e30148c | 487 | okay: |
1da177e4 LT |
488 | /* calculate how much description we're going to return */ |
489 | ret = -ENOMEM; | |
490 | tmpbuf = kmalloc(PAGE_SIZE, GFP_KERNEL); | |
491 | if (!tmpbuf) | |
492 | goto error2; | |
493 | ||
664cceb0 DH |
494 | key = key_ref_to_ptr(key_ref); |
495 | ||
1da177e4 | 496 | ret = snprintf(tmpbuf, PAGE_SIZE - 1, |
664cceb0 DH |
497 | "%s;%d;%d;%08x;%s", |
498 | key_ref_to_ptr(key_ref)->type->name, | |
499 | key_ref_to_ptr(key_ref)->uid, | |
500 | key_ref_to_ptr(key_ref)->gid, | |
501 | key_ref_to_ptr(key_ref)->perm, | |
502 | key_ref_to_ptr(key_ref)->description ? | |
503 | key_ref_to_ptr(key_ref)->description : "" | |
1da177e4 LT |
504 | ); |
505 | ||
506 | /* include a NUL char at the end of the data */ | |
507 | if (ret > PAGE_SIZE - 1) | |
508 | ret = PAGE_SIZE - 1; | |
509 | tmpbuf[ret] = 0; | |
510 | ret++; | |
511 | ||
512 | /* consider returning the data */ | |
513 | if (buffer && buflen > 0) { | |
514 | if (buflen > ret) | |
515 | buflen = ret; | |
516 | ||
517 | if (copy_to_user(buffer, tmpbuf, buflen) != 0) | |
518 | ret = -EFAULT; | |
519 | } | |
520 | ||
521 | kfree(tmpbuf); | |
522 | error2: | |
664cceb0 | 523 | key_ref_put(key_ref); |
1da177e4 LT |
524 | error: |
525 | return ret; | |
526 | ||
527 | } /* end keyctl_describe_key() */ | |
528 | ||
529 | /*****************************************************************************/ | |
530 | /* | |
531 | * search the specified keyring for a matching key | |
532 | * - the start keyring must be searchable | |
533 | * - nested keyrings may also be searched if they are searchable | |
534 | * - only keys with search permission may be found | |
535 | * - if a key is found, it will be attached to the destination keyring if | |
536 | * there's one specified | |
537 | * - implements keyctl(KEYCTL_SEARCH) | |
538 | */ | |
539 | long keyctl_keyring_search(key_serial_t ringid, | |
540 | const char __user *_type, | |
541 | const char __user *_description, | |
542 | key_serial_t destringid) | |
543 | { | |
544 | struct key_type *ktype; | |
664cceb0 | 545 | key_ref_t keyring_ref, key_ref, dest_ref; |
1da177e4 | 546 | char type[32], *description; |
0cb409d9 | 547 | long ret; |
1da177e4 LT |
548 | |
549 | /* pull the type and description into kernel space */ | |
0cb409d9 | 550 | ret = key_get_type_from_user(type, _type, sizeof(type)); |
1da177e4 LT |
551 | if (ret < 0) |
552 | goto error; | |
1da177e4 | 553 | |
0cb409d9 DA |
554 | description = strndup_user(_description, PAGE_SIZE); |
555 | if (IS_ERR(description)) { | |
556 | ret = PTR_ERR(description); | |
1da177e4 | 557 | goto error; |
0cb409d9 | 558 | } |
1da177e4 LT |
559 | |
560 | /* get the keyring at which to begin the search */ | |
8bbf4976 | 561 | keyring_ref = lookup_user_key(ringid, 0, 0, KEY_SEARCH); |
664cceb0 DH |
562 | if (IS_ERR(keyring_ref)) { |
563 | ret = PTR_ERR(keyring_ref); | |
1da177e4 LT |
564 | goto error2; |
565 | } | |
566 | ||
567 | /* get the destination keyring if specified */ | |
664cceb0 | 568 | dest_ref = NULL; |
1da177e4 | 569 | if (destringid) { |
8bbf4976 | 570 | dest_ref = lookup_user_key(destringid, 1, 0, KEY_WRITE); |
664cceb0 DH |
571 | if (IS_ERR(dest_ref)) { |
572 | ret = PTR_ERR(dest_ref); | |
1da177e4 LT |
573 | goto error3; |
574 | } | |
575 | } | |
576 | ||
577 | /* find the key type */ | |
578 | ktype = key_type_lookup(type); | |
579 | if (IS_ERR(ktype)) { | |
580 | ret = PTR_ERR(ktype); | |
581 | goto error4; | |
582 | } | |
583 | ||
584 | /* do the search */ | |
664cceb0 DH |
585 | key_ref = keyring_search(keyring_ref, ktype, description); |
