Commit | Line | Data |
---|---|---|
76181c13 | 1 | /* Request a key from userspace |
1da177e4 | 2 | * |
76181c13 | 3 | * Copyright (C) 2004-2007 Red Hat, Inc. All Rights Reserved. |
1da177e4 LT |
4 | * Written by David Howells (dhowells@redhat.com) |
5 | * | |
6 | * This program is free software; you can redistribute it and/or | |
7 | * modify it under the terms of the GNU General Public License | |
8 | * as published by the Free Software Foundation; either version | |
9 | * 2 of the License, or (at your option) any later version. | |
f1a9badc | 10 | * |
3db38ed7 | 11 | * See Documentation/security/keys/request-key.rst |
1da177e4 LT |
12 | */ |
13 | ||
876979c9 | 14 | #include <linux/export.h> |
1da177e4 LT |
15 | #include <linux/sched.h> |
16 | #include <linux/kmod.h> | |
17 | #include <linux/err.h> | |
3e30148c | 18 | #include <linux/keyctl.h> |
fdb89bce | 19 | #include <linux/slab.h> |
1da177e4 | 20 | #include "internal.h" |
822ad64d | 21 | #include <keys/request_key_auth-type.h> |
1da177e4 | 22 | |
e9e349b0 DH |
23 | #define key_negative_timeout 60 /* default timeout on a negative key's existence */ |
24 | ||
973c9f4f DH |
25 | /** |
26 | * complete_request_key - Complete the construction of a key. | |
9fd16537 | 27 | * @authkey: The authorisation key. |
973c9f4f DH |
28 | * @error: The success or failute of the construction. |
29 | * | |
30 | * Complete the attempt to construct a key. The key will be negated | |
31 | * if an error is indicated. The authorisation key will be revoked | |
32 | * unconditionally. | |
76181c13 | 33 | */ |
822ad64d | 34 | void complete_request_key(struct key *authkey, int error) |
76181c13 | 35 | { |
822ad64d DH |
36 | struct request_key_auth *rka = get_request_key_auth(authkey); |
37 | struct key *key = rka->target_key; | |
38 | ||
39 | kenter("%d{%d},%d", authkey->serial, key->serial, error); | |
1da177e4 | 40 | |
76181c13 | 41 | if (error < 0) |
822ad64d | 42 | key_negate_and_link(key, key_negative_timeout, NULL, authkey); |
76181c13 | 43 | else |
822ad64d | 44 | key_revoke(authkey); |
76181c13 DH |
45 | } |
46 | EXPORT_SYMBOL(complete_request_key); | |
1da177e4 | 47 | |
973c9f4f DH |
48 | /* |
49 | * Initialise a usermode helper that is going to have a specific session | |
50 | * keyring. | |
51 | * | |
52 | * This is called in context of freshly forked kthread before kernel_execve(), | |
53 | * so we can simply install the desired session_keyring at this point. | |
54 | */ | |
87966996 | 55 | static int umh_keys_init(struct subprocess_info *info, struct cred *cred) |
685bfd2c | 56 | { |
685bfd2c | 57 | struct key *keyring = info->data; |
973c9f4f | 58 | |
685bfd2c ON |
59 | return install_session_keyring_to_cred(cred, keyring); |
60 | } | |
61 | ||
973c9f4f DH |
62 | /* |
63 | * Clean up a usermode helper with session keyring. | |
64 | */ | |
685bfd2c ON |
65 | static void umh_keys_cleanup(struct subprocess_info *info) |
66 | { | |
67 | struct key *keyring = info->data; | |
68 | key_put(keyring); | |
69 | } | |
70 | ||
973c9f4f DH |
71 | /* |
72 | * Call a usermode helper with a specific session keyring. | |
73 | */ | |
377e7a27 | 74 | static int call_usermodehelper_keys(const char *path, char **argv, char **envp, |
9d944ef3 | 75 | struct key *session_keyring, int wait) |
685bfd2c | 76 | { |
93997f6d LDM |
77 | struct subprocess_info *info; |
78 | ||
79 | info = call_usermodehelper_setup(path, argv, envp, GFP_KERNEL, | |
80 | umh_keys_init, umh_keys_cleanup, | |
81 | session_keyring); | |
82 | if (!info) | |
83 | return -ENOMEM; | |
84 | ||
85 | key_get(session_keyring); | |
86 | return call_usermodehelper_exec(info, wait); | |
685bfd2c ON |
87 | } |
88 | ||
1da177e4 | 89 | /* |
973c9f4f | 90 | * Request userspace finish the construction of a key |
b5f545c8 | 91 | * - execute "/sbin/request-key <op> <key> <uid> <gid> <keyring> <keyring> <keyring>" |
