Commit | Line | Data |
---|---|---|
1da177e4 LT |
1 | /* keyctl.c: userspace keyctl operations |
2 | * | |
3e30148c | 3 | * Copyright (C) 2004-5 Red Hat, Inc. All Rights Reserved. |
1da177e4 LT |
4 | * Written by David Howells (dhowells@redhat.com) |
5 | * | |
6 | * This program is free software; you can redistribute it and/or | |
7 | * modify it under the terms of the GNU General Public License | |
8 | * as published by the Free Software Foundation; either version | |
9 | * 2 of the License, or (at your option) any later version. | |
10 | */ | |
11 | ||
12 | #include <linux/module.h> | |
13 | #include <linux/init.h> | |
14 | #include <linux/sched.h> | |
15 | #include <linux/slab.h> | |
16 | #include <linux/syscalls.h> | |
17 | #include <linux/keyctl.h> | |
18 | #include <linux/fs.h> | |
19 | #include <linux/err.h> | |
20 | #include <asm/uaccess.h> | |
21 | #include "internal.h" | |
22 | ||
23 | /*****************************************************************************/ | |
24 | /* | |
25 | * extract the description of a new key from userspace and either add it as a | |
26 | * new key to the specified keyring or update a matching key in that keyring | |
27 | * - the keyring must be writable | |
28 | * - returns the new key's serial number | |
29 | * - implements add_key() | |
30 | */ | |
31 | asmlinkage long sys_add_key(const char __user *_type, | |
32 | const char __user *_description, | |
33 | const void __user *_payload, | |
34 | size_t plen, | |
35 | key_serial_t ringid) | |
36 | { | |
37 | struct key *keyring, *key; | |
38 | char type[32], *description; | |
39 | void *payload; | |
40 | long dlen, ret; | |
41 | ||
42 | ret = -EINVAL; | |
43 | if (plen > 32767) | |
44 | goto error; | |
45 | ||
46 | /* draw all the data into kernel space */ | |
47 | ret = strncpy_from_user(type, _type, sizeof(type) - 1); | |
48 | if (ret < 0) | |
49 | goto error; | |
50 | type[31] = '\0'; | |
51 | ||
3e30148c DH |
52 | if (!type[0]) |
53 | goto error; | |
54 | ||
55 | ret = -EPERM; | |
56 | if (type[0] == '.') | |
57 | goto error; | |
58 | ||
1da177e4 LT |
59 | ret = -EFAULT; |
60 | dlen = strnlen_user(_description, PAGE_SIZE - 1); | |
61 | if (dlen <= 0) | |
62 | goto error; | |
63 | ||
64 | ret = -EINVAL; | |
65 | if (dlen > PAGE_SIZE - 1) | |
66 | goto error; | |
67 | ||
68 | ret = -ENOMEM; | |
69 | description = kmalloc(dlen + 1, GFP_KERNEL); | |
70 | if (!description) | |
71 | goto error; | |
72 | ||
73 | ret = -EFAULT; | |
74 | if (copy_from_user(description, _description, dlen + 1) != 0) | |
75 | goto error2; | |
76 | ||
77 | /* pull the payload in if one was supplied */ | |
78 | payload = NULL; | |
79 | ||
80 | if (_payload) { | |
81 | ret = -ENOMEM; | |
82 | payload = kmalloc(plen, GFP_KERNEL); | |
83 | if (!payload) | |
84 | goto error2; | |
85 | ||
86 | ret = -EFAULT; | |
87 | if (copy_from_user(payload, _payload, plen) != 0) | |
88 | goto error3; | |
89 | } | |
90 | ||
91 | /* find the target keyring (which must be writable) */ | |
3e30148c | 92 | keyring = lookup_user_key(NULL, ringid, 1, 0, KEY_WRITE); |
1da177e4 LT |
93 | if (IS_ERR(keyring)) { |
94 | ret = PTR_ERR(keyring); | |
95 | goto error3; | |
96 | } | |
97 | ||
98 | /* create or update the requested key and add it to the target | |
99 | * keyring */ | |
100 | key = key_create_or_update(keyring, type, description, | |
101 | payload, plen, 0); | |
102 | if (!IS_ERR(key)) { | |
103 | ret = key->serial; | |
104 | key_put(key); | |
105 | } | |
106 | else { | |
107 | ret = PTR_ERR(key); | |
108 | } | |
109 | ||
110 | key_put(keyring); | |
111 | error3: | |
112 | kfree(payload); | |
113 | error2: | |
114 | kfree(description); | |
115 | error: | |
116 | return ret; | |
117 | ||
118 | } /* end sys_add_key() */ | |
119 | ||
120 | /*****************************************************************************/ | |
121 | /* | |
122 | * search the process keyrings for a matching key | |
123 | * - nested keyrings may also be searched if they have Search permission | |
124 | * - if a key is found, it will be attached to the destination keyring if | |
125 | * there's one specified | |
126 | * - /sbin/request-key will be invoked if _callout_info is non-NULL | |