586 | if (IS_ERR(key_ref)) { | |
587 | ret = PTR_ERR(key_ref); | |
1da177e4 LT |
588 | |
589 | /* treat lack or presence of a negative key the same */ | |
590 | if (ret == -EAGAIN) | |
591 | ret = -ENOKEY; | |
592 | goto error5; | |
593 | } | |
594 | ||
595 | /* link the resulting key to the destination keyring if we can */ | |
664cceb0 | 596 | if (dest_ref) { |
29db9190 DH |
597 | ret = key_permission(key_ref, KEY_LINK); |
598 | if (ret < 0) | |
1da177e4 LT |
599 | goto error6; |
600 | ||
664cceb0 | 601 | ret = key_link(key_ref_to_ptr(dest_ref), key_ref_to_ptr(key_ref)); |
1da177e4 LT |
602 | if (ret < 0) |
603 | goto error6; | |
604 | } | |
605 | ||
664cceb0 | 606 | ret = key_ref_to_ptr(key_ref)->serial; |
1da177e4 LT |
607 | |
608 | error6: | |
664cceb0 | 609 | key_ref_put(key_ref); |
1da177e4 LT |
610 | error5: |
611 | key_type_put(ktype); | |
612 | error4: | |
664cceb0 | 613 | key_ref_put(dest_ref); |
1da177e4 | 614 | error3: |
664cceb0 | 615 | key_ref_put(keyring_ref); |
1da177e4 LT |
616 | error2: |
617 | kfree(description); | |
618 | error: | |
619 | return ret; | |
620 | ||
621 | } /* end keyctl_keyring_search() */ | |
622 | ||
1da177e4 LT |
623 | /*****************************************************************************/ |
624 | /* | |
625 | * read a user key's payload | |
626 | * - the keyring must be readable or the key must be searchable from the | |
627 | * process's keyrings | |
628 | * - if there's a buffer, we place up to buflen bytes of data into it | |
629 | * - unless there's an error, we return the amount of data in the key, | |
630 | * irrespective of how much we may have copied | |
631 | * - implements keyctl(KEYCTL_READ) | |
632 | */ | |
633 | long keyctl_read_key(key_serial_t keyid, char __user *buffer, size_t buflen) | |
634 | { | |
664cceb0 DH |
635 | struct key *key; |
636 | key_ref_t key_ref; | |
1da177e4 LT |
637 | long ret; |
638 | ||
639 | /* find the key first */ | |
8bbf4976 | 640 | key_ref = lookup_user_key(keyid, 0, 0, 0); |
664cceb0 DH |
641 | if (IS_ERR(key_ref)) { |
642 | ret = -ENOKEY; | |
643 | goto error; | |
1da177e4 LT |
644 | } |
645 | ||
664cceb0 DH |
646 | key = key_ref_to_ptr(key_ref); |
647 | ||
648 | /* see if we can read it directly */ | |
29db9190 DH |
649 | ret = key_permission(key_ref, KEY_READ); |
650 | if (ret == 0) | |
664cceb0 | 651 | goto can_read_key; |
29db9190 DH |
652 | if (ret != -EACCES) |
653 | goto error; | |
664cceb0 DH |
654 | |
655 | /* we can't; see if it's searchable from this process's keyrings | |
656 | * - we automatically take account of the fact that it may be | |
657 | * dangling off an instantiation key | |
658 | */ | |
659 | if (!is_key_possessed(key_ref)) { | |
660 | ret = -EACCES; | |
661 | goto error2; | |
662 | } | |
1da177e4 LT |
663 | |
664 | /* the key is probably readable - now try to read it */ | |
1da177e4 LT |
665 | can_read_key: |
666 | ret = key_validate(key); | |
667 | if (ret == 0) { | |
668 | ret = -EOPNOTSUPP; | |
669 | if (key->type->read) { | |
670 | /* read the data with the semaphore held (since we | |
671 | * might sleep) */ | |
672 | down_read(&key->sem); | |
673 | ret = key->type->read(key, buffer, buflen); | |
674 | up_read(&key->sem); | |
675 | } | |
676 | } | |
677 | ||
678 | error2: | |
679 | key_put(key); | |
680 | error: | |
681 | return ret; | |
682 | ||
683 | } /* end keyctl_read_key() */ | |
684 | ||
685 | /*****************************************************************************/ | |
686 | /* | |
687 | * change the ownership of a key | |
688 | * - the keyring owned by the changer | |
