projects / linux-2.6-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
keys: Replace uid/gid/perm permissions checking with an ACL
[linux-2.6-block.git] / security / keys / request_key.c
CommitLineData
76181c13 1/* Request a key from userspace
1da177e4 2 *
76181c13 3 * Copyright (C) 2004-2007 Red Hat, Inc. All Rights Reserved.
1da177e4
LT		 4 * Written by David Howells (dhowells@redhat.com)
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
f1a9badc 10 *
3db38ed7 11 * See Documentation/security/keys/request-key.rst
1da177e4
LT		 12 */
13
876979c9 14#include <linux/export.h>
1da177e4
LT		 15#include <linux/sched.h>
16#include <linux/kmod.h>
17#include <linux/err.h>
3e30148c 18#include <linux/keyctl.h>
fdb89bce 19#include <linux/slab.h>
a58946c1 20#include <net/net_namespace.h>
1da177e4 21#include "internal.h"
822ad64d 22#include <keys/request_key_auth-type.h>
1da177e4 23
e9e349b0
DH		 24#define key_negative_timeout 60 /* default timeout on a negative key's existence */
25
7743c48e
DH		 26static struct key *check_cached_key(struct keyring_search_context *ctx)
27{
28#ifdef CONFIG_KEYS_REQUEST_CACHE
29 struct key *key = current->cached_requested_key;
30
31 if (key &&
32 ctx->match_data.cmp(key, &ctx->match_data) &&
33 !(key->flags & ((1 << KEY_FLAG_INVALIDATED) |
34 (1 << KEY_FLAG_REVOKED))))
35 return key_get(key);
36#endif
37 return NULL;
38}
39
40static void cache_requested_key(struct key *key)
41{
42#ifdef CONFIG_KEYS_REQUEST_CACHE
43 struct task_struct *t = current;
44
45 key_put(t->cached_requested_key);
46 t->cached_requested_key = key_get(key);
47 set_tsk_thread_flag(t, TIF_NOTIFY_RESUME);
48#endif
49}
50
973c9f4f
DH		 51/**
52 * complete_request_key - Complete the construction of a key.
9fd16537 53 * @authkey: The authorisation key.
973c9f4f
DH		 54 * @error: The success or failute of the construction.
55 *
56 * Complete the attempt to construct a key. The key will be negated
57 * if an error is indicated. The authorisation key will be revoked
58 * unconditionally.
76181c13 59 */
822ad64d 60void complete_request_key(struct key *authkey, int error)
76181c13 61{
822ad64d
DH		 62 struct request_key_auth *rka = get_request_key_auth(authkey);
63 struct key *key = rka->target_key;
64
65 kenter("%d{%d},%d", authkey->serial, key->serial, error);
1da177e4 66
76181c13 67 if (error < 0)
822ad64d 68 key_negate_and_link(key, key_negative_timeout, NULL, authkey);
76181c13 69 else
822ad64d 70 key_revoke(authkey);
76181c13
DH		 71}
72EXPORT_SYMBOL(complete_request_key);
1da177e4 73
973c9f4f
DH		 74/*
75 * Initialise a usermode helper that is going to have a specific session
76 * keyring.
77 *
78 * This is called in context of freshly forked kthread before kernel_execve(),
79 * so we can simply install the desired session_keyring at this point.
80 */
87966996 81static int umh_keys_init(struct subprocess_info *info, struct cred *cred)
685bfd2c 82{
685bfd2c 83 struct key *keyring = info->data;
973c9f4f 84
685bfd2c
ON		 85 return install_session_keyring_to_cred(cred, keyring);
86}
87
973c9f4f
DH		 88/*
89 * Clean up a usermode helper with session keyring.
90 */
685bfd2c
ON		 91static void umh_keys_cleanup(struct subprocess_info *info)
92{
93 struct key *keyring = info->data;
94 key_put(keyring);
95}
96
973c9f4f
DH		 97/*
98 * Call a usermode helper with a specific session keyring.