127 | * - the _callout_info string will be passed to /sbin/request-key | |
128 | * - if the _callout_info string is empty, it will be rendered as "-" | |
129 | * - implements request_key() | |
130 | */ | |
131 | asmlinkage long sys_request_key(const char __user *_type, | |
132 | const char __user *_description, | |
133 | const char __user *_callout_info, | |
134 | key_serial_t destringid) | |
135 | { | |
136 | struct key_type *ktype; | |
137 | struct key *key, *dest; | |
138 | char type[32], *description, *callout_info; | |
139 | long dlen, ret; | |
140 | ||
141 | /* pull the type into kernel space */ | |
142 | ret = strncpy_from_user(type, _type, sizeof(type) - 1); | |
143 | if (ret < 0) | |
144 | goto error; | |
145 | type[31] = '\0'; | |
146 | ||
147 | /* pull the description into kernel space */ | |
148 | ret = -EFAULT; | |
149 | dlen = strnlen_user(_description, PAGE_SIZE - 1); | |
150 | if (dlen <= 0) | |
151 | goto error; | |
152 | ||
153 | ret = -EINVAL; | |
154 | if (dlen > PAGE_SIZE - 1) | |
155 | goto error; | |
156 | ||
157 | ret = -ENOMEM; | |
158 | description = kmalloc(dlen + 1, GFP_KERNEL); | |
159 | if (!description) | |
160 | goto error; | |
161 | ||
162 | ret = -EFAULT; | |
163 | if (copy_from_user(description, _description, dlen + 1) != 0) | |
164 | goto error2; | |
165 | ||
166 | /* pull the callout info into kernel space */ | |
167 | callout_info = NULL; | |
168 | if (_callout_info) { | |
169 | ret = -EFAULT; | |
170 | dlen = strnlen_user(_callout_info, PAGE_SIZE - 1); | |
171 | if (dlen <= 0) | |
172 | goto error2; | |
173 | ||
174 | ret = -EINVAL; | |
175 | if (dlen > PAGE_SIZE - 1) | |
176 | goto error2; | |
177 | ||
178 | ret = -ENOMEM; | |
179 | callout_info = kmalloc(dlen + 1, GFP_KERNEL); | |
180 | if (!callout_info) | |
181 | goto error2; | |
182 | ||
183 | ret = -EFAULT; | |
184 | if (copy_from_user(callout_info, _callout_info, dlen + 1) != 0) | |
185 | goto error3; | |
186 | } | |
187 | ||
188 | /* get the destination keyring if specified */ | |
189 | dest = NULL; | |
190 | if (destringid) { | |
3e30148c | 191 | dest = lookup_user_key(NULL, destringid, 1, 0, KEY_WRITE); |
1da177e4 LT |
192 | if (IS_ERR(dest)) { |
193 | ret = PTR_ERR(dest); | |
194 | goto error3; | |
195 | } | |
196 | } | |
197 | ||
198 | /* find the key type */ | |
199 | ktype = key_type_lookup(type); | |
200 | if (IS_ERR(ktype)) { | |
201 | ret = PTR_ERR(ktype); | |
202 | goto error4; | |
203 | } | |
204 | ||
205 | /* do the search */ | |
3e30148c | 206 | key = request_key_and_link(ktype, description, callout_info, dest); |
1da177e4 LT |
207 | if (IS_ERR(key)) { |
208 | ret = PTR_ERR(key); | |
209 | goto error5; | |
210 | } | |
211 | ||
1da177e4 LT |
212 | ret = key->serial; |
213 | ||
3e30148c | 214 | key_put(key); |
1da177e4 LT |
215 | error5: |
216 | key_type_put(ktype); | |
217 | error4: | |
218 | key_put(dest); | |
219 | error3: | |
220 | kfree(callout_info); | |
221 | error2: | |
222 | kfree(description); | |
223 | error: | |
224 | return ret; | |
225 | ||
226 | } /* end sys_request_key() */ | |
227 | ||
228 | /*****************************************************************************/ | |
229 | /* | |
230 | * get the ID of the specified process keyring | |
231 | * - the keyring must have search permission to be found | |
232 | * - implements keyctl(KEYCTL_GET_KEYRING_ID) | |
233 | */ | |
234 | long keyctl_get_keyring_ID(key_serial_t id, int create) | |
235 | { | |
236 | struct key *key; | |
237 | long ret; | |
238 | ||
3e30148c | 239 | key = lookup_user_key(NULL, id, create, 0, KEY_SEARCH); |
1da177e4 LT |
240 | if (IS_ERR(key)) { |
241 | ret = PTR_ERR(key); | |
242 | goto error; | |
243 | } | |
244 | ||
245 | ret = key->serial; | |
246 | key_put(key); | |
247 | error: | |
248 | return ret; | |
249 | ||
250 | } /* end keyctl_get_keyring_ID() */ | |
251 | ||
252 | /*****************************************************************************/ | |
253 | /* | |
254 | * join the session keyring | |
255 | * - implements keyctl(KEYCTL_JOIN_SESSION_KEYRING) | |
256 | */ | |
257 | long keyctl_join_session_keyring(const char __user *_name) | |