689 | * - if the uid or gid is -1, then that parameter is not changed | |
690 | * - implements keyctl(KEYCTL_CHOWN) | |
691 | */ | |
692 | long keyctl_chown_key(key_serial_t id, uid_t uid, gid_t gid) | |
693 | { | |
5801649d | 694 | struct key_user *newowner, *zapowner = NULL; |
1da177e4 | 695 | struct key *key; |
664cceb0 | 696 | key_ref_t key_ref; |
1da177e4 LT |
697 | long ret; |
698 | ||
699 | ret = 0; | |
700 | if (uid == (uid_t) -1 && gid == (gid_t) -1) | |
701 | goto error; | |
702 | ||
8bbf4976 | 703 | key_ref = lookup_user_key(id, 1, 1, KEY_SETATTR); |
664cceb0 DH |
704 | if (IS_ERR(key_ref)) { |
705 | ret = PTR_ERR(key_ref); | |
1da177e4 LT |
706 | goto error; |
707 | } | |
708 | ||
664cceb0 DH |
709 | key = key_ref_to_ptr(key_ref); |
710 | ||
1da177e4 LT |
711 | /* make the changes with the locks held to prevent chown/chown races */ |
712 | ret = -EACCES; | |
713 | down_write(&key->sem); | |
1da177e4 LT |
714 | |
715 | if (!capable(CAP_SYS_ADMIN)) { | |
716 | /* only the sysadmin can chown a key to some other UID */ | |
717 | if (uid != (uid_t) -1 && key->uid != uid) | |
5801649d | 718 | goto error_put; |
1da177e4 LT |
719 | |
720 | /* only the sysadmin can set the key's GID to a group other | |
721 | * than one of those that the current process subscribes to */ | |
722 | if (gid != (gid_t) -1 && gid != key->gid && !in_group_p(gid)) | |
5801649d | 723 | goto error_put; |
1da177e4 LT |
724 | } |
725 | ||
5801649d | 726 | /* change the UID */ |
1da177e4 | 727 | if (uid != (uid_t) -1 && uid != key->uid) { |
5801649d FT |
728 | ret = -ENOMEM; |
729 | newowner = key_user_lookup(uid); | |
730 | if (!newowner) | |
731 | goto error_put; | |
732 | ||
733 | /* transfer the quota burden to the new user */ | |
734 | if (test_bit(KEY_FLAG_IN_QUOTA, &key->flags)) { | |
0b77f5bf DH |
735 | unsigned maxkeys = (uid == 0) ? |
736 | key_quota_root_maxkeys : key_quota_maxkeys; | |
737 | unsigned maxbytes = (uid == 0) ? | |
738 | key_quota_root_maxbytes : key_quota_maxbytes; | |
739 | ||
5801649d | 740 | spin_lock(&newowner->lock); |
0b77f5bf DH |
741 | if (newowner->qnkeys + 1 >= maxkeys || |
742 | newowner->qnbytes + key->quotalen >= maxbytes || | |
743 | newowner->qnbytes + key->quotalen < | |
744 | newowner->qnbytes) | |
5801649d FT |
745 | goto quota_overrun; |
746 | ||
747 | newowner->qnkeys++; | |
748 | newowner->qnbytes += key->quotalen; | |
749 | spin_unlock(&newowner->lock); | |
750 | ||
751 | spin_lock(&key->user->lock); | |
752 | key->user->qnkeys--; | |
753 | key->user->qnbytes -= key->quotalen; | |
754 | spin_unlock(&key->user->lock); | |
755 | } | |
756 | ||
757 | atomic_dec(&key->user->nkeys); | |
758 | atomic_inc(&newowner->nkeys); | |
759 | ||
760 | if (test_bit(KEY_FLAG_INSTANTIATED, &key->flags)) { | |
761 | atomic_dec(&key->user->nikeys); | |
762 | atomic_inc(&newowner->nikeys); | |
763 | } | |
764 | ||
765 | zapowner = key->user; | |
766 | key->user = newowner; | |
767 | key->uid = uid; | |
1da177e4 LT |
768 | } |
769 | ||
770 | /* change the GID */ | |
771 | if (gid != (gid_t) -1) | |
772 | key->gid = gid; | |
773 | ||
774 | ret = 0; | |
775 | ||
5801649d | 776 | error_put: |
1da177e4 LT |
777 | up_write(&key->sem); |
778 | key_put(key); | |
5801649d FT |
779 | if (zapowner) |
780 | key_user_put(zapowner); | |
781 | error: | |
1da177e4 LT |
782 | return ret; |
783 | ||
5801649d FT |
784 | quota_overrun: |
785 | spin_unlock(&newowner->lock); | |
786 | zapowner = newowner; | |
787 | ret = -EDQUOT; | |
788 | goto error_put; | |
789 | ||
1da177e4 LT |
790 | } /* end keyctl_chown_key() */ |