99 */
377e7a27 100static int call_usermodehelper_keys(const char *path, char **argv, char **envp,
9d944ef3 101 struct key *session_keyring, int wait)
685bfd2c 102{
93997f6d
LDM		 103 struct subprocess_info *info;
104
105 info = call_usermodehelper_setup(path, argv, envp, GFP_KERNEL,
106 umh_keys_init, umh_keys_cleanup,
107 session_keyring);
108 if (!info)
109 return -ENOMEM;
110
111 key_get(session_keyring);
112 return call_usermodehelper_exec(info, wait);
685bfd2c
ON		 113}
114
1da177e4 115/*
973c9f4f 116 * Request userspace finish the construction of a key
b5f545c8 117 * - execute "/sbin/request-key <op> <key> <uid> <gid> <keyring> <keyring> <keyring>"
1da177e4 118 */
822ad64d 119static int call_sbin_request_key(struct key *authkey, void *aux)
1da177e4 120{
377e7a27 121 static char const request_key[] = "/sbin/request-key";
822ad64d 122 struct request_key_auth *rka = get_request_key_auth(authkey);
86a264ab 123 const struct cred *cred = current_cred();
1da177e4 124 key_serial_t prkey, sskey;
0f44e4d9 125 struct key *key = rka->target_key, *keyring, *session, *user_session;
b5f545c8 126 char *argv[9], *envp[3], uid_str[12], gid_str[12];
1da177e4 127 char key_str[12], keyring_str[3][12];
b5f545c8 128 char desc[20];
3e30148c
DH		 129 int ret, i;
130
822ad64d 131 kenter("{%d},{%d},%s", key->serial, authkey->serial, rka->op);
3e30148c 132
0f44e4d9 133 ret = look_up_user_keyrings(NULL, &user_session);
8bbf4976 134 if (ret < 0)
0f44e4d9 135 goto error_us;
8bbf4976 136
b5f545c8
DH		 137 /* allocate a new session keyring */
138 sprintf(desc, "_req.%u", key->serial);
139
d84f4f99
DH		 140 cred = get_current_cred();
141 keyring = keyring_alloc(desc, cred->fsuid, cred->fsgid, cred,
2e12256b 142 NULL, KEY_ALLOC_QUOTA_OVERRUN, NULL, NULL);
d84f4f99 143 put_cred(cred);
b5f545c8
DH		 144 if (IS_ERR(keyring)) {
145 ret = PTR_ERR(keyring);
146 goto error_alloc;
3e30148c 147 }
1da177e4 148
b5f545c8 149 /* attach the auth key to the session keyring */
896903c2 150 ret = key_link(keyring, authkey);
b5f545c8
DH		 151 if (ret < 0)
152 goto error_link;
153
1da177e4 154 /* record the UID and GID */
9a56c2db
EB		 155 sprintf(uid_str, "%d", from_kuid(&init_user_ns, cred->fsuid));
156 sprintf(gid_str, "%d", from_kgid(&init_user_ns, cred->fsgid));
1da177e4
LT		 157
158 /* we say which key is under construction */
159 sprintf(key_str, "%d", key->serial);
160
161 /* we specify the process's default keyrings */
162 sprintf(keyring_str[0], "%d",
d84f4f99 163 cred->thread_keyring ? cred->thread_keyring->serial : 0);
1da177e4
LT		 164
165 prkey = 0;
3a50597d
DH		 166 if (cred->process_keyring)
167 prkey = cred->process_keyring->serial;
5ad18a0d 168 sprintf(keyring_str[1], "%d", prkey);
1da177e4 169
5c7e372c 170 session = cred->session_keyring;
93b4a44f 171 if (!session)
0f44e4d9 172 session = user_session;
93b4a44f 173 sskey = session->serial;
1da177e4 174
1da177e4
LT		 175 sprintf(keyring_str[2], "%d", sskey);
176
177 /* set up a minimal environment */
178 i = 0;
179 envp[i++] = "HOME=/";
180 envp[i++] = "PATH=/sbin:/bin:/usr/sbin:/usr/bin";
181 envp[i] = NULL;
182
183 /* set up the argument list */
184 i = 0;
377e7a27 185 argv[i++] = (char *)request_key;
822ad64d 186 argv[i++] = (char *)rka->op;
1da177e4
LT		 187 argv[i++] = key_str;
188 argv[i++] = uid_str;
189 argv[i++] = gid_str;
190 argv[i++] = keyring_str[0];
191 argv[i++] = keyring_str[1];
192 argv[i++] = keyring_str[2];
1da177e4
LT		 193 argv[i] = NULL;
194
195 /* do it */
377e7a27 196 ret = call_usermodehelper_keys(request_key, argv, envp, keyring,
86313c48 197 UMH_WAIT_PROC);
76181c13
DH		 198 kdebug("usermode -> 0x%x", ret);
199 if (ret >= 0) {
200 /* ret is the exit/wait code */
201 if (test_bit(KEY_FLAG_USER_CONSTRUCT, &key->flags) ||
202 key_validate(key) < 0)
203 ret = -ENOKEY;
204 else
205 /* ignore any errors from userspace if the key was
206 * instantiated */
207 ret = 0;
208 }
3e30148c 209
b5f545c8
DH		 210error_link:
211 key_put(keyring);
3e30148c 212
b5f545c8 213error_alloc:
0f44e4d9
DH		 214 key_put(user_session);
215error_us:
822ad64d 216 complete_request_key(authkey, ret);
d84f4f99 217 kleave(" = %d", ret);
3e30148c 218 return ret;
76181c13 219}
1da177e4 220
1da177e4 221/*
973c9f4f
DH		 222 * Call out to userspace for key construction.