258 | { | |
259 | char *name; | |
260 | long nlen, ret; | |
261 | ||
262 | /* fetch the name from userspace */ | |
263 | name = NULL; | |
264 | if (_name) { | |
265 | ret = -EFAULT; | |
266 | nlen = strnlen_user(_name, PAGE_SIZE - 1); | |
267 | if (nlen <= 0) | |
268 | goto error; | |
269 | ||
270 | ret = -EINVAL; | |
271 | if (nlen > PAGE_SIZE - 1) | |
272 | goto error; | |
273 | ||
274 | ret = -ENOMEM; | |
275 | name = kmalloc(nlen + 1, GFP_KERNEL); | |
276 | if (!name) | |
277 | goto error; | |
278 | ||
279 | ret = -EFAULT; | |
280 | if (copy_from_user(name, _name, nlen + 1) != 0) | |
281 | goto error2; | |
282 | } | |
283 | ||
284 | /* join the session */ | |
285 | ret = join_session_keyring(name); | |
286 | ||
287 | error2: | |
288 | kfree(name); | |
289 | error: | |
290 | return ret; | |
291 | ||
292 | } /* end keyctl_join_session_keyring() */ | |
293 | ||
294 | /*****************************************************************************/ | |
295 | /* | |
296 | * update a key's data payload | |
297 | * - the key must be writable | |
298 | * - implements keyctl(KEYCTL_UPDATE) | |
299 | */ | |
300 | long keyctl_update_key(key_serial_t id, | |
301 | const void __user *_payload, | |
302 | size_t plen) | |
303 | { | |
304 | struct key *key; | |
305 | void *payload; | |
306 | long ret; | |
307 | ||
308 | ret = -EINVAL; | |
309 | if (plen > PAGE_SIZE) | |
310 | goto error; | |
311 | ||
312 | /* pull the payload in if one was supplied */ | |
313 | payload = NULL; | |
314 | if (_payload) { | |
315 | ret = -ENOMEM; | |
316 | payload = kmalloc(plen, GFP_KERNEL); | |
317 | if (!payload) | |
318 | goto error; | |
319 | ||
320 | ret = -EFAULT; | |
321 | if (copy_from_user(payload, _payload, plen) != 0) | |
322 | goto error2; | |
323 | } | |
324 | ||
325 | /* find the target key (which must be writable) */ | |
3e30148c | 326 | key = lookup_user_key(NULL, id, 0, 0, KEY_WRITE); |
1da177e4 LT |
327 | if (IS_ERR(key)) { |
328 | ret = PTR_ERR(key); | |
329 | goto error2; | |
330 | } | |
331 | ||
332 | /* update the key */ | |
333 | ret = key_update(key, payload, plen); | |
334 | ||
335 | key_put(key); | |
336 | error2: | |
337 | kfree(payload); | |
338 | error: | |
339 | return ret; | |
340 | ||
341 | } /* end keyctl_update_key() */ | |
342 | ||
343 | /*****************************************************************************/ | |
344 | /* | |
345 | * revoke a key | |
346 | * - the key must be writable | |
347 | * - implements keyctl(KEYCTL_REVOKE) | |
348 | */ | |
349 | long keyctl_revoke_key(key_serial_t id) | |
350 | { | |
351 | struct key *key; | |
352 | long ret; | |
353 | ||
3e30148c | 354 | key = lookup_user_key(NULL, id, 0, 0, KEY_WRITE); |
1da177e4 LT |
355 | if (IS_ERR(key)) { |
356 | ret = PTR_ERR(key); | |
357 | goto error; | |
358 | } | |
359 | ||
360 | key_revoke(key); | |
361 | ret = 0; | |
362 | ||
363 | key_put(key); | |
364 | error: | |
365 | return 0; | |
366 | ||
367 | } /* end keyctl_revoke_key() */ | |
368 | ||
369 | /*****************************************************************************/ | |
370 | /* | |
371 | * clear the specified process keyring | |
372 | * - the keyring must be writable | |
373 | * - implements keyctl(KEYCTL_CLEAR) | |
374 | */ | |
375 | long keyctl_keyring_clear(key_serial_t ringid) | |
376 | { | |
377 | struct key *keyring; | |
378 | long ret; | |
379 | ||
3e30148c | 380 | keyring = lookup_user_key(NULL, ringid, 1, 0, KEY_WRITE); |
1da177e4 LT |
381 | if (IS_ERR(keyring)) { |
382 | ret = PTR_ERR(keyring); | |
383 | goto error; | |
384 | } | |
385 | ||
386 | ret = keyring_clear(keyring); | |
387 | ||
388 | key_put(keyring); | |
389 | error: | |
390 | return ret; | |
391 | ||
392 | } /* end keyctl_keyring_clear() */ | |
393 | ||
394 | /*****************************************************************************/ | |
395 | /* | |
396 | * link a key into a keyring | |
397 | * - the keyring must be writable | |
398 | * - the key must be linkable | |
399 | * - implements keyctl(KEYCTL_LINK) | |
400 | */ | |
401 | long keyctl_keyring_link(key_serial_t id, key_serial_t ringid) | |
402 | { | |
403 | struct key *keyring, *key; | |
404 | long ret; | |