791 | ||
792 | /*****************************************************************************/ | |
793 | /* | |
794 | * change the permission mask on a key | |
795 | * - the keyring owned by the changer | |
796 | * - implements keyctl(KEYCTL_SETPERM) | |
797 | */ | |
798 | long keyctl_setperm_key(key_serial_t id, key_perm_t perm) | |
799 | { | |
800 | struct key *key; | |
664cceb0 | 801 | key_ref_t key_ref; |
1da177e4 LT |
802 | long ret; |
803 | ||
804 | ret = -EINVAL; | |
664cceb0 | 805 | if (perm & ~(KEY_POS_ALL | KEY_USR_ALL | KEY_GRP_ALL | KEY_OTH_ALL)) |
1da177e4 LT |
806 | goto error; |
807 | ||
8bbf4976 | 808 | key_ref = lookup_user_key(id, 1, 1, KEY_SETATTR); |
664cceb0 DH |
809 | if (IS_ERR(key_ref)) { |
810 | ret = PTR_ERR(key_ref); | |
1da177e4 LT |
811 | goto error; |
812 | } | |
813 | ||
664cceb0 DH |
814 | key = key_ref_to_ptr(key_ref); |
815 | ||
76d8aeab | 816 | /* make the changes with the locks held to prevent chown/chmod races */ |
1da177e4 LT |
817 | ret = -EACCES; |
818 | down_write(&key->sem); | |
1da177e4 | 819 | |
76d8aeab | 820 | /* if we're not the sysadmin, we can only change a key that we own */ |
47d804bf | 821 | if (capable(CAP_SYS_ADMIN) || key->uid == current_fsuid()) { |
76d8aeab DH |
822 | key->perm = perm; |
823 | ret = 0; | |
824 | } | |
1da177e4 | 825 | |
1da177e4 LT |
826 | up_write(&key->sem); |
827 | key_put(key); | |
76d8aeab | 828 | error: |
1da177e4 LT |
829 | return ret; |
830 | ||
831 | } /* end keyctl_setperm_key() */ | |
832 | ||
8bbf4976 DH |
833 | /* |
834 | * get the destination keyring for instantiation | |
835 | */ | |
836 | static long get_instantiation_keyring(key_serial_t ringid, | |
837 | struct request_key_auth *rka, | |
838 | struct key **_dest_keyring) | |
839 | { | |
840 | key_ref_t dkref; | |
841 | ||
eca1bf5b DH |
842 | *_dest_keyring = NULL; |
843 | ||
8bbf4976 | 844 | /* just return a NULL pointer if we weren't asked to make a link */ |
eca1bf5b | 845 | if (ringid == 0) |
8bbf4976 | 846 | return 0; |
8bbf4976 DH |
847 | |
848 | /* if a specific keyring is nominated by ID, then use that */ | |
849 | if (ringid > 0) { | |
850 | dkref = lookup_user_key(ringid, 1, 0, KEY_WRITE); | |
851 | if (IS_ERR(dkref)) | |
852 | return PTR_ERR(dkref); | |
853 | *_dest_keyring = key_ref_to_ptr(dkref); | |
854 | return 0; | |
855 | } | |
856 | ||
857 | if (ringid == KEY_SPEC_REQKEY_AUTH_KEY) | |
858 | return -EINVAL; | |
859 | ||
860 | /* otherwise specify the destination keyring recorded in the | |
861 | * authorisation key (any KEY_SPEC_*_KEYRING) */ | |
862 | if (ringid >= KEY_SPEC_REQUESTOR_KEYRING) { | |
863 | *_dest_keyring = rka->dest_keyring; | |
864 | return 0; | |
865 | } | |
866 | ||
867 | return -ENOKEY; | |
868 | } | |
869 | ||
d84f4f99 DH |
870 | /* |
871 | * change the request_key authorisation key on the current process | |
872 | */ | |
873 | static int keyctl_change_reqkey_auth(struct key *key) | |
874 | { | |
875 | struct cred *new; | |
876 | ||
877 | new = prepare_creds(); | |
878 | if (!new) | |
879 | return -ENOMEM; | |
880 | ||
881 | key_put(new->request_key_auth); | |
882 | new->request_key_auth = key_get(key); | |
883 | ||
884 | return commit_creds(new); | |
885 | } | |
886 | ||
1da177e4 LT |
887 | /*****************************************************************************/ |
888 | /* | |
889 | * instantiate the key with the specified payload, and, if one is given, link | |
890 | * the key into the keyring | |
891 | */ | |
892 | long keyctl_instantiate_key(key_serial_t id, | |
893 | const void __user *_payload, | |