223 *
224 * Program failure is ignored in favour of key status.
1da177e4 225 */
4a38e122 226static int construct_key(struct key *key, const void *callout_info,
8bbf4976
DH		 227 size_t callout_len, void *aux,
228 struct key *dest_keyring)
1da177e4 229{
b5f545c8 230 request_key_actor_t actor;
76181c13
DH		 231 struct key *authkey;
232 int ret;
1da177e4 233
4a38e122 234 kenter("%d,%p,%zu,%p", key->serial, callout_info, callout_len, aux);
3e30148c 235
b5f545c8 236 /* allocate an authorisation key */
822ad64d 237 authkey = request_key_auth_new(key, "create", callout_info, callout_len,
8bbf4976 238 dest_keyring);
822ad64d
DH		 239 if (IS_ERR(authkey))
240 return PTR_ERR(authkey);
76181c13 241
822ad64d
DH		 242 /* Make the call */
243 actor = call_sbin_request_key;
244 if (key->type->request_key)
245 actor = key->type->request_key;
76181c13 246
822ad64d 247 ret = actor(authkey, aux);
76181c13 248
822ad64d
DH		 249 /* check that the actor called complete_request_key() prior to
250 * returning an error */
251 WARN_ON(ret < 0 &&
a09003b5 252 !test_bit(KEY_FLAG_INVALIDATED, &authkey->flags));
1da177e4 253
822ad64d 254 key_put(authkey);
76181c13
DH		 255 kleave(" = %d", ret);
256 return ret;
257}
1da177e4 258
3e30148c 259/*
973c9f4f
DH		 260 * Get the appropriate destination keyring for the request.
261 *
262 * The keyring selected is returned with an extra reference upon it which the
263 * caller must release.
3e30148c 264 */
4dca6ea1 265static int construct_get_dest_keyring(struct key **_dest_keyring)
3e30148c 266{
8bbf4976 267 struct request_key_auth *rka;
bb952bb9 268 const struct cred *cred = current_cred();
8bbf4976 269 struct key *dest_keyring = *_dest_keyring, *authkey;
4dca6ea1 270 int ret;
3e30148c 271
8bbf4976 272 kenter("%p", dest_keyring);
3e30148c
DH		 273
274 /* find the appropriate keyring */
8bbf4976
DH		 275 if (dest_keyring) {
276 /* the caller supplied one */
277 key_get(dest_keyring);
278 } else {
4dca6ea1
EB		 279 bool do_perm_check = true;
280
8bbf4976
DH		 281 /* use a default keyring; falling through the cases until we
282 * find one that we actually have */
bb952bb9 283 switch (cred->jit_keyring) {
3e30148c 284 case KEY_REQKEY_DEFL_DEFAULT:
8bbf4976 285 case KEY_REQKEY_DEFL_REQUESTOR_KEYRING:
bb952bb9
DH		 286 if (cred->request_key_auth) {
287 authkey = cred->request_key_auth;
8bbf4976 288 down_read(&authkey->sem);
822ad64d 289 rka = get_request_key_auth(authkey);
8bbf4976
DH		 290 if (!test_bit(KEY_FLAG_REVOKED,
291 &authkey->flags))
292 dest_keyring =
293 key_get(rka->dest_keyring);
294 up_read(&authkey->sem);
4dca6ea1
EB		 295 if (dest_keyring) {
296 do_perm_check = false;
8bbf4976 297 break;
4dca6ea1 298 }
8bbf4976
DH		 299 }
300
23711df7 301 /* fall through */
3e30148c 302 case KEY_REQKEY_DEFL_THREAD_KEYRING:
bb952bb9 303 dest_keyring = key_get(cred->thread_keyring);
3e30148c
DH		 304 if (dest_keyring)
305 break;
306
23711df7 307 /* fall through */
3e30148c 308 case KEY_REQKEY_DEFL_PROCESS_KEYRING:
3a50597d 309 dest_keyring = key_get(cred->process_keyring);
3e30148c
DH		 310 if (dest_keyring)
311 break;
312
23711df7 313 /* fall through */
3e30148c 314 case KEY_REQKEY_DEFL_SESSION_KEYRING:
5c7e372c 315 dest_keyring = key_get(cred->session_keyring);
3e30148c
DH		 316
317 if (dest_keyring)
318 break;
319