405 | ||
3e30148c | 406 | keyring = lookup_user_key(NULL, ringid, 1, 0, KEY_WRITE); |
1da177e4 LT |
407 | if (IS_ERR(keyring)) { |
408 | ret = PTR_ERR(keyring); | |
409 | goto error; | |
410 | } | |
411 | ||
3e30148c | 412 | key = lookup_user_key(NULL, id, 1, 0, KEY_LINK); |
1da177e4 LT |
413 | if (IS_ERR(key)) { |
414 | ret = PTR_ERR(key); | |
415 | goto error2; | |
416 | } | |
417 | ||
418 | ret = key_link(keyring, key); | |
419 | ||
420 | key_put(key); | |
421 | error2: | |
422 | key_put(keyring); | |
423 | error: | |
424 | return ret; | |
425 | ||
426 | } /* end keyctl_keyring_link() */ | |
427 | ||
428 | /*****************************************************************************/ | |
429 | /* | |
430 | * unlink the first attachment of a key from a keyring | |
431 | * - the keyring must be writable | |
432 | * - we don't need any permissions on the key | |
433 | * - implements keyctl(KEYCTL_UNLINK) | |
434 | */ | |
435 | long keyctl_keyring_unlink(key_serial_t id, key_serial_t ringid) | |
436 | { | |
437 | struct key *keyring, *key; | |
438 | long ret; | |
439 | ||
3e30148c | 440 | keyring = lookup_user_key(NULL, ringid, 0, 0, KEY_WRITE); |
1da177e4 LT |
441 | if (IS_ERR(keyring)) { |
442 | ret = PTR_ERR(keyring); | |
443 | goto error; | |
444 | } | |
445 | ||
3e30148c | 446 | key = lookup_user_key(NULL, id, 0, 0, 0); |
1da177e4 LT |
447 | if (IS_ERR(key)) { |
448 | ret = PTR_ERR(key); | |
449 | goto error2; | |
450 | } | |
451 | ||
452 | ret = key_unlink(keyring, key); | |
453 | ||
454 | key_put(key); | |
455 | error2: | |
456 | key_put(keyring); | |
457 | error: | |
458 | return ret; | |
459 | ||
460 | } /* end keyctl_keyring_unlink() */ | |
461 | ||
462 | /*****************************************************************************/ | |
463 | /* | |
464 | * describe a user key | |
465 | * - the key must have view permission | |
466 | * - if there's a buffer, we place up to buflen bytes of data into it | |
467 | * - unless there's an error, we return the amount of description available, | |
468 | * irrespective of how much we may have copied | |
469 | * - the description is formatted thus: | |
470 | * type;uid;gid;perm;description<NUL> | |
471 | * - implements keyctl(KEYCTL_DESCRIBE) | |
472 | */ | |
473 | long keyctl_describe_key(key_serial_t keyid, | |
474 | char __user *buffer, | |
475 | size_t buflen) | |
476 | { | |
3e30148c | 477 | struct key *key, *instkey; |
1da177e4 LT |
478 | char *tmpbuf; |
479 | long ret; | |
480 | ||
3e30148c | 481 | key = lookup_user_key(NULL, keyid, 0, 1, KEY_VIEW); |
1da177e4 | 482 | if (IS_ERR(key)) { |
3e30148c DH |
483 | /* viewing a key under construction is permitted if we have the |
484 | * authorisation token handy */ | |
485 | if (PTR_ERR(key) == -EACCES) { | |
486 | instkey = key_get_instantiation_authkey(keyid); | |
487 | if (!IS_ERR(instkey)) { | |
488 | key_put(instkey); | |
489 | key = lookup_user_key(NULL, keyid, 0, 1, 0); | |
490 | if (!IS_ERR(key)) | |
491 | goto okay; | |
492 | } | |
493 | } | |
494 | ||
1da177e4 LT |
495 | ret = PTR_ERR(key); |
496 | goto error; | |
497 | } | |
498 | ||
3e30148c | 499 | okay: |
1da177e4 LT |
500 | /* calculate how much description we're going to return */ |
501 | ret = -ENOMEM; | |
502 | tmpbuf = kmalloc(PAGE_SIZE, GFP_KERNEL); | |
503 | if (!tmpbuf) | |
504 | goto error2; | |
505 | ||
506 | ret = snprintf(tmpbuf, PAGE_SIZE - 1, | |
507 | "%s;%d;%d;%06x;%s", | |
508 | key->type->name, | |
509 | key->uid, | |
510 | key->gid, | |
511 | key->perm, | |
512 | key->description ? key->description :"" | |
513 | ); | |
514 | ||
515 | /* include a NUL char at the end of the data */ | |
516 | if (ret > PAGE_SIZE - 1) | |
517 | ret = PAGE_SIZE - 1; | |
518 | tmpbuf[ret] = 0; | |
519 | ret++; | |
520 | ||
521 | /* consider returning the data */ | |
522 | if (buffer && buflen > 0) { | |
523 | if (buflen > ret) | |
524 | buflen = ret; | |
525 | ||
526 | if (copy_to_user(buffer, tmpbuf, buflen) != 0) | |
527 | ret = -EFAULT; | |
528 | } | |
529 | ||
530 | kfree(tmpbuf); | |
531 | error2: | |
532 | key_put(key); | |
533 | error: | |
534 | return ret; | |
535 | ||
536 | } /* end keyctl_describe_key() */ | |