894 | size_t plen, | |
895 | key_serial_t ringid) | |
896 | { | |
d84f4f99 | 897 | const struct cred *cred = current_cred(); |
3e30148c | 898 | struct request_key_auth *rka; |
8bbf4976 | 899 | struct key *instkey, *dest_keyring; |
1da177e4 LT |
900 | void *payload; |
901 | long ret; | |
38bbca6b | 902 | bool vm = false; |
1da177e4 | 903 | |
d84f4f99 DH |
904 | kenter("%d,,%zu,%d", id, plen, ringid); |
905 | ||
1da177e4 | 906 | ret = -EINVAL; |
38bbca6b | 907 | if (plen > 1024 * 1024 - 1) |
1da177e4 LT |
908 | goto error; |
909 | ||
b5f545c8 DH |
910 | /* the appropriate instantiation authorisation key must have been |
911 | * assumed before calling this */ | |
912 | ret = -EPERM; | |
d84f4f99 | 913 | instkey = cred->request_key_auth; |
b5f545c8 DH |
914 | if (!instkey) |
915 | goto error; | |
916 | ||
917 | rka = instkey->payload.data; | |
918 | if (rka->target_key->serial != id) | |
919 | goto error; | |
920 | ||
1da177e4 LT |
921 | /* pull the payload in if one was supplied */ |
922 | payload = NULL; | |
923 | ||
924 | if (_payload) { | |
925 | ret = -ENOMEM; | |
926 | payload = kmalloc(plen, GFP_KERNEL); | |
38bbca6b DH |
927 | if (!payload) { |
928 | if (plen <= PAGE_SIZE) | |
929 | goto error; | |
930 | vm = true; | |
931 | payload = vmalloc(plen); | |
932 | if (!payload) | |
933 | goto error; | |
934 | } | |
1da177e4 LT |
935 | |
936 | ret = -EFAULT; | |
937 | if (copy_from_user(payload, _payload, plen) != 0) | |
938 | goto error2; | |
939 | } | |
940 | ||
3e30148c DH |
941 | /* find the destination keyring amongst those belonging to the |
942 | * requesting task */ | |
8bbf4976 DH |
943 | ret = get_instantiation_keyring(ringid, rka, &dest_keyring); |
944 | if (ret < 0) | |
945 | goto error2; | |
1da177e4 LT |
946 | |
947 | /* instantiate the key and link it into a keyring */ | |
3e30148c | 948 | ret = key_instantiate_and_link(rka->target_key, payload, plen, |
8bbf4976 | 949 | dest_keyring, instkey); |
1da177e4 | 950 | |
8bbf4976 | 951 | key_put(dest_keyring); |
b5f545c8 DH |
952 | |
953 | /* discard the assumed authority if it's just been disabled by | |
954 | * instantiation of the key */ | |
d84f4f99 DH |
955 | if (ret == 0) |
956 | keyctl_change_reqkey_auth(NULL); | |
b5f545c8 DH |
957 | |
958 | error2: | |
38bbca6b DH |
959 | if (!vm) |
960 | kfree(payload); | |
961 | else | |
962 | vfree(payload); | |
b5f545c8 | 963 | error: |
1da177e4 LT |
964 | return ret; |
965 | ||
966 | } /* end keyctl_instantiate_key() */ | |
967 | ||
968 | /*****************************************************************************/ | |
969 | /* | |
970 | * negatively instantiate the key with the given timeout (in seconds), and, if | |
971 | * one is given, link the key into the keyring | |
972 | */ | |
973 | long keyctl_negate_key(key_serial_t id, unsigned timeout, key_serial_t ringid) | |
974 | { | |
d84f4f99 | 975 | const struct cred *cred = current_cred(); |
3e30148c | 976 | struct request_key_auth *rka; |
8bbf4976 | 977 | struct key *instkey, *dest_keyring; |
1da177e4 LT |
978 | long ret; |
979 | ||
d84f4f99 DH |
980 | kenter("%d,%u,%d", id, timeout, ringid); |
981 | ||
b5f545c8 DH |
982 | /* the appropriate instantiation authorisation key must have been |
983 | * assumed before calling this */ | |
984 | ret = -EPERM; | |
d84f4f99 | 985 | instkey = cred->request_key_auth; |
b5f545c8 | 986 | if (!instkey) |
1da177e4 | 987 | goto error; |
1da177e4 | 988 | |
3e30148c | 989 | rka = instkey->payload.data; |
b5f545c8 DH |
990 | if (rka->target_key->serial != id) |
991 | goto error; | |
3e30148c | 992 | |
1da177e4 LT |