23711df7 320 /* fall through */
3e30148c 321 case KEY_REQKEY_DEFL_USER_SESSION_KEYRING:
0f44e4d9
DH		 322 ret = look_up_user_keyrings(NULL, &dest_keyring);
323 if (ret < 0)
324 return ret;
3e30148c
DH		 325 break;
326
327 case KEY_REQKEY_DEFL_USER_KEYRING:
0f44e4d9
DH		 328 ret = look_up_user_keyrings(&dest_keyring, NULL);
329 if (ret < 0)
330 return ret;
3e30148c
DH		 331 break;
332
333 case KEY_REQKEY_DEFL_GROUP_KEYRING:
334 default:
335 BUG();
336 }
4dca6ea1
EB		 337
338 /*
339 * Require Write permission on the keyring. This is essential
340 * because the default keyring may be the session keyring, and
341 * joining a keyring only requires Search permission.
342 *
343 * However, this check is skipped for the "requestor keyring" so
344 * that /sbin/request-key can itself use request_key() to add
345 * keys to the original requestor's destination keyring.
346 */
347 if (dest_keyring && do_perm_check) {
348 ret = key_permission(make_key_ref(dest_keyring, 1),
349 KEY_NEED_WRITE);
350 if (ret) {
351 key_put(dest_keyring);
352 return ret;
353 }
354 }
3e30148c
DH		 355 }
356
8bbf4976
DH		 357 *_dest_keyring = dest_keyring;
358 kleave(" [dk %d]", key_serial(dest_keyring));
4dca6ea1 359 return 0;
76181c13 360}
3e30148c 361
76181c13 362/*
973c9f4f
DH		 363 * Allocate a new key in under-construction state and attempt to link it in to
364 * the requested keyring.
365 *
366 * May return a key that's already under construction instead if there was a
367 * race between two thread calling request_key().
76181c13 368 */
4bdf0bc3 369static int construct_alloc_key(struct keyring_search_context *ctx,
76181c13
DH		 370 struct key *dest_keyring,
371 unsigned long flags,
372 struct key_user *user,
2e12256b 373 struct key_acl *acl,
76181c13
DH		 374 struct key **_key)
375{
df593ee2 376 struct assoc_array_edit *edit = NULL;
76181c13
DH		 377 struct key *key;
378 key_ref_t key_ref;
2b9e4688 379 int ret;
76181c13 380
4bdf0bc3
DH		 381 kenter("%s,%s,,,",
382 ctx->index_key.type->name, ctx->index_key.description);
76181c13 383
f70e2e06 384 *_key = NULL;
76181c13
DH		 385 mutex_lock(&user->cons_lock);
386
4bdf0bc3
DH		 387 key = key_alloc(ctx->index_key.type, ctx->index_key.description,
388 ctx->cred->fsuid, ctx->cred->fsgid, ctx->cred,
2e12256b 389 acl, flags, NULL);
76181c13
DH		 390 if (IS_ERR(key))
391 goto alloc_failed;
392
393 set_bit(KEY_FLAG_USER_CONSTRUCT, &key->flags);
394
f70e2e06 395 if (dest_keyring) {
df593ee2
DH		 396 ret = __key_link_lock(dest_keyring, &ctx->index_key);
397 if (ret < 0)
398 goto link_lock_failed;
b2a4df20 399 ret = __key_link_begin(dest_keyring, &ctx->index_key, &edit);
f70e2e06
DH		 400 if (ret < 0)
401 goto link_prealloc_failed;
402 }
76181c13
DH		 403
404 /* attach the key to the destination keyring under lock, but we do need
405 * to do another check just in case someone beat us to it whilst we
406 * waited for locks */
407 mutex_lock(&key_construction_mutex);
408
e59428f7
DH		 409 rcu_read_lock();
410 key_ref = search_process_keyrings_rcu(ctx);
411 rcu_read_unlock();
76181c13
DH		 412 if (!IS_ERR(key_ref))
413 goto key_already_present;
414
34574dd1 415 if (dest_keyring)
b2a4df20 416 __key_link(key, &edit);
76181c13
DH		 417
418 mutex_unlock(&key_construction_mutex);
34574dd1 419 if (dest_keyring)