537 | ||
538 | /*****************************************************************************/ | |
539 | /* | |
540 | * search the specified keyring for a matching key | |
541 | * - the start keyring must be searchable | |
542 | * - nested keyrings may also be searched if they are searchable | |
543 | * - only keys with search permission may be found | |
544 | * - if a key is found, it will be attached to the destination keyring if | |
545 | * there's one specified | |
546 | * - implements keyctl(KEYCTL_SEARCH) | |
547 | */ | |
548 | long keyctl_keyring_search(key_serial_t ringid, | |
549 | const char __user *_type, | |
550 | const char __user *_description, | |
551 | key_serial_t destringid) | |
552 | { | |
553 | struct key_type *ktype; | |
554 | struct key *keyring, *key, *dest; | |
555 | char type[32], *description; | |
556 | long dlen, ret; | |
557 | ||
558 | /* pull the type and description into kernel space */ | |
559 | ret = strncpy_from_user(type, _type, sizeof(type) - 1); | |
560 | if (ret < 0) | |
561 | goto error; | |
562 | type[31] = '\0'; | |
563 | ||
564 | ret = -EFAULT; | |
565 | dlen = strnlen_user(_description, PAGE_SIZE - 1); | |
566 | if (dlen <= 0) | |
567 | goto error; | |
568 | ||
569 | ret = -EINVAL; | |
570 | if (dlen > PAGE_SIZE - 1) | |
571 | goto error; | |
572 | ||
573 | ret = -ENOMEM; | |
574 | description = kmalloc(dlen + 1, GFP_KERNEL); | |
575 | if (!description) | |
576 | goto error; | |
577 | ||
578 | ret = -EFAULT; | |
579 | if (copy_from_user(description, _description, dlen + 1) != 0) | |
580 | goto error2; | |
581 | ||
582 | /* get the keyring at which to begin the search */ | |
3e30148c | 583 | keyring = lookup_user_key(NULL, ringid, 0, 0, KEY_SEARCH); |
1da177e4 LT |
584 | if (IS_ERR(keyring)) { |
585 | ret = PTR_ERR(keyring); | |
586 | goto error2; | |
587 | } | |
588 | ||
589 | /* get the destination keyring if specified */ | |
590 | dest = NULL; | |
591 | if (destringid) { | |
3e30148c | 592 | dest = lookup_user_key(NULL, destringid, 1, 0, KEY_WRITE); |
1da177e4 LT |
593 | if (IS_ERR(dest)) { |
594 | ret = PTR_ERR(dest); | |
595 | goto error3; | |
596 | } | |
597 | } | |
598 | ||
599 | /* find the key type */ | |
600 | ktype = key_type_lookup(type); | |
601 | if (IS_ERR(ktype)) { | |
602 | ret = PTR_ERR(ktype); | |
603 | goto error4; | |
604 | } | |
605 | ||
606 | /* do the search */ | |
607 | key = keyring_search(keyring, ktype, description); | |
608 | if (IS_ERR(key)) { | |
609 | ret = PTR_ERR(key); | |
610 | ||
611 | /* treat lack or presence of a negative key the same */ | |
612 | if (ret == -EAGAIN) | |
613 | ret = -ENOKEY; | |
614 | goto error5; | |
615 | } | |
616 | ||
617 | /* link the resulting key to the destination keyring if we can */ | |
618 | if (dest) { | |
619 | ret = -EACCES; | |
620 | if (!key_permission(key, KEY_LINK)) | |
621 | goto error6; | |
622 | ||
623 | ret = key_link(dest, key); | |
624 | if (ret < 0) | |
625 | goto error6; | |
626 | } | |
627 | ||
628 | ret = key->serial; | |
629 | ||
630 | error6: | |
631 | key_put(key); | |
632 | error5: | |
633 | key_type_put(ktype); | |
634 | error4: | |
635 | key_put(dest); | |
636 | error3: | |
637 | key_put(keyring); | |
638 | error2: | |
639 | kfree(description); | |
640 | error: | |
641 | return ret; | |
642 | ||
643 | } /* end keyctl_keyring_search() */ | |
644 | ||
645 | /*****************************************************************************/ | |
646 | /* | |
647 | * see if the key we're looking at is the target key | |
648 | */ | |
649 | static int keyctl_read_key_same(const struct key *key, const void *target) | |
650 | { | |
651 | return key == target; | |
652 | ||
653 | } /* end keyctl_read_key_same() */ | |
654 | ||
655 | /*****************************************************************************/ | |
656 | /* | |
657 | * read a user key's payload | |
658 | * - the keyring must be readable or the key must be searchable from the | |
659 | * process's keyrings | |
660 | * - if there's a buffer, we place up to buflen bytes of data into it | |
661 | * - unless there's an error, we return the amount of data in the key, | |