993 | /* find the destination keyring if present (which must also be |
994 | * writable) */ | |
8bbf4976 DH |
995 | ret = get_instantiation_keyring(ringid, rka, &dest_keyring); |
996 | if (ret < 0) | |
997 | goto error; | |
1da177e4 LT |
998 | |
999 | /* instantiate the key and link it into a keyring */ | |
664cceb0 | 1000 | ret = key_negate_and_link(rka->target_key, timeout, |
8bbf4976 | 1001 | dest_keyring, instkey); |
1da177e4 | 1002 | |
8bbf4976 | 1003 | key_put(dest_keyring); |
b5f545c8 DH |
1004 | |
1005 | /* discard the assumed authority if it's just been disabled by | |
1006 | * instantiation of the key */ | |
d84f4f99 DH |
1007 | if (ret == 0) |
1008 | keyctl_change_reqkey_auth(NULL); | |
b5f545c8 DH |
1009 | |
1010 | error: | |
1da177e4 LT |
1011 | return ret; |
1012 | ||
1013 | } /* end keyctl_negate_key() */ | |
1014 | ||
3e30148c DH |
1015 | /*****************************************************************************/ |
1016 | /* | |
1017 | * set the default keyring in which request_key() will cache keys | |
1018 | * - return the old setting | |
1019 | */ | |
1020 | long keyctl_set_reqkey_keyring(int reqkey_defl) | |
1021 | { | |
d84f4f99 DH |
1022 | struct cred *new; |
1023 | int ret, old_setting; | |
1024 | ||
1025 | old_setting = current_cred_xxx(jit_keyring); | |
1026 | ||
1027 | if (reqkey_defl == KEY_REQKEY_DEFL_NO_CHANGE) | |
1028 | return old_setting; | |
1029 | ||
1030 | new = prepare_creds(); | |
1031 | if (!new) | |
1032 | return -ENOMEM; | |
3e30148c DH |
1033 | |
1034 | switch (reqkey_defl) { | |
1035 | case KEY_REQKEY_DEFL_THREAD_KEYRING: | |
d84f4f99 | 1036 | ret = install_thread_keyring_to_cred(new); |
3e30148c | 1037 | if (ret < 0) |
d84f4f99 | 1038 | goto error; |
3e30148c DH |
1039 | goto set; |
1040 | ||
1041 | case KEY_REQKEY_DEFL_PROCESS_KEYRING: | |
d84f4f99 DH |
1042 | ret = install_process_keyring_to_cred(new); |
1043 | if (ret < 0) { | |
1044 | if (ret != -EEXIST) | |
1045 | goto error; | |
1046 | ret = 0; | |
1047 | } | |
1048 | goto set; | |
3e30148c DH |
1049 | |
1050 | case KEY_REQKEY_DEFL_DEFAULT: | |
1051 | case KEY_REQKEY_DEFL_SESSION_KEYRING: | |
1052 | case KEY_REQKEY_DEFL_USER_KEYRING: | |
1053 | case KEY_REQKEY_DEFL_USER_SESSION_KEYRING: | |
d84f4f99 DH |
1054 | case KEY_REQKEY_DEFL_REQUESTOR_KEYRING: |
1055 | goto set; | |
3e30148c DH |
1056 | |
1057 | case KEY_REQKEY_DEFL_NO_CHANGE: | |
3e30148c DH |
1058 | case KEY_REQKEY_DEFL_GROUP_KEYRING: |
1059 | default: | |
d84f4f99 DH |
1060 | ret = -EINVAL; |
1061 | goto error; | |
3e30148c DH |
1062 | } |
1063 | ||
d84f4f99 DH |
1064 | set: |
1065 | new->jit_keyring = reqkey_defl; | |
1066 | commit_creds(new); | |
1067 | return old_setting; | |
1068 | error: | |
1069 | abort_creds(new); | |
1070 | return -EINVAL; | |
1071 | ||
3e30148c DH |
1072 | } /* end keyctl_set_reqkey_keyring() */ |
1073 | ||
017679c4 DH |
1074 | /*****************************************************************************/ |
1075 | /* | |
1076 | * set or clear the timeout for a key | |
1077 | */ | |
1078 | long keyctl_set_timeout(key_serial_t id, unsigned timeout) | |
1079 | { | |
1080 | struct timespec now; | |
1081 | struct key *key; | |
1082 | key_ref_t key_ref; | |
1083 | time_t expiry; | |
1084 | long ret; | |
1085 | ||
8bbf4976 | 1086 | key_ref = lookup_user_key(id, 1, 1, KEY_SETATTR); |
017679c4 DH |
1087 | if (IS_ERR(key_ref)) { |
1088 | ret = PTR_ERR(key_ref); | |
1089 | goto error; | |
1090 | } | |
1091 | ||
1092 | key = key_ref_to_ptr(key_ref); | |
1093 | ||
1094 | /* make the changes with the locks held to prevent races */ | |