1da177e4 | 92 | */ |
822ad64d | 93 | static int call_sbin_request_key(struct key *authkey, void *aux) |
1da177e4 | 94 | { |
377e7a27 | 95 | static char const request_key[] = "/sbin/request-key"; |
822ad64d | 96 | struct request_key_auth *rka = get_request_key_auth(authkey); |
86a264ab | 97 | const struct cred *cred = current_cred(); |
1da177e4 | 98 | key_serial_t prkey, sskey; |
822ad64d | 99 | struct key *key = rka->target_key, *keyring, *session; |
b5f545c8 | 100 | char *argv[9], *envp[3], uid_str[12], gid_str[12]; |
1da177e4 | 101 | char key_str[12], keyring_str[3][12]; |
b5f545c8 | 102 | char desc[20]; |
3e30148c DH |
103 | int ret, i; |
104 | ||
822ad64d | 105 | kenter("{%d},{%d},%s", key->serial, authkey->serial, rka->op); |
3e30148c | 106 | |
8bbf4976 DH |
107 | ret = install_user_keyrings(); |
108 | if (ret < 0) | |
109 | goto error_alloc; | |
110 | ||
b5f545c8 DH |
111 | /* allocate a new session keyring */ |
112 | sprintf(desc, "_req.%u", key->serial); | |
113 | ||
d84f4f99 DH |
114 | cred = get_current_cred(); |
115 | keyring = keyring_alloc(desc, cred->fsuid, cred->fsgid, cred, | |
96b5c8fe | 116 | KEY_POS_ALL | KEY_USR_VIEW | KEY_USR_READ, |
5ac7eace | 117 | KEY_ALLOC_QUOTA_OVERRUN, NULL, NULL); |
d84f4f99 | 118 | put_cred(cred); |
b5f545c8 DH |
119 | if (IS_ERR(keyring)) { |
120 | ret = PTR_ERR(keyring); | |
121 | goto error_alloc; | |
3e30148c | 122 | } |
1da177e4 | 123 | |
b5f545c8 | 124 | /* attach the auth key to the session keyring */ |
896903c2 | 125 | ret = key_link(keyring, authkey); |
b5f545c8 DH |
126 | if (ret < 0) |
127 | goto error_link; | |
128 | ||
1da177e4 | 129 | /* record the UID and GID */ |
9a56c2db EB |
130 | sprintf(uid_str, "%d", from_kuid(&init_user_ns, cred->fsuid)); |
131 | sprintf(gid_str, "%d", from_kgid(&init_user_ns, cred->fsgid)); | |
1da177e4 LT |
132 | |
133 | /* we say which key is under construction */ | |
134 | sprintf(key_str, "%d", key->serial); | |
135 | ||
136 | /* we specify the process's default keyrings */ | |
137 | sprintf(keyring_str[0], "%d", | |
d84f4f99 | 138 | cred->thread_keyring ? cred->thread_keyring->serial : 0); |
1da177e4 LT |
139 | |
140 | prkey = 0; | |
3a50597d DH |
141 | if (cred->process_keyring) |
142 | prkey = cred->process_keyring->serial; | |
5ad18a0d | 143 | sprintf(keyring_str[1], "%d", prkey); |
1da177e4 | 144 | |
5c7e372c | 145 | session = cred->session_keyring; |
93b4a44f DH |
146 | if (!session) |
147 | session = cred->user->session_keyring; | |
148 | sskey = session->serial; | |
1da177e4 | 149 | |
1da177e4 LT |
150 | sprintf(keyring_str[2], "%d", sskey); |
151 | ||
152 | /* set up a minimal environment */ | |
153 | i = 0; | |
154 | envp[i++] = "HOME=/"; | |
155 | envp[i++] = "PATH=/sbin:/bin:/usr/sbin:/usr/bin"; | |
156 | envp[i] = NULL; | |
157 | ||
158 | /* set up the argument list */ | |
159 | i = 0; | |
377e7a27 | 160 | argv[i++] = (char *)request_key; |
822ad64d | 161 | argv[i++] = (char *)rka->op; |
1da177e4 LT |
162 | argv[i++] = key_str; |
163 | argv[i++] = uid_str; | |
164 | argv[i++] = gid_str; | |
165 | argv[i++] = keyring_str[0]; | |
166 | argv[i++] = keyring_str[1]; | |
167 | argv[i++] = keyring_str[2]; | |
1da177e4 LT |
168 | argv[i] = NULL; |
169 | ||
170 | /* do it */ | |
377e7a27 | 171 | ret = call_usermodehelper_keys(request_key, argv, envp, keyring, |
86313c48 | 172 | UMH_WAIT_PROC); |
76181c13 DH |
173 | kdebug("usermode -> 0x%x", ret); |
174 | if (ret >= 0) { | |
175 | /* ret is the exit/wait code */ | |
176 | if (test_bit(KEY_FLAG_USER_CONSTRUCT, &key->flags) || | |
177 | key_validate(key) < 0) | |
178 | ret = -ENOKEY; | |
179 | else | |
180 | /* ignore any errors from userspace if the key was | |
181 | * instantiated */ | |
182 | ret = 0; | |
183 | } | |
3e30148c | 184 | |
b5f545c8 DH |
185 | error_link: |
186 | key_put(keyring); | |
3e30148c | 187 | |