662 | * irrespective of how much we may have copied | |
663 | * - implements keyctl(KEYCTL_READ) | |
664 | */ | |
665 | long keyctl_read_key(key_serial_t keyid, char __user *buffer, size_t buflen) | |
666 | { | |
667 | struct key *key, *skey; | |
668 | long ret; | |
669 | ||
670 | /* find the key first */ | |
3e30148c | 671 | key = lookup_user_key(NULL, keyid, 0, 0, 0); |
1da177e4 LT |
672 | if (!IS_ERR(key)) { |
673 | /* see if we can read it directly */ | |
674 | if (key_permission(key, KEY_READ)) | |
675 | goto can_read_key; | |
676 | ||
3e30148c DH |
677 | /* we can't; see if it's searchable from this process's |
678 | * keyrings | |
679 | * - we automatically take account of the fact that it may be | |
680 | * dangling off an instantiation key | |
681 | */ | |
682 | skey = search_process_keyrings(key->type, key, | |
683 | keyctl_read_key_same, current); | |
684 | if (!IS_ERR(skey)) | |
685 | goto can_read_key2; | |
686 | ||
687 | ret = PTR_ERR(skey); | |
1da177e4 LT |
688 | goto error2; |
689 | } | |
690 | ||
691 | ret = -ENOKEY; | |
692 | goto error; | |
693 | ||
694 | /* the key is probably readable - now try to read it */ | |
695 | can_read_key2: | |
696 | key_put(skey); | |
697 | can_read_key: | |
698 | ret = key_validate(key); | |
699 | if (ret == 0) { | |
700 | ret = -EOPNOTSUPP; | |
701 | if (key->type->read) { | |
702 | /* read the data with the semaphore held (since we | |
703 | * might sleep) */ | |
704 | down_read(&key->sem); | |
705 | ret = key->type->read(key, buffer, buflen); | |
706 | up_read(&key->sem); | |
707 | } | |
708 | } | |
709 | ||
710 | error2: | |
711 | key_put(key); | |
712 | error: | |
713 | return ret; | |
714 | ||
715 | } /* end keyctl_read_key() */ | |
716 | ||
717 | /*****************************************************************************/ | |
718 | /* | |
719 | * change the ownership of a key | |
720 | * - the keyring owned by the changer | |
721 | * - if the uid or gid is -1, then that parameter is not changed | |
722 | * - implements keyctl(KEYCTL_CHOWN) | |
723 | */ | |
724 | long keyctl_chown_key(key_serial_t id, uid_t uid, gid_t gid) | |
725 | { | |
726 | struct key *key; | |
727 | long ret; | |
728 | ||
729 | ret = 0; | |
730 | if (uid == (uid_t) -1 && gid == (gid_t) -1) | |
731 | goto error; | |
732 | ||
3e30148c | 733 | key = lookup_user_key(NULL, id, 1, 1, 0); |
1da177e4 LT |
734 | if (IS_ERR(key)) { |
735 | ret = PTR_ERR(key); | |
736 | goto error; | |
737 | } | |
738 | ||
739 | /* make the changes with the locks held to prevent chown/chown races */ | |
740 | ret = -EACCES; | |
741 | down_write(&key->sem); | |
1da177e4 LT |
742 | |
743 | if (!capable(CAP_SYS_ADMIN)) { | |
744 | /* only the sysadmin can chown a key to some other UID */ | |
745 | if (uid != (uid_t) -1 && key->uid != uid) | |
746 | goto no_access; | |
747 | ||
748 | /* only the sysadmin can set the key's GID to a group other | |
749 | * than one of those that the current process subscribes to */ | |
750 | if (gid != (gid_t) -1 && gid != key->gid && !in_group_p(gid)) | |
751 | goto no_access; | |
752 | } | |
753 | ||
754 | /* change the UID (have to update the quotas) */ | |
755 | if (uid != (uid_t) -1 && uid != key->uid) { | |
756 | /* don't support UID changing yet */ | |
757 | ret = -EOPNOTSUPP; | |
758 | goto no_access; | |
759 | } | |
760 | ||
761 | /* change the GID */ | |
762 | if (gid != (gid_t) -1) | |
763 | key->gid = gid; | |
764 | ||
765 | ret = 0; | |
766 | ||
767 | no_access: | |
1da177e4 LT |
768 | up_write(&key->sem); |
769 | key_put(key); | |
770 | error: | |
771 | return ret; | |
772 | ||
773 | } /* end keyctl_chown_key() */ | |
774 | ||
775 | /*****************************************************************************/ | |
776 | /* | |
777 | * change the permission mask on a key | |
778 | * - the keyring owned by the changer | |
779 | * - implements keyctl(KEYCTL_SETPERM) | |
780 | */ | |
781 | long keyctl_setperm_key(key_serial_t id, key_perm_t perm) | |
782 | { | |
783 | struct key *key; | |
784 | long ret; | |
785 | ||
786 | ret = -EINVAL; | |
787 | if (perm & ~(KEY_USR_ALL | KEY_GRP_ALL | KEY_OTH_ALL)) | |
788 | goto error; | |
789 | ||
