1 /* keyctl.c: userspace keyctl operations
3 * Copyright (C) 2004-5 Red Hat, Inc. All Rights Reserved.
4 * Written by David Howells (dhowells@redhat.com)
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
12 #include <linux/module.h>
13 #include <linux/init.h>
14 #include <linux/sched.h>
15 #include <linux/slab.h>
16 #include <linux/syscalls.h>
17 #include <linux/keyctl.h>
19 #include <linux/err.h>
20 #include <asm/uaccess.h>
23 /*****************************************************************************/
25 * extract the description of a new key from userspace and either add it as a
26 * new key to the specified keyring or update a matching key in that keyring
27 * - the keyring must be writable
28 * - returns the new key's serial number
29 * - implements add_key()
31 asmlinkage long sys_add_key(const char __user *_type,
32 const char __user *_description,
33 const void __user *_payload,
37 struct key *keyring, *key;
38 char type[32], *description;
46 /* draw all the data into kernel space */
47 ret = strncpy_from_user(type, _type, sizeof(type) - 1);
57 dlen = strnlen_user(_description, PAGE_SIZE - 1);
62 if (dlen > PAGE_SIZE - 1)
66 description = kmalloc(dlen + 1, GFP_KERNEL);
71 if (copy_from_user(description, _description, dlen + 1) != 0)
74 /* pull the payload in if one was supplied */
79 payload = kmalloc(plen, GFP_KERNEL);
84 if (copy_from_user(payload, _payload, plen) != 0)
88 /* find the target keyring (which must be writable) */
89 keyring = lookup_user_key(NULL, ringid, 1, 0, KEY_WRITE);
90 if (IS_ERR(keyring)) {
91 ret = PTR_ERR(keyring);
95 /* create or update the requested key and add it to the target
97 key = key_create_or_update(keyring, type, description,
115 } /* end sys_add_key() */
117 /*****************************************************************************/
119 * search the process keyrings for a matching key
120 * - nested keyrings may also be searched if they have Search permission
121 * - if a key is found, it will be attached to the destination keyring if
122 * there's one specified
123 * - /sbin/request-key will be invoked if _callout_info is non-NULL
124 * - the _callout_info string will be passed to /sbin/request-key
125 * - if the _callout_info string is empty, it will be rendered as "-"
126 * - implements request_key()
128 asmlinkage long sys_request_key(const char __user *_type,
129 const char __user *_description,
130 const char __user *_callout_info,
131 key_serial_t destringid)
133 struct key_type *ktype;
134 struct key *key, *dest;
135 char type[32], *description, *callout_info;
138 /* pull the type into kernel space */
139 ret = strncpy_from_user(type, _type, sizeof(type) - 1);
148 /* pull the description into kernel space */
150 dlen = strnlen_user(_description, PAGE_SIZE - 1);
155 if (dlen > PAGE_SIZE - 1)
159 description = kmalloc(dlen + 1, GFP_KERNEL);
164 if (copy_from_user(description, _description, dlen + 1) != 0)
167 /* pull the callout info into kernel space */
171 dlen = strnlen_user(_callout_info, PAGE_SIZE - 1);
176 if (dlen > PAGE_SIZE - 1)
180 callout_info = kmalloc(dlen + 1, GFP_KERNEL);
185 if (copy_from_user(callout_info, _callout_info, dlen + 1) != 0)
189 /* get the destination keyring if specified */
192 dest = lookup_user_key(NULL, destringid, 1, 0, KEY_WRITE);
199 /* find the key type */
200 ktype = key_type_lookup(type);
202 ret = PTR_ERR(ktype);
207 key = request_key_and_link(ktype, description, callout_info, dest);
227 } /* end sys_request_key() */
229 /*****************************************************************************/
231 * get the ID of the specified process keyring
232 * - the keyring must have search permission to be found
233 * - implements keyctl(KEYCTL_GET_KEYRING_ID)
235 long keyctl_get_keyring_ID(key_serial_t id, int create)
240 key = lookup_user_key(NULL, id, create, 0, KEY_SEARCH);
251 } /* end keyctl_get_keyring_ID() */
253 /*****************************************************************************/
255 * join the session keyring
256 * - implements keyctl(KEYCTL_JOIN_SESSION_KEYRING)
258 long keyctl_join_session_keyring(const char __user *_name)
263 /* fetch the name from userspace */
267 nlen = strnlen_user(_name, PAGE_SIZE - 1);
272 if (nlen > PAGE_SIZE - 1)
276 name = kmalloc(nlen + 1, GFP_KERNEL);
281 if (copy_from_user(name, _name, nlen + 1) != 0)
285 /* join the session */
286 ret = join_session_keyring(name);
293 } /* end keyctl_join_session_keyring() */
295 /*****************************************************************************/
297 * update a key's data payload
298 * - the key must be writable
299 * - implements keyctl(KEYCTL_UPDATE)
301 long keyctl_update_key(key_serial_t id,
302 const void __user *_payload,
310 if (plen > PAGE_SIZE)
313 /* pull the payload in if one was supplied */
317 payload = kmalloc(plen, GFP_KERNEL);
322 if (copy_from_user(payload, _payload, plen) != 0)
326 /* find the target key (which must be writable) */
327 key = lookup_user_key(NULL, id, 0, 0, KEY_WRITE);
334 ret = key_update(key, payload, plen);