b5f545c8 | 188 | error_alloc: |
822ad64d | 189 | complete_request_key(authkey, ret); |
d84f4f99 | 190 | kleave(" = %d", ret); |
3e30148c | 191 | return ret; |
76181c13 | 192 | } |
1da177e4 | 193 | |
1da177e4 | 194 | /* |
973c9f4f DH |
195 | * Call out to userspace for key construction. |
196 | * | |
197 | * Program failure is ignored in favour of key status. | |
1da177e4 | 198 | */ |
4a38e122 | 199 | static int construct_key(struct key *key, const void *callout_info, |
8bbf4976 DH |
200 | size_t callout_len, void *aux, |
201 | struct key *dest_keyring) | |
1da177e4 | 202 | { |
b5f545c8 | 203 | request_key_actor_t actor; |
76181c13 DH |
204 | struct key *authkey; |
205 | int ret; | |
1da177e4 | 206 | |
4a38e122 | 207 | kenter("%d,%p,%zu,%p", key->serial, callout_info, callout_len, aux); |
3e30148c | 208 | |
b5f545c8 | 209 | /* allocate an authorisation key */ |
822ad64d | 210 | authkey = request_key_auth_new(key, "create", callout_info, callout_len, |
8bbf4976 | 211 | dest_keyring); |
822ad64d DH |
212 | if (IS_ERR(authkey)) |
213 | return PTR_ERR(authkey); | |
76181c13 | 214 | |
822ad64d DH |
215 | /* Make the call */ |
216 | actor = call_sbin_request_key; | |
217 | if (key->type->request_key) | |
218 | actor = key->type->request_key; | |
76181c13 | 219 | |
822ad64d | 220 | ret = actor(authkey, aux); |
76181c13 | 221 | |
822ad64d DH |
222 | /* check that the actor called complete_request_key() prior to |
223 | * returning an error */ | |
224 | WARN_ON(ret < 0 && | |
a09003b5 | 225 | !test_bit(KEY_FLAG_INVALIDATED, &authkey->flags)); |
1da177e4 | 226 | |
822ad64d | 227 | key_put(authkey); |
76181c13 DH |
228 | kleave(" = %d", ret); |
229 | return ret; | |
230 | } | |
1da177e4 | 231 | |
3e30148c | 232 | /* |
973c9f4f DH |
233 | * Get the appropriate destination keyring for the request. |
234 | * | |
235 | * The keyring selected is returned with an extra reference upon it which the | |
236 | * caller must release. | |
3e30148c | 237 | */ |
4dca6ea1 | 238 | static int construct_get_dest_keyring(struct key **_dest_keyring) |
3e30148c | 239 | { |
8bbf4976 | 240 | struct request_key_auth *rka; |
bb952bb9 | 241 | const struct cred *cred = current_cred(); |
8bbf4976 | 242 | struct key *dest_keyring = *_dest_keyring, *authkey; |
4dca6ea1 | 243 | int ret; |
3e30148c | 244 | |
8bbf4976 | 245 | kenter("%p", dest_keyring); |
3e30148c DH |
246 | |
247 | /* find the appropriate keyring */ | |
8bbf4976 DH |
248 | if (dest_keyring) { |
249 | /* the caller supplied one */ | |
250 | key_get(dest_keyring); | |
251 | } else { | |
4dca6ea1 EB |
252 | bool do_perm_check = true; |
253 | ||
8bbf4976 DH |
254 | /* use a default keyring; falling through the cases until we |
255 | * find one that we actually have */ | |
bb952bb9 | 256 | switch (cred->jit_keyring) { |
3e30148c | 257 | case KEY_REQKEY_DEFL_DEFAULT: |
8bbf4976 | 258 | case KEY_REQKEY_DEFL_REQUESTOR_KEYRING: |
bb952bb9 DH |
259 | if (cred->request_key_auth) { |
260 | authkey = cred->request_key_auth; | |
8bbf4976 | 261 | down_read(&authkey->sem); |
822ad64d | 262 | rka = get_request_key_auth(authkey); |
8bbf4976 DH |
263 | if (!test_bit(KEY_FLAG_REVOKED, |
264 | &authkey->flags)) | |
265 | dest_keyring = | |
266 | key_get(rka->dest_keyring); | |
267 | up_read(&authkey->sem); | |
4dca6ea1 EB |
268 | if (dest_keyring) { |
269 | do_perm_check = false; | |
8bbf4976 | 270 | break; |
4dca6ea1 | 271 | } |
8bbf4976 DH |
272 | } |
273 | ||
23711df7 | 274 | /* fall through */ |
3e30148c | 275 | case KEY_REQKEY_DEFL_THREAD_KEYRING: |
bb952bb9 | 276 | dest_keyring = key_get(cred->thread_keyring); |
3e30148c DH |
277 | if (dest_keyring) |
278 | break; | |
279 | ||
23711df7 | 280 | /* fall through */ |
3e30148c | 281 | case KEY_REQKEY_DEFL_PROCESS_KEYRING: |
3a50597d | 282 | dest_keyring = key_get(cred->process_keyring); |
3e30148c DH |
283 | if (dest_keyring) |