b2a4df20 420 __key_link_end(dest_keyring, &ctx->index_key, edit);
76181c13
DH		 421 mutex_unlock(&user->cons_lock);
422 *_key = key;
423 kleave(" = 0 [%d]", key_serial(key));
424 return 0;
425
2b9e4688
DH		 426 /* the key is now present - we tell the caller that we found it by
427 * returning -EINPROGRESS */
76181c13 428key_already_present:
f70e2e06 429 key_put(key);
76181c13 430 mutex_unlock(&key_construction_mutex);
f70e2e06 431 key = key_ref_to_ptr(key_ref);
03449cd9 432 if (dest_keyring) {
f70e2e06
DH		 433 ret = __key_link_check_live_key(dest_keyring, key);
434 if (ret == 0)
b2a4df20
DH		 435 __key_link(key, &edit);
436 __key_link_end(dest_keyring, &ctx->index_key, edit);
f70e2e06
DH		 437 if (ret < 0)
438 goto link_check_failed;
03449cd9 439 }
76181c13 440 mutex_unlock(&user->cons_lock);
f70e2e06 441 *_key = key;
76181c13
DH		 442 kleave(" = -EINPROGRESS [%d]", key_serial(key));
443 return -EINPROGRESS;
444
f70e2e06
DH		 445link_check_failed:
446 mutex_unlock(&user->cons_lock);
447 key_put(key);
448 kleave(" = %d [linkcheck]", ret);
449 return ret;
450
451link_prealloc_failed:
df593ee2
DH		 452 __key_link_end(dest_keyring, &ctx->index_key, edit);
453link_lock_failed:
f70e2e06 454 mutex_unlock(&user->cons_lock);
d0709f1e 455 key_put(key);
f70e2e06
DH		 456 kleave(" = %d [prelink]", ret);
457 return ret;
458
76181c13
DH		 459alloc_failed:
460 mutex_unlock(&user->cons_lock);
76181c13
DH		 461 kleave(" = %ld", PTR_ERR(key));
462 return PTR_ERR(key);
463}
464
465/*
973c9f4f 466 * Commence key construction.
76181c13 467 */
4bdf0bc3 468static struct key *construct_key_and_link(struct keyring_search_context *ctx,
76181c13 469 const char *callout_info,
4a38e122 470 size_t callout_len,
76181c13 471 void *aux,
2e12256b 472 struct key_acl *acl,
76181c13
DH		 473 struct key *dest_keyring,
474 unsigned long flags)
475{
476 struct key_user *user;
477 struct key *key;
478 int ret;
479
d84f4f99
DH		 480 kenter("");
481
911b79cd
DH		 482 if (ctx->index_key.type == &key_type_keyring)
483 return ERR_PTR(-EPERM);
965475ac 484
4dca6ea1
EB		 485 ret = construct_get_dest_keyring(&dest_keyring);
486 if (ret)
487 goto error;
76181c13 488
4dca6ea1
EB		 489 user = key_user_lookup(current_fsuid());
490 if (!user) {
491 ret = -ENOMEM;
492 goto error_put_dest_keyring;
493 }
8bbf4976 494
2e12256b 495 ret = construct_alloc_key(ctx, dest_keyring, flags, user, acl, &key);
76181c13
DH		 496 key_user_put(user);
497
498 if (ret == 0) {
8bbf4976
DH		 499 ret = construct_key(key, callout_info, callout_len, aux,
500 dest_keyring);
d84f4f99
DH		 501 if (ret < 0) {
502 kdebug("cons failed");
76181c13 503 goto construction_failed;
d84f4f99 504 }
2b9e4688
DH		 505 } else if (ret == -EINPROGRESS) {
506 ret = 0;
507 } else {
4dca6ea1 508 goto error_put_dest_keyring;
76181c13
DH		 509 }
510
8bbf4976 511 key_put(dest_keyring);
d84f4f99 512 kleave(" = key %d", key_serial(key));
76181c13
DH		 513 return key;
514
515construction_failed:
516 key_negate_and_link(key, key_negative_timeout, NULL, NULL);
517 key_put(key);
4dca6ea1 518error_put_dest_keyring:
8bbf4976 519 key_put(dest_keyring);
4dca6ea1 520error:
d84f4f99 521 kleave(" = %d", ret);
76181c13
DH		 522 return ERR_PTR(ret);
523}
3e30148c 524
973c9f4f
DH		 525/**
526 * request_key_and_link - Request a key and cache it in a keyring.