3e30148c | 790 | key = lookup_user_key(NULL, id, 1, 1, 0); |
1da177e4 LT |
791 | if (IS_ERR(key)) { |
792 | ret = PTR_ERR(key); | |
793 | goto error; | |
794 | } | |
795 | ||
76d8aeab | 796 | /* make the changes with the locks held to prevent chown/chmod races */ |
1da177e4 LT |
797 | ret = -EACCES; |
798 | down_write(&key->sem); | |
1da177e4 | 799 | |
76d8aeab DH |
800 | /* if we're not the sysadmin, we can only change a key that we own */ |
801 | if (capable(CAP_SYS_ADMIN) || key->uid == current->fsuid) { | |
802 | key->perm = perm; | |
803 | ret = 0; | |
804 | } | |
1da177e4 | 805 | |
1da177e4 LT |
806 | up_write(&key->sem); |
807 | key_put(key); | |
76d8aeab | 808 | error: |
1da177e4 LT |
809 | return ret; |
810 | ||
811 | } /* end keyctl_setperm_key() */ | |
812 | ||
813 | /*****************************************************************************/ | |
814 | /* | |
815 | * instantiate the key with the specified payload, and, if one is given, link | |
816 | * the key into the keyring | |
817 | */ | |
818 | long keyctl_instantiate_key(key_serial_t id, | |
819 | const void __user *_payload, | |
820 | size_t plen, | |
821 | key_serial_t ringid) | |
822 | { | |
3e30148c DH |
823 | struct request_key_auth *rka; |
824 | struct key *instkey, *keyring; | |
1da177e4 LT |
825 | void *payload; |
826 | long ret; | |
827 | ||
828 | ret = -EINVAL; | |
829 | if (plen > 32767) | |
830 | goto error; | |
831 | ||
832 | /* pull the payload in if one was supplied */ | |
833 | payload = NULL; | |
834 | ||
835 | if (_payload) { | |
836 | ret = -ENOMEM; | |
837 | payload = kmalloc(plen, GFP_KERNEL); | |
838 | if (!payload) | |
839 | goto error; | |
840 | ||
841 | ret = -EFAULT; | |
842 | if (copy_from_user(payload, _payload, plen) != 0) | |
843 | goto error2; | |
844 | } | |
845 | ||
3e30148c DH |
846 | /* find the instantiation authorisation key */ |
847 | instkey = key_get_instantiation_authkey(id); | |
848 | if (IS_ERR(instkey)) { | |
849 | ret = PTR_ERR(instkey); | |
1da177e4 LT |
850 | goto error2; |
851 | } | |
852 | ||
3e30148c DH |
853 | rka = instkey->payload.data; |
854 | ||
855 | /* find the destination keyring amongst those belonging to the | |
856 | * requesting task */ | |
1da177e4 LT |
857 | keyring = NULL; |
858 | if (ringid) { | |
3e30148c DH |
859 | keyring = lookup_user_key(rka->context, ringid, 1, 0, |
860 | KEY_WRITE); | |
1da177e4 LT |
861 | if (IS_ERR(keyring)) { |
862 | ret = PTR_ERR(keyring); | |
863 | goto error3; | |
864 | } | |
865 | } | |
866 | ||
867 | /* instantiate the key and link it into a keyring */ | |
3e30148c DH |
868 | ret = key_instantiate_and_link(rka->target_key, payload, plen, |
869 | keyring, instkey); | |
1da177e4 LT |
870 | |
871 | key_put(keyring); | |
872 | error3: | |
3e30148c | 873 | key_put(instkey); |
1da177e4 LT |
874 | error2: |
875 | kfree(payload); | |
876 | error: | |
877 | return ret; | |
878 | ||
879 | } /* end keyctl_instantiate_key() */ | |
880 | ||
881 | /*****************************************************************************/ | |
882 | /* | |
883 | * negatively instantiate the key with the given timeout (in seconds), and, if | |
884 | * one is given, link the key into the keyring | |
885 | */ | |
886 | long keyctl_negate_key(key_serial_t id, unsigned timeout, key_serial_t ringid) | |
887 | { | |
3e30148c DH |
888 | struct request_key_auth *rka; |
889 | struct key *instkey, *keyring; | |
1da177e4 LT |
890 | long ret; |
891 | ||
3e30148c DH |
892 | /* find the instantiation authorisation key */ |
893 | instkey = key_get_instantiation_authkey(id); | |
894 | if (IS_ERR(instkey)) { | |
895 | ret = PTR_ERR(instkey); | |
1da177e4 LT |
896 | goto error; |
897 | } | |
898 | ||
3e30148c DH |
899 | rka = instkey->payload.data; |
900 | ||
1da177e4 LT |
901 | /* find the destination keyring if present (which must also be |
902 | * writable) */ | |
903 | keyring = NULL; | |
904 | if (ringid) { | |
3e30148c | 905 | keyring = lookup_user_key(NULL, ringid, 1, 0, KEY_WRITE); |
1da177e4 LT |
906 | if (IS_ERR(keyring)) { |
907 | ret = PTR_ERR(keyring); | |
908 | goto error2; | |
909 | } | |
910 | } | |
911 | ||
912 | /* instantiate the key and link it into a keyring */ | |