284 | break; | |
285 | ||
23711df7 | 286 | /* fall through */ |
3e30148c | 287 | case KEY_REQKEY_DEFL_SESSION_KEYRING: |
5c7e372c | 288 | dest_keyring = key_get(cred->session_keyring); |
3e30148c DH |
289 | |
290 | if (dest_keyring) | |
291 | break; | |
292 | ||
23711df7 | 293 | /* fall through */ |
3e30148c | 294 | case KEY_REQKEY_DEFL_USER_SESSION_KEYRING: |
b6dff3ec | 295 | dest_keyring = |
0b9dc6c9 | 296 | key_get(READ_ONCE(cred->user->session_keyring)); |
3e30148c DH |
297 | break; |
298 | ||
299 | case KEY_REQKEY_DEFL_USER_KEYRING: | |
0b9dc6c9 JH |
300 | dest_keyring = |
301 | key_get(READ_ONCE(cred->user->uid_keyring)); | |
3e30148c DH |
302 | break; |
303 | ||
304 | case KEY_REQKEY_DEFL_GROUP_KEYRING: | |
305 | default: | |
306 | BUG(); | |
307 | } | |
4dca6ea1 EB |
308 | |
309 | /* | |
310 | * Require Write permission on the keyring. This is essential | |
311 | * because the default keyring may be the session keyring, and | |
312 | * joining a keyring only requires Search permission. | |
313 | * | |
314 | * However, this check is skipped for the "requestor keyring" so | |
315 | * that /sbin/request-key can itself use request_key() to add | |
316 | * keys to the original requestor's destination keyring. | |
317 | */ | |
318 | if (dest_keyring && do_perm_check) { | |
319 | ret = key_permission(make_key_ref(dest_keyring, 1), | |
320 | KEY_NEED_WRITE); | |
321 | if (ret) { | |
322 | key_put(dest_keyring); | |
323 | return ret; | |
324 | } | |
325 | } | |
3e30148c DH |
326 | } |
327 | ||
8bbf4976 DH |
328 | *_dest_keyring = dest_keyring; |
329 | kleave(" [dk %d]", key_serial(dest_keyring)); | |
4dca6ea1 | 330 | return 0; |
76181c13 | 331 | } |
3e30148c | 332 | |
76181c13 | 333 | /* |
973c9f4f DH |
334 | * Allocate a new key in under-construction state and attempt to link it in to |
335 | * the requested keyring. | |
336 | * | |
337 | * May return a key that's already under construction instead if there was a | |
338 | * race between two thread calling request_key(). | |
76181c13 | 339 | */ |
4bdf0bc3 | 340 | static int construct_alloc_key(struct keyring_search_context *ctx, |
76181c13 DH |
341 | struct key *dest_keyring, |
342 | unsigned long flags, | |
343 | struct key_user *user, | |
344 | struct key **_key) | |
345 | { | |
df593ee2 | 346 | struct assoc_array_edit *edit = NULL; |
76181c13 | 347 | struct key *key; |
96b5c8fe | 348 | key_perm_t perm; |
76181c13 | 349 | key_ref_t key_ref; |
2b9e4688 | 350 | int ret; |
76181c13 | 351 | |
4bdf0bc3 DH |
352 | kenter("%s,%s,,,", |
353 | ctx->index_key.type->name, ctx->index_key.description); | |
76181c13 | 354 | |
f70e2e06 | 355 | *_key = NULL; |
76181c13 DH |
356 | mutex_lock(&user->cons_lock); |
357 | ||
96b5c8fe DH |
358 | perm = KEY_POS_VIEW | KEY_POS_SEARCH | KEY_POS_LINK | KEY_POS_SETATTR; |
359 | perm |= KEY_USR_VIEW; | |
4bdf0bc3 | 360 | if (ctx->index_key.type->read) |
96b5c8fe | 361 | perm |= KEY_POS_READ; |
4bdf0bc3 DH |
362 | if (ctx->index_key.type == &key_type_keyring || |
363 | ctx->index_key.type->update) | |
96b5c8fe DH |
364 | perm |= KEY_POS_WRITE; |
365 | ||
4bdf0bc3 DH |
366 | key = key_alloc(ctx->index_key.type, ctx->index_key.description, |
367 | ctx->cred->fsuid, ctx->cred->fsgid, ctx->cred, | |
5ac7eace | 368 | perm, flags, NULL); |
76181c13 DH |
369 | if (IS_ERR(key)) |
370 | goto alloc_failed; | |
371 | ||
372 | set_bit(KEY_FLAG_USER_CONSTRUCT, &key->flags); | |
373 | ||
f70e2e06 | 374 | if (dest_keyring) { |
df593ee2 DH |
375 | ret = __key_link_lock(dest_keyring, &ctx->index_key); |
376 | if (ret < 0) | |
377 | goto link_lock_failed; | |
b2a4df20 | 378 | ret = __key_link_begin(dest_keyring, &ctx->index_key, &edit); |
f70e2e06 DH |
379 | if (ret < 0) |
380 | goto link_prealloc_failed; | |
381 | } | |
76181c13 DH |
382 | |
383 | /* attach the key to the destination keyring under lock, but we do need | |