527 * @type: The type of key we want.
528 * @description: The searchable description of the key.
a58946c1 529 * @domain_tag: The domain in which the key operates.
973c9f4f
DH		 530 * @callout_info: The data to pass to the instantiation upcall (or NULL).
531 * @callout_len: The length of callout_info.
532 * @aux: Auxiliary data for the upcall.
2e12256b 533 * @acl: The ACL to attach if a new key is created.
973c9f4f
DH		 534 * @dest_keyring: Where to cache the key.
535 * @flags: Flags to key_alloc().
536 *
a58946c1
DH		 537 * A key matching the specified criteria (type, description, domain_tag) is
538 * searched for in the process's keyrings and returned with its usage count
539 * incremented if found. Otherwise, if callout_info is not NULL, a key will be
540 * allocated and some service (probably in userspace) will be asked to
541 * instantiate it.
973c9f4f
DH		 542 *
543 * If successfully found or created, the key will be linked to the destination
544 * keyring if one is provided.
545 *
546 * Returns a pointer to the key if successful; -EACCES, -ENOKEY, -EKEYREVOKED
547 * or -EKEYEXPIRED if an inaccessible, negative, revoked or expired key was
548 * found; -ENOKEY if no key was found and no @callout_info was given; -EDQUOT
549 * if insufficient key quota was available to create a new key; or -ENOMEM if
550 * insufficient memory was available.
551 *
552 * If the returned key was created, then it may still be under construction,
553 * and wait_for_key_construction() should be used to wait for that to complete.
1da177e4 554 */
3e30148c
DH		 555struct key *request_key_and_link(struct key_type *type,
556 const char *description,
a58946c1 557 struct key_tag *domain_tag,
4a38e122
DH		 558 const void *callout_info,
559 size_t callout_len,
4e54f085 560 void *aux,
2e12256b 561 struct key_acl *acl,
7e047ef5
DH		 562 struct key *dest_keyring,
563 unsigned long flags)
1da177e4 564{
4bdf0bc3
DH		 565 struct keyring_search_context ctx = {
566 .index_key.type = type,
a58946c1 567 .index_key.domain_tag = domain_tag,
4bdf0bc3 568 .index_key.description = description,
ede0fa98 569 .index_key.desc_len = strlen(description),
4bdf0bc3 570 .cred = current_cred(),
c06cfb08 571 .match_data.cmp = key_default_cmp,
46291959
DH		 572 .match_data.raw_data = description,
573 .match_data.lookup_type = KEYRING_SEARCH_LOOKUP_DIRECT,
0b0a8415 574 .flags = (KEYRING_SEARCH_DO_STATE_CHECK |
dcf49dbc
DH		 575 KEYRING_SEARCH_SKIP_EXPIRED |
576 KEYRING_SEARCH_RECURSE),
4bdf0bc3 577 };
1da177e4 578 struct key *key;
664cceb0 579 key_ref_t key_ref;
2b9e4688 580 int ret;
1da177e4 581
4a38e122 582 kenter("%s,%s,%p,%zu,%p,%p,%lx",
4bdf0bc3
DH		 583 ctx.index_key.type->name, ctx.index_key.description,
584 callout_info, callout_len, aux, dest_keyring, flags);
3e30148c 585
46291959
DH		 586 if (type->match_preparse) {
587 ret = type->match_preparse(&ctx.match_data);
588 if (ret < 0) {
589 key = ERR_PTR(ret);
590 goto error;
591 }
592 }
593
7743c48e
DH		 594 key = check_cached_key(&ctx);
595 if (key)
596 return key;
597
1da177e4 598 /* search all the process keyrings for a key */
e59428f7
DH		 599 rcu_read_lock();
600 key_ref = search_process_keyrings_rcu(&ctx);
601 rcu_read_unlock();
1da177e4 602
664cceb0 603 if (!IS_ERR(key_ref)) {
504b69eb
DH		 604 if (dest_keyring) {
605 ret = key_task_permission(key_ref, current_cred(),
606 KEY_NEED_LINK);
607 if (ret < 0) {
608 key_ref_put(key_ref);
609 key = ERR_PTR(ret);
610 goto error_free;
611 }
612 }
613
664cceb0 614 key = key_ref_to_ptr(key_ref);
03449cd9 615 if (dest_keyring) {
2b9e4688 616 ret = key_link(dest_keyring, key);
2b9e4688