1095 | down_write(&key->sem); | |
1096 | ||
1097 | expiry = 0; | |
1098 | if (timeout > 0) { | |
1099 | now = current_kernel_time(); | |
1100 | expiry = now.tv_sec + timeout; | |
1101 | } | |
1102 | ||
1103 | key->expiry = expiry; | |
1104 | ||
1105 | up_write(&key->sem); | |
1106 | key_put(key); | |
1107 | ||
1108 | ret = 0; | |
1109 | error: | |
1110 | return ret; | |
1111 | ||
1112 | } /* end keyctl_set_timeout() */ | |
1113 | ||
b5f545c8 DH |
1114 | /*****************************************************************************/ |
1115 | /* | |
1116 | * assume the authority to instantiate the specified key | |
1117 | */ | |
1118 | long keyctl_assume_authority(key_serial_t id) | |
1119 | { | |
1120 | struct key *authkey; | |
1121 | long ret; | |
1122 | ||
1123 | /* special key IDs aren't permitted */ | |
1124 | ret = -EINVAL; | |
1125 | if (id < 0) | |
1126 | goto error; | |
1127 | ||
1128 | /* we divest ourselves of authority if given an ID of 0 */ | |
1129 | if (id == 0) { | |
d84f4f99 | 1130 | ret = keyctl_change_reqkey_auth(NULL); |
b5f545c8 DH |
1131 | goto error; |
1132 | } | |
1133 | ||
1134 | /* attempt to assume the authority temporarily granted to us whilst we | |
1135 | * instantiate the specified key | |
1136 | * - the authorisation key must be in the current task's keyrings | |
1137 | * somewhere | |
1138 | */ | |
1139 | authkey = key_get_instantiation_authkey(id); | |
1140 | if (IS_ERR(authkey)) { | |
1141 | ret = PTR_ERR(authkey); | |
1142 | goto error; | |
1143 | } | |
1144 | ||
d84f4f99 DH |
1145 | ret = keyctl_change_reqkey_auth(authkey); |
1146 | if (ret < 0) | |
1147 | goto error; | |
1148 | key_put(authkey); | |
b5f545c8 | 1149 | |
d84f4f99 | 1150 | ret = authkey->serial; |
b5f545c8 DH |
1151 | error: |
1152 | return ret; | |
1153 | ||
1154 | } /* end keyctl_assume_authority() */ | |
1155 | ||
70a5bb72 DH |
1156 | /* |
1157 | * get the security label of a key | |
1158 | * - the key must grant us view permission | |
1159 | * - if there's a buffer, we place up to buflen bytes of data into it | |
1160 | * - unless there's an error, we return the amount of information available, | |
1161 | * irrespective of how much we may have copied (including the terminal NUL) | |
1162 | * - implements keyctl(KEYCTL_GET_SECURITY) | |
1163 | */ | |
1164 | long keyctl_get_security(key_serial_t keyid, | |
1165 | char __user *buffer, | |
1166 | size_t buflen) | |
1167 | { | |
1168 | struct key *key, *instkey; | |
1169 | key_ref_t key_ref; | |
1170 | char *context; | |
1171 | long ret; | |
1172 | ||
8bbf4976 | 1173 | key_ref = lookup_user_key(keyid, 0, 1, KEY_VIEW); |
70a5bb72 DH |
1174 | if (IS_ERR(key_ref)) { |
1175 | if (PTR_ERR(key_ref) != -EACCES) | |
1176 | return PTR_ERR(key_ref); | |
1177 | ||
1178 | /* viewing a key under construction is also permitted if we | |
1179 | * have the authorisation token handy */ | |
1180 | instkey = key_get_instantiation_authkey(keyid); | |
1181 | if (IS_ERR(instkey)) | |
1182 | return PTR_ERR(key_ref); | |
1183 | key_put(instkey); | |
1184 | ||
8bbf4976 | 1185 | key_ref = lookup_user_key(keyid, 0, 1, 0); |
70a5bb72 DH |
1186 | if (IS_ERR(key_ref)) |
1187 | return PTR_ERR(key_ref); | |
1188 | } | |
1189 | ||
1190 | key = key_ref_to_ptr(key_ref); | |
1191 | ret = security_key_getsecurity(key, &context); | |
1192 | if (ret == 0) { | |
1193 | /* if no information was returned, give userspace an empty | |
1194 | * string */ | |
1195 | ret = 1; | |
1196 | if (buffer && buflen > 0 && | |
1197 | copy_to_user(buffer, "", 1) != 0) | |
1198 | ret = -EFAULT; | |