384 | * to do another check just in case someone beat us to it whilst we | |
385 | * waited for locks */ | |
386 | mutex_lock(&key_construction_mutex); | |
387 | ||
4bdf0bc3 | 388 | key_ref = search_process_keyrings(ctx); |
76181c13 DH |
389 | if (!IS_ERR(key_ref)) |
390 | goto key_already_present; | |
391 | ||
34574dd1 | 392 | if (dest_keyring) |
b2a4df20 | 393 | __key_link(key, &edit); |
76181c13 DH |
394 | |
395 | mutex_unlock(&key_construction_mutex); | |
34574dd1 | 396 | if (dest_keyring) |
b2a4df20 | 397 | __key_link_end(dest_keyring, &ctx->index_key, edit); |
76181c13 DH |
398 | mutex_unlock(&user->cons_lock); |
399 | *_key = key; | |
400 | kleave(" = 0 [%d]", key_serial(key)); | |
401 | return 0; | |
402 | ||
2b9e4688 DH |
403 | /* the key is now present - we tell the caller that we found it by |
404 | * returning -EINPROGRESS */ | |
76181c13 | 405 | key_already_present: |
f70e2e06 | 406 | key_put(key); |
76181c13 | 407 | mutex_unlock(&key_construction_mutex); |
f70e2e06 | 408 | key = key_ref_to_ptr(key_ref); |
03449cd9 | 409 | if (dest_keyring) { |
f70e2e06 DH |
410 | ret = __key_link_check_live_key(dest_keyring, key); |
411 | if (ret == 0) | |
b2a4df20 DH |
412 | __key_link(key, &edit); |
413 | __key_link_end(dest_keyring, &ctx->index_key, edit); | |
f70e2e06 DH |
414 | if (ret < 0) |
415 | goto link_check_failed; | |
03449cd9 | 416 | } |
76181c13 | 417 | mutex_unlock(&user->cons_lock); |
f70e2e06 | 418 | *_key = key; |
76181c13 DH |
419 | kleave(" = -EINPROGRESS [%d]", key_serial(key)); |
420 | return -EINPROGRESS; | |
421 | ||
f70e2e06 DH |
422 | link_check_failed: |
423 | mutex_unlock(&user->cons_lock); | |
424 | key_put(key); | |
425 | kleave(" = %d [linkcheck]", ret); | |
426 | return ret; | |
427 | ||
428 | link_prealloc_failed: | |
df593ee2 DH |
429 | __key_link_end(dest_keyring, &ctx->index_key, edit); |
430 | link_lock_failed: | |
f70e2e06 | 431 | mutex_unlock(&user->cons_lock); |
d0709f1e | 432 | key_put(key); |
f70e2e06 DH |
433 | kleave(" = %d [prelink]", ret); |
434 | return ret; | |
435 | ||
76181c13 DH |
436 | alloc_failed: |
437 | mutex_unlock(&user->cons_lock); | |
76181c13 DH |
438 | kleave(" = %ld", PTR_ERR(key)); |
439 | return PTR_ERR(key); | |
440 | } | |
441 | ||
442 | /* | |
973c9f4f | 443 | * Commence key construction. |
76181c13 | 444 | */ |
4bdf0bc3 | 445 | static struct key *construct_key_and_link(struct keyring_search_context *ctx, |
76181c13 | 446 | const char *callout_info, |
4a38e122 | 447 | size_t callout_len, |
76181c13 DH |
448 | void *aux, |
449 | struct key *dest_keyring, | |
450 | unsigned long flags) | |
451 | { | |
452 | struct key_user *user; | |
453 | struct key *key; | |
454 | int ret; | |
455 | ||
d84f4f99 DH |
456 | kenter(""); |
457 | ||
911b79cd DH |
458 | if (ctx->index_key.type == &key_type_keyring) |
459 | return ERR_PTR(-EPERM); | |
965475ac | 460 | |
4dca6ea1 EB |
461 | ret = construct_get_dest_keyring(&dest_keyring); |
462 | if (ret) | |
463 | goto error; | |
76181c13 | 464 | |
4dca6ea1 EB |
465 | user = key_user_lookup(current_fsuid()); |
466 | if (!user) { | |
467 | ret = -ENOMEM; | |
468 | goto error_put_dest_keyring; | |
469 | } | |
8bbf4976 | 470 | |
4bdf0bc3 | 471 | ret = construct_alloc_key(ctx, dest_keyring, flags, user, &key); |
76181c13 DH |
472 | key_user_put(user); |
473 | ||
474 | if (ret == 0) { | |
8bbf4976 DH |
475 | ret = construct_key(key, callout_info, callout_len, aux, |
476 | dest_keyring); | |
d84f4f99 DH |
477 | if (ret < 0) { |
478 | kdebug("cons failed"); | |
76181c13 | 479 | goto construction_failed; |
d84f4f99 | 480 | } |
2b9e4688 DH |
481 | } else if (ret == -EINPROGRESS) { |
482 | ret = 0; | |
483 | } else { | |
4dca6ea1 | 484 | goto error_put_dest_keyring; |
76181c13 DH |
485 | } |
486 | ||
8bbf4976 | 487 | key_put(dest_keyring); |
d84f4f99 | 488 | kleave(" = key %d", key_serial(key)); |