DH		 617 if (ret < 0) {
618 key_put(key);
619 key = ERR_PTR(ret);
46291959 620 goto error_free;
2b9e4688 621 }
03449cd9 622 }
7743c48e
DH		 623
624 /* Only cache the key on immediate success */
625 cache_requested_key(key);
76181c13 626 } else if (PTR_ERR(key_ref) != -EAGAIN) {
e231c2ee 627 key = ERR_CAST(key_ref);
76181c13 628 } else {
1da177e4
LT		 629 /* the search failed, but the keyrings were searchable, so we
630 * should consult userspace if we can */
631 key = ERR_PTR(-ENOKEY);
632 if (!callout_info)
46291959 633 goto error_free;
1da177e4 634
4bdf0bc3 635 key = construct_key_and_link(&ctx, callout_info, callout_len,
2e12256b 636 aux, acl, dest_keyring, flags);
1da177e4
LT		 637 }
638
46291959
DH		 639error_free:
640 if (type->match_free)
641 type->match_free(&ctx.match_data);
3e30148c
DH		 642error:
643 kleave(" = %p", key);
1da177e4 644 return key;
76181c13 645}
1da177e4 646
973c9f4f
DH		 647/**
648 * wait_for_key_construction - Wait for construction of a key to complete
649 * @key: The key being waited for.
650 * @intr: Whether to wait interruptibly.
651 *
652 * Wait for a key to finish being constructed.
653 *
654 * Returns 0 if successful; -ERESTARTSYS if the wait was interrupted; -ENOKEY
655 * if the key was negated; or -EKEYREVOKED or -EKEYEXPIRED if the key was
656 * revoked or expired.
76181c13
DH		 657 */
658int wait_for_key_construction(struct key *key, bool intr)
659{
660 int ret;
3e30148c 661
76181c13 662 ret = wait_on_bit(&key->flags, KEY_FLAG_USER_CONSTRUCT,
76181c13 663 intr ? TASK_INTERRUPTIBLE : TASK_UNINTERRUPTIBLE);
74316201
N		 664 if (ret)
665 return -ERESTARTSYS;
363b02da
DH		 666 ret = key_read_state(key);
667 if (ret < 0)
668 return ret;
76181c13
DH		 669 return key_validate(key);
670}
671EXPORT_SYMBOL(wait_for_key_construction);
3e30148c 672
973c9f4f 673/**
a58946c1 674 * request_key_tag - Request a key and wait for construction
973c9f4f
DH		 675 * @type: Type of key.
676 * @description: The searchable description of the key.
a58946c1 677 * @domain_tag: The domain in which the key operates.
973c9f4f 678 * @callout_info: The data to pass to the instantiation upcall (or NULL).
2e12256b 679 * @acl: The ACL to attach if a new key is created.
973c9f4f
DH		 680 *
681 * As for request_key_and_link() except that it does not add the returned key
682 * to a keyring if found, new keys are always allocated in the user's quota,
683 * the callout_info must be a NUL-terminated string and no auxiliary data can
684 * be passed.
685 *
686 * Furthermore, it then works as wait_for_key_construction() to wait for the
687 * completion of keys undergoing construction with a non-interruptible wait.
3e30148c 688 */
a58946c1
DH		 689struct key *request_key_tag(struct key_type *type,
690 const char *description,
691 struct key_tag *domain_tag,
2e12256b
DH		 692 const char *callout_info,
693 struct key_acl *acl)
3e30148c 694{
76181c13 695 struct key *key;
4a38e122 696 size_t callout_len = 0;
76181c13
DH		 697 int ret;
698
4a38e122
DH		 699 if (callout_info)
700 callout_len = strlen(callout_info);
a58946c1
DH		 701 key = request_key_and_link(type, description, domain_tag,
702 callout_info, callout_len,
2e12256b 703 NULL, acl, NULL, KEY_ALLOC_IN_QUOTA);
76181c13
DH		 704 if (!IS_ERR(key)) {
705 ret = wait_for_key_construction(key, false);
706 if (ret < 0) {
707 key_put(key);
708 return ERR_PTR(ret);
709 }
710 }
711 return key;
712}
a58946c1 713EXPORT_SYMBOL(request_key_tag);
4e54f085 714
973c9f4f
DH		 715/**
716 * request_key_with_auxdata - Request a key with auxiliary data for the upcaller
717 * @type: The type of key we want.