1199 | } else if (ret > 0) { | |
1200 | /* return as much data as there's room for */ | |
1201 | if (buffer && buflen > 0) { | |
1202 | if (buflen > ret) | |
1203 | buflen = ret; | |
1204 | ||
1205 | if (copy_to_user(buffer, context, buflen) != 0) | |
1206 | ret = -EFAULT; | |
1207 | } | |
1208 | ||
1209 | kfree(context); | |
1210 | } | |
1211 | ||
1212 | key_ref_put(key_ref); | |
1213 | return ret; | |
1214 | } | |
1215 | ||
1da177e4 LT |
1216 | /*****************************************************************************/ |
1217 | /* | |
1218 | * the key control system call | |
1219 | */ | |
938bb9f5 HC |
1220 | SYSCALL_DEFINE5(keyctl, int, option, unsigned long, arg2, unsigned long, arg3, |
1221 | unsigned long, arg4, unsigned long, arg5) | |
1da177e4 LT |
1222 | { |
1223 | switch (option) { | |
1224 | case KEYCTL_GET_KEYRING_ID: | |
1225 | return keyctl_get_keyring_ID((key_serial_t) arg2, | |
1226 | (int) arg3); | |
1227 | ||
1228 | case KEYCTL_JOIN_SESSION_KEYRING: | |
1229 | return keyctl_join_session_keyring((const char __user *) arg2); | |
1230 | ||
1231 | case KEYCTL_UPDATE: | |
1232 | return keyctl_update_key((key_serial_t) arg2, | |
1233 | (const void __user *) arg3, | |
1234 | (size_t) arg4); | |
1235 | ||
1236 | case KEYCTL_REVOKE: | |
1237 | return keyctl_revoke_key((key_serial_t) arg2); | |
1238 | ||
1239 | case KEYCTL_DESCRIBE: | |
1240 | return keyctl_describe_key((key_serial_t) arg2, | |
1241 | (char __user *) arg3, | |
1242 | (unsigned) arg4); | |
1243 | ||
1244 | case KEYCTL_CLEAR: | |
1245 | return keyctl_keyring_clear((key_serial_t) arg2); | |
1246 | ||
1247 | case KEYCTL_LINK: | |
1248 | return keyctl_keyring_link((key_serial_t) arg2, | |
1249 | (key_serial_t) arg3); | |
1250 | ||
1251 | case KEYCTL_UNLINK: | |
1252 | return keyctl_keyring_unlink((key_serial_t) arg2, | |
1253 | (key_serial_t) arg3); | |
1254 | ||
1255 | case KEYCTL_SEARCH: | |
1256 | return keyctl_keyring_search((key_serial_t) arg2, | |
1257 | (const char __user *) arg3, | |
1258 | (const char __user *) arg4, | |
1259 | (key_serial_t) arg5); | |
1260 | ||
1261 | case KEYCTL_READ: | |
1262 | return keyctl_read_key((key_serial_t) arg2, | |
1263 | (char __user *) arg3, | |
1264 | (size_t) arg4); | |
1265 | ||
1266 | case KEYCTL_CHOWN: | |
1267 | return keyctl_chown_key((key_serial_t) arg2, | |
1268 | (uid_t) arg3, | |
1269 | (gid_t) arg4); | |
1270 | ||
1271 | case KEYCTL_SETPERM: | |
1272 | return keyctl_setperm_key((key_serial_t) arg2, | |
1273 | (key_perm_t) arg3); | |
1274 | ||
1275 | case KEYCTL_INSTANTIATE: | |
1276 | return keyctl_instantiate_key((key_serial_t) arg2, | |
1277 | (const void __user *) arg3, | |
1278 | (size_t) arg4, | |
1279 | (key_serial_t) arg5); | |
1280 | ||
1281 | case KEYCTL_NEGATE: | |
1282 | return keyctl_negate_key((key_serial_t) arg2, | |
1283 | (unsigned) arg3, | |
1284 | (key_serial_t) arg4); | |
1285 | ||
3e30148c DH |
1286 | case KEYCTL_SET_REQKEY_KEYRING: |
1287 | return keyctl_set_reqkey_keyring(arg2); | |
1288 | ||
017679c4 DH |
1289 | case KEYCTL_SET_TIMEOUT: |
1290 | return keyctl_set_timeout((key_serial_t) arg2, | |
1291 | (unsigned) arg3); | |
1292 | ||
b5f545c8 DH |
1293 | case KEYCTL_ASSUME_AUTHORITY: |
1294 | return keyctl_assume_authority((key_serial_t) arg2); | |
1295 | ||
70a5bb72 DH |
1296 | case KEYCTL_GET_SECURITY: |
1297 | return keyctl_get_security((key_serial_t) arg2, | |
90bd49ab | 1298 | (char __user *) arg3, |
70a5bb72 DH |
1299 | (size_t) arg4); |
1300 | ||
1da177e4 LT |
1301 | default: |
1302 | return -EOPNOTSUPP; | |
1303 | } | |
1304 | ||
1305 | } /* end sys_keyctl() */ |