76181c13 DH |
489 | return key; |
490 | ||
491 | construction_failed: | |
492 | key_negate_and_link(key, key_negative_timeout, NULL, NULL); | |
493 | key_put(key); | |
4dca6ea1 | 494 | error_put_dest_keyring: |
8bbf4976 | 495 | key_put(dest_keyring); |
4dca6ea1 | 496 | error: |
d84f4f99 | 497 | kleave(" = %d", ret); |
76181c13 DH |
498 | return ERR_PTR(ret); |
499 | } | |
3e30148c | 500 | |
973c9f4f DH |
501 | /** |
502 | * request_key_and_link - Request a key and cache it in a keyring. | |
503 | * @type: The type of key we want. | |
504 | * @description: The searchable description of the key. | |
505 | * @callout_info: The data to pass to the instantiation upcall (or NULL). | |
506 | * @callout_len: The length of callout_info. | |
507 | * @aux: Auxiliary data for the upcall. | |
508 | * @dest_keyring: Where to cache the key. | |
509 | * @flags: Flags to key_alloc(). | |
510 | * | |
511 | * A key matching the specified criteria is searched for in the process's | |
512 | * keyrings and returned with its usage count incremented if found. Otherwise, | |
513 | * if callout_info is not NULL, a key will be allocated and some service | |
514 | * (probably in userspace) will be asked to instantiate it. | |
515 | * | |
516 | * If successfully found or created, the key will be linked to the destination | |
517 | * keyring if one is provided. | |
518 | * | |
519 | * Returns a pointer to the key if successful; -EACCES, -ENOKEY, -EKEYREVOKED | |
520 | * or -EKEYEXPIRED if an inaccessible, negative, revoked or expired key was | |
521 | * found; -ENOKEY if no key was found and no @callout_info was given; -EDQUOT | |
522 | * if insufficient key quota was available to create a new key; or -ENOMEM if | |
523 | * insufficient memory was available. | |
524 | * | |
525 | * If the returned key was created, then it may still be under construction, | |
526 | * and wait_for_key_construction() should be used to wait for that to complete. | |
1da177e4 | 527 | */ |
3e30148c DH |
528 | struct key *request_key_and_link(struct key_type *type, |
529 | const char *description, | |
4a38e122 DH |
530 | const void *callout_info, |
531 | size_t callout_len, | |
4e54f085 | 532 | void *aux, |
7e047ef5 DH |
533 | struct key *dest_keyring, |
534 | unsigned long flags) | |
1da177e4 | 535 | { |
4bdf0bc3 DH |
536 | struct keyring_search_context ctx = { |
537 | .index_key.type = type, | |
538 | .index_key.description = description, | |
ede0fa98 | 539 | .index_key.desc_len = strlen(description), |
4bdf0bc3 | 540 | .cred = current_cred(), |
c06cfb08 | 541 | .match_data.cmp = key_default_cmp, |
46291959 DH |
542 | .match_data.raw_data = description, |
543 | .match_data.lookup_type = KEYRING_SEARCH_LOOKUP_DIRECT, | |
0b0a8415 DH |
544 | .flags = (KEYRING_SEARCH_DO_STATE_CHECK | |
545 | KEYRING_SEARCH_SKIP_EXPIRED), | |
4bdf0bc3 | 546 | }; |
1da177e4 | 547 | struct key *key; |
664cceb0 | 548 | key_ref_t key_ref; |
2b9e4688 | 549 | int ret; |
1da177e4 | 550 | |
4a38e122 | 551 | kenter("%s,%s,%p,%zu,%p,%p,%lx", |
4bdf0bc3 DH |
552 | ctx.index_key.type->name, ctx.index_key.description, |
553 | callout_info, callout_len, aux, dest_keyring, flags); | |
3e30148c | 554 | |
46291959 DH |
555 | if (type->match_preparse) { |
556 | ret = type->match_preparse(&ctx.match_data); | |
557 | if (ret < 0) { | |
558 | key = ERR_PTR(ret); | |
559 | goto error; | |
560 | } | |
561 | } | |
562 | ||
1da177e4 | 563 | /* search all the process keyrings for a key */ |
4bdf0bc3 | 564 | key_ref = search_process_keyrings(&ctx); |
1da177e4 | 565 | |
664cceb0 | 566 | if (!IS_ERR(key_ref)) { |
504b69eb DH |
567 | if (dest_keyring) { |
568 | ret = key_task_permission(key_ref, current_cred(), | |
569 | KEY_NEED_LINK); | |
570 | if (ret < 0) { | |
571 | key_ref_put(key_ref); | |
572 | key = ERR_PTR(ret); | |
573 | goto error_free; | |
574 | } | |
575 | } | |
576 | ||