718 * @description: The searchable description of the key.
a58946c1 719 * @domain_tag: The domain in which the key operates.
973c9f4f
DH		 720 * @callout_info: The data to pass to the instantiation upcall (or NULL).
721 * @callout_len: The length of callout_info.
722 * @aux: Auxiliary data for the upcall.
2e12256b 723 * @acl: The ACL to attach if a new key is created.
973c9f4f
DH		 724 *
725 * As for request_key_and_link() except that it does not add the returned key
726 * to a keyring if found and new keys are always allocated in the user's quota.
727 *
728 * Furthermore, it then works as wait_for_key_construction() to wait for the
729 * completion of keys undergoing construction with a non-interruptible wait.
4e54f085
DH		 730 */
731struct key *request_key_with_auxdata(struct key_type *type,
732 const char *description,
a58946c1 733 struct key_tag *domain_tag,
4a38e122
DH		 734 const void *callout_info,
735 size_t callout_len,
2e12256b
DH		 736 void *aux,
737 struct key_acl *acl)
4e54f085 738{
76181c13
DH		 739 struct key *key;
740 int ret;
741
a58946c1
DH		 742 key = request_key_and_link(type, description, domain_tag,
743 callout_info, callout_len,
2e12256b 744 aux, acl, NULL, KEY_ALLOC_IN_QUOTA);
76181c13
DH		 745 if (!IS_ERR(key)) {
746 ret = wait_for_key_construction(key, false);
747 if (ret < 0) {
748 key_put(key);
749 return ERR_PTR(ret);
750 }
751 }
752 return key;
753}
754EXPORT_SYMBOL(request_key_with_auxdata);
4e54f085 755
896f1950
DH		 756/**
757 * request_key_rcu - Request key from RCU-read-locked context
758 * @type: The type of key we want.
759 * @description: The name of the key we want.
a58946c1 760 * @domain_tag: The domain in which the key operates.
896f1950
DH		 761 *
762 * Request a key from a context that we may not sleep in (such as RCU-mode
763 * pathwalk). Keys under construction are ignored.
764 *
765 * Return a pointer to the found key if successful, -ENOKEY if we couldn't find
766 * a key or some other error if the key found was unsuitable or inaccessible.
767 */
a58946c1
DH		 768struct key *request_key_rcu(struct key_type *type,
769 const char *description,
770 struct key_tag *domain_tag)
896f1950
DH		 771{
772 struct keyring_search_context ctx = {
773 .index_key.type = type,
a58946c1 774 .index_key.domain_tag = domain_tag,
896f1950
DH		 775 .index_key.description = description,
776 .index_key.desc_len = strlen(description),
777 .cred = current_cred(),
778 .match_data.cmp = key_default_cmp,
779 .match_data.raw_data = description,
780 .match_data.lookup_type = KEYRING_SEARCH_LOOKUP_DIRECT,
781 .flags = (KEYRING_SEARCH_DO_STATE_CHECK |
782 KEYRING_SEARCH_SKIP_EXPIRED),
783 };
784 struct key *key;
785 key_ref_t key_ref;
786
787 kenter("%s,%s", type->name, description);
788
7743c48e
DH		 789 key = check_cached_key(&ctx);
790 if (key)
791 return key;
792
896f1950
DH		 793 /* search all the process keyrings for a key */
794 key_ref = search_process_keyrings_rcu(&ctx);
795 if (IS_ERR(key_ref)) {
796 key = ERR_CAST(key_ref);
797 if (PTR_ERR(key_ref) == -EAGAIN)
798 key = ERR_PTR(-ENOKEY);
799 } else {
800 key = key_ref_to_ptr(key_ref);
7743c48e 801 cache_requested_key(key);
896f1950
DH		 802 }
803
804 kleave(" = %p", key);
805 return key;
806}
807EXPORT_SYMBOL(request_key_rcu);
Linux 6.x block layer and io_uring tree(s)