3e30148c | 913 | ret = key_negate_and_link(rka->target_key, timeout, keyring, instkey); |
1da177e4 LT |
914 | |
915 | key_put(keyring); | |
916 | error2: | |
3e30148c | 917 | key_put(instkey); |
1da177e4 LT |
918 | error: |
919 | return ret; | |
920 | ||
921 | } /* end keyctl_negate_key() */ | |
922 | ||
3e30148c DH |
923 | /*****************************************************************************/ |
924 | /* | |
925 | * set the default keyring in which request_key() will cache keys | |
926 | * - return the old setting | |
927 | */ | |
928 | long keyctl_set_reqkey_keyring(int reqkey_defl) | |
929 | { | |
930 | int ret; | |
931 | ||
932 | switch (reqkey_defl) { | |
933 | case KEY_REQKEY_DEFL_THREAD_KEYRING: | |
934 | ret = install_thread_keyring(current); | |
935 | if (ret < 0) | |
936 | return ret; | |
937 | goto set; | |
938 | ||
939 | case KEY_REQKEY_DEFL_PROCESS_KEYRING: | |
940 | ret = install_process_keyring(current); | |
941 | if (ret < 0) | |
942 | return ret; | |
943 | ||
944 | case KEY_REQKEY_DEFL_DEFAULT: | |
945 | case KEY_REQKEY_DEFL_SESSION_KEYRING: | |
946 | case KEY_REQKEY_DEFL_USER_KEYRING: | |
947 | case KEY_REQKEY_DEFL_USER_SESSION_KEYRING: | |
948 | set: | |
949 | current->jit_keyring = reqkey_defl; | |
950 | ||
951 | case KEY_REQKEY_DEFL_NO_CHANGE: | |
952 | return current->jit_keyring; | |
953 | ||
954 | case KEY_REQKEY_DEFL_GROUP_KEYRING: | |
955 | default: | |
956 | return -EINVAL; | |
957 | } | |
958 | ||
959 | } /* end keyctl_set_reqkey_keyring() */ | |
960 | ||
1da177e4 LT |
961 | /*****************************************************************************/ |
962 | /* | |
963 | * the key control system call | |
964 | */ | |
965 | asmlinkage long sys_keyctl(int option, unsigned long arg2, unsigned long arg3, | |
966 | unsigned long arg4, unsigned long arg5) | |
967 | { | |
968 | switch (option) { | |
969 | case KEYCTL_GET_KEYRING_ID: | |
970 | return keyctl_get_keyring_ID((key_serial_t) arg2, | |
971 | (int) arg3); | |
972 | ||
973 | case KEYCTL_JOIN_SESSION_KEYRING: | |
974 | return keyctl_join_session_keyring((const char __user *) arg2); | |
975 | ||
976 | case KEYCTL_UPDATE: | |
977 | return keyctl_update_key((key_serial_t) arg2, | |
978 | (const void __user *) arg3, | |
979 | (size_t) arg4); | |
980 | ||
981 | case KEYCTL_REVOKE: | |
982 | return keyctl_revoke_key((key_serial_t) arg2); | |
983 | ||
984 | case KEYCTL_DESCRIBE: | |
985 | return keyctl_describe_key((key_serial_t) arg2, | |
986 | (char __user *) arg3, | |
987 | (unsigned) arg4); | |
988 | ||
989 | case KEYCTL_CLEAR: | |
990 | return keyctl_keyring_clear((key_serial_t) arg2); | |
991 | ||
992 | case KEYCTL_LINK: | |
993 | return keyctl_keyring_link((key_serial_t) arg2, | |
994 | (key_serial_t) arg3); | |
995 | ||
996 | case KEYCTL_UNLINK: | |
997 | return keyctl_keyring_unlink((key_serial_t) arg2, | |
998 | (key_serial_t) arg3); | |
999 | ||
1000 | case KEYCTL_SEARCH: | |
1001 | return keyctl_keyring_search((key_serial_t) arg2, | |
1002 | (const char __user *) arg3, | |
1003 | (const char __user *) arg4, | |
1004 | (key_serial_t) arg5); | |
1005 | ||
1006 | case KEYCTL_READ: | |
1007 | return keyctl_read_key((key_serial_t) arg2, | |
1008 | (char __user *) arg3, | |
1009 | (size_t) arg4); | |
1010 | ||
1011 | case KEYCTL_CHOWN: | |
1012 | return keyctl_chown_key((key_serial_t) arg2, | |
1013 | (uid_t) arg3, | |
1014 | (gid_t) arg4); | |
1015 | ||
1016 | case KEYCTL_SETPERM: | |
1017 | return keyctl_setperm_key((key_serial_t) arg2, | |
1018 | (key_perm_t) arg3); | |
1019 | ||
1020 | case KEYCTL_INSTANTIATE: | |
1021 | return keyctl_instantiate_key((key_serial_t) arg2, | |
1022 | (const void __user *) arg3, | |
1023 | (size_t) arg4, | |
1024 | (key_serial_t) arg5); | |
1025 | ||
1026 | case KEYCTL_NEGATE: | |
1027 | return keyctl_negate_key((key_serial_t) arg2, | |
1028 | (unsigned) arg3, | |
1029 | (key_serial_t) arg4); | |
1030 | ||
3e30148c DH |
1031 | case KEYCTL_SET_REQKEY_KEYRING: |
1032 | return keyctl_set_reqkey_keyring(arg2); | |
1033 | ||
1da177e4 LT |
1034 | default: |
1035 | return -EOPNOTSUPP; | |
1036 | } | |
1037 | ||
1038 | } /* end sys_keyctl() */ |