664cceb0 | 577 | key = key_ref_to_ptr(key_ref); |
03449cd9 | 578 | if (dest_keyring) { |
2b9e4688 | 579 | ret = key_link(dest_keyring, key); |
2b9e4688 DH |
580 | if (ret < 0) { |
581 | key_put(key); | |
582 | key = ERR_PTR(ret); | |
46291959 | 583 | goto error_free; |
2b9e4688 | 584 | } |
03449cd9 | 585 | } |
76181c13 | 586 | } else if (PTR_ERR(key_ref) != -EAGAIN) { |
e231c2ee | 587 | key = ERR_CAST(key_ref); |
76181c13 | 588 | } else { |
1da177e4 LT |
589 | /* the search failed, but the keyrings were searchable, so we |
590 | * should consult userspace if we can */ | |
591 | key = ERR_PTR(-ENOKEY); | |
592 | if (!callout_info) | |
46291959 | 593 | goto error_free; |
1da177e4 | 594 | |
4bdf0bc3 DH |
595 | key = construct_key_and_link(&ctx, callout_info, callout_len, |
596 | aux, dest_keyring, flags); | |
1da177e4 LT |
597 | } |
598 | ||
46291959 DH |
599 | error_free: |
600 | if (type->match_free) | |
601 | type->match_free(&ctx.match_data); | |
3e30148c DH |
602 | error: |
603 | kleave(" = %p", key); | |
1da177e4 | 604 | return key; |
76181c13 | 605 | } |
1da177e4 | 606 | |
973c9f4f DH |
607 | /** |
608 | * wait_for_key_construction - Wait for construction of a key to complete | |
609 | * @key: The key being waited for. | |
610 | * @intr: Whether to wait interruptibly. | |
611 | * | |
612 | * Wait for a key to finish being constructed. | |
613 | * | |
614 | * Returns 0 if successful; -ERESTARTSYS if the wait was interrupted; -ENOKEY | |
615 | * if the key was negated; or -EKEYREVOKED or -EKEYEXPIRED if the key was | |
616 | * revoked or expired. | |
76181c13 DH |
617 | */ |
618 | int wait_for_key_construction(struct key *key, bool intr) | |
619 | { | |
620 | int ret; | |
3e30148c | 621 | |
76181c13 | 622 | ret = wait_on_bit(&key->flags, KEY_FLAG_USER_CONSTRUCT, |
76181c13 | 623 | intr ? TASK_INTERRUPTIBLE : TASK_UNINTERRUPTIBLE); |
74316201 N |
624 | if (ret) |
625 | return -ERESTARTSYS; | |
363b02da DH |
626 | ret = key_read_state(key); |
627 | if (ret < 0) | |
628 | return ret; | |
76181c13 DH |
629 | return key_validate(key); |
630 | } | |
631 | EXPORT_SYMBOL(wait_for_key_construction); | |
3e30148c | 632 | |
973c9f4f DH |
633 | /** |
634 | * request_key - Request a key and wait for construction | |
635 | * @type: Type of key. | |
636 | * @description: The searchable description of the key. | |
637 | * @callout_info: The data to pass to the instantiation upcall (or NULL). | |
638 | * | |
639 | * As for request_key_and_link() except that it does not add the returned key | |
640 | * to a keyring if found, new keys are always allocated in the user's quota, | |
641 | * the callout_info must be a NUL-terminated string and no auxiliary data can | |
642 | * be passed. | |
643 | * | |
644 | * Furthermore, it then works as wait_for_key_construction() to wait for the | |
645 | * completion of keys undergoing construction with a non-interruptible wait. | |
3e30148c DH |
646 | */ |
647 | struct key *request_key(struct key_type *type, | |
648 | const char *description, | |
649 | const char *callout_info) | |
650 | { | |
76181c13 | 651 | struct key *key; |
4a38e122 | 652 | size_t callout_len = 0; |
76181c13 DH |
653 | int ret; |
654 | ||
4a38e122 DH |
655 | if (callout_info) |
656 | callout_len = strlen(callout_info); | |
657 | key = request_key_and_link(type, description, callout_info, callout_len, | |
658 | NULL, NULL, KEY_ALLOC_IN_QUOTA); | |
76181c13 DH |
659 | if (!IS_ERR(key)) { |
660 | ret = wait_for_key_construction(key, false); | |
661 | if (ret < 0) { | |
662 | key_put(key); | |
663 | return ERR_PTR(ret); | |
664 | } | |
665 | } | |
666 | return key; | |
667 | } | |
1da177e4 | 668 | EXPORT_SYMBOL(request_key); |
4e54f085 | 669 | |
973c9f4f DH |
670 | /** |
671 | * request_key_with_auxdata - Request a key with auxiliary data for the upcaller | |
672 | * @type: The type of key we want. | |
673 | * @description: The searchable description of the key. | |
674 | * @callout_info: The data to pass to the instantiation upcall (or NULL). | |
675 | * @callout_len: The length of callout_info. | |
676 | * @aux: Auxiliary data for the upcall. | |
677 | * | |
678 | * As for request_key_and_link() except that it does not add the returned key | |
679 | * to a keyring if found and new keys are always allocated in the user's quota. | |
680 | * | |
681 | * Furthermore, it then works as wait_for_key_construction() to wait for the | |
682 | * completion of keys undergoing construction with a non-interruptible wait. | |
4e54f085 DH |
683 | */ |
684 | struct key *request_key_with_auxdata(struct key_type *type, | |
685 | const char *description, | |
4a38e122 DH |
686 | const void *callout_info, |
687 | size_t callout_len, | |
4e54f085 DH |
688 | void *aux) |
689 | { | |
76181c13 DH |
690 | struct key *key; |
691 | int ret; | |
692 | ||
4a38e122 DH |
693 | key = request_key_and_link(type, description, callout_info, callout_len, |
694 | aux, NULL, KEY_ALLOC_IN_QUOTA); | |
76181c13 DH |
695 | if (!IS_ERR(key)) { |
696 | ret = wait_for_key_construction(key, false); | |
697 | if (ret < 0) { | |
698 | key_put(key); | |
699 | return ERR_PTR(ret); | |
700 | } | |
701 | } | |
702 | return key; | |
703 | } | |
704 | EXPORT_SYMBOL(request_key_with_auxdata); | |
4e54f085 | 705 | |
76181c13 | 706 | /* |
973c9f4f DH |
707 | * request_key_async - Request a key (allow async construction) |
708 | * @type: Type of key. | |
709 | * @description: The searchable description of the key. | |
710 | * @callout_info: The data to pass to the instantiation upcall (or NULL). | |
711 | * @callout_len: The length of callout_info. | |
712 | * | |
713 | * As for request_key_and_link() except that it does not add the returned key | |
714 | * to a keyring if found, new keys are always allocated in the user's quota and | |
715 | * no auxiliary data can be passed. | |
716 | * | |
717 | * The caller should call wait_for_key_construction() to wait for the | |
718 | * completion of the returned key if it is still undergoing construction. | |
76181c13 DH |
719 | */ |
720 | struct key *request_key_async(struct key_type *type, | |
721 | const char *description, | |
4a38e122 DH |
722 | const void *callout_info, |
723 | size_t callout_len) | |
76181c13 | 724 | { |
4a38e122 DH |
725 | return request_key_and_link(type, description, callout_info, |
726 | callout_len, NULL, NULL, | |
727 | KEY_ALLOC_IN_QUOTA); | |
76181c13 DH |
728 | } |
729 | EXPORT_SYMBOL(request_key_async); | |
4e54f085 | 730 | |
76181c13 DH |
731 | /* |
732 | * request a key with auxiliary data for the upcaller (allow async construction) | |
973c9f4f DH |
733 | * @type: Type of key. |
734 | * @description: The searchable description of the key. | |
735 | * @callout_info: The data to pass to the instantiation upcall (or NULL). | |
736 | * @callout_len: The length of callout_info. | |
737 | * @aux: Auxiliary data for the upcall. | |
738 | * | |
739 | * As for request_key_and_link() except that it does not add the returned key | |
740 | * to a keyring if found and new keys are always allocated in the user's quota. | |
741 | * | |
742 | * The caller should call wait_for_key_construction() to wait for the | |
743 | * completion of the returned key if it is still undergoing construction. | |
76181c13 DH |
744 | */ |
745 | struct key *request_key_async_with_auxdata(struct key_type *type, | |
746 | const char *description, | |
4a38e122 DH |
747 | const void *callout_info, |
748 | size_t callout_len, | |
76181c13 DH |
749 | void *aux) |
750 | { | |
4a38e122 DH |
751 | return request_key_and_link(type, description, callout_info, |
752 | callout_len, aux, NULL, KEY_ALLOC_IN_QUOTA); | |
76181c13 DH |
753 | } |
754 | EXPORT_SYMBOL(request_key_async_with_auxdata); |