342 } /* end keyctl_update_key() */
344 /*****************************************************************************/
347 * - the key must be writable
348 * - implements keyctl(KEYCTL_REVOKE)
350 long keyctl_revoke_key(key_serial_t id)
355 key = lookup_user_key(NULL, id, 0, 0, KEY_WRITE);
368 } /* end keyctl_revoke_key() */
370 /*****************************************************************************/
372 * clear the specified process keyring
373 * - the keyring must be writable
374 * - implements keyctl(KEYCTL_CLEAR)
376 long keyctl_keyring_clear(key_serial_t ringid)
381 keyring = lookup_user_key(NULL, ringid, 1, 0, KEY_WRITE);
382 if (IS_ERR(keyring)) {
383 ret = PTR_ERR(keyring);
387 ret = keyring_clear(keyring);
393 } /* end keyctl_keyring_clear() */
395 /*****************************************************************************/
397 * link a key into a keyring
398 * - the keyring must be writable
399 * - the key must be linkable
400 * - implements keyctl(KEYCTL_LINK)
402 long keyctl_keyring_link(key_serial_t id, key_serial_t ringid)
404 struct key *keyring, *key;
407 keyring = lookup_user_key(NULL, ringid, 1, 0, KEY_WRITE);
408 if (IS_ERR(keyring)) {
409 ret = PTR_ERR(keyring);
413 key = lookup_user_key(NULL, id, 1, 0, KEY_LINK);
419 ret = key_link(keyring, key);
427 } /* end keyctl_keyring_link() */
429 /*****************************************************************************/
431 * unlink the first attachment of a key from a keyring
432 * - the keyring must be writable
433 * - we don't need any permissions on the key
434 * - implements keyctl(KEYCTL_UNLINK)
436 long keyctl_keyring_unlink(key_serial_t id, key_serial_t ringid)
438 struct key *keyring, *key;
441 keyring = lookup_user_key(NULL, ringid, 0, 0, KEY_WRITE);
442 if (IS_ERR(keyring)) {
443 ret = PTR_ERR(keyring);
447 key = lookup_user_key(NULL, id, 0, 0, 0);
453 ret = key_unlink(keyring, key);
461 } /* end keyctl_keyring_unlink() */
463 /*****************************************************************************/
465 * describe a user key
466 * - the key must have view permission
467 * - if there's a buffer, we place up to buflen bytes of data into it
468 * - unless there's an error, we return the amount of description available,
469 * irrespective of how much we may have copied
470 * - the description is formatted thus:
471 * type;uid;gid;perm;description<NUL>
472 * - implements keyctl(KEYCTL_DESCRIBE)
474 long keyctl_describe_key(key_serial_t keyid,
478 struct key *key, *instkey;
482 key = lookup_user_key(NULL, keyid, 0, 1, KEY_VIEW);
484 /* viewing a key under construction is permitted if we have the
485 * authorisation token handy */
486 if (PTR_ERR(key) == -EACCES) {
487 instkey = key_get_instantiation_authkey(keyid);
488 if (!IS_ERR(instkey)) {
490 key = lookup_user_key(NULL, keyid, 0, 1, 0);
501 /* calculate how much description we're going to return */
503 tmpbuf = kmalloc(PAGE_SIZE, GFP_KERNEL);
507 ret = snprintf(tmpbuf, PAGE_SIZE - 1,
513 key->description ? key->description :""
516 /* include a NUL char at the end of the data */
517 if (ret > PAGE_SIZE - 1)
522 /* consider returning the data */
523 if (buffer && buflen > 0) {
527 if (copy_to_user(buffer, tmpbuf, buflen) != 0)
537 } /* end keyctl_describe_key() */
539 /*****************************************************************************/
541 * search the specified keyring for a matching key
542 * - the start keyring must be searchable
543 * - nested keyrings may also be searched if they are searchable
544 * - only keys with search permission may be found
545 * - if a key is found, it will be attached to the destination keyring if
546 * there's one specified
547 * - implements keyctl(KEYCTL_SEARCH)
549 long keyctl_keyring_search(key_serial_t ringid,
550 const char __user *_type,
551 const char __user *_description,
552 key_serial_t destringid)
554 struct key_type *ktype;
555 struct key *keyring, *key, *dest;
556 char type[32], *description;
559 /* pull the type and description into kernel space */
560 ret = strncpy_from_user(type, _type, sizeof(type) - 1);
566 dlen = strnlen_user(_description, PAGE_SIZE - 1);
571 if (dlen > PAGE_SIZE - 1)
575 description = kmalloc(dlen + 1, GFP_KERNEL);
580 if (copy_from_user(description, _description, dlen + 1) != 0)
583 /* get the keyring at which to begin the search */
584 keyring = lookup_user_key(NULL, ringid, 0, 0, KEY_SEARCH);
585 if (IS_ERR(keyring)) {
586 ret = PTR_ERR(keyring);
590 /* get the destination keyring if specified */
593 dest = lookup_user_key(NULL, destringid, 1, 0, KEY_WRITE);
600 /* find the key type */
601 ktype = key_type_lookup(type);
603 ret = PTR_ERR(ktype);
608 key = keyring_search(keyring, ktype, description);
612 /* treat lack or presence of a negative key the same */
618 /* link the resulting key to the destination keyring if we can */
621 if (!key_permission(key, KEY_LINK))
624 ret = key_link(dest, key);
644 } /* end keyctl_keyring_search() */
646 /*****************************************************************************/
648 * see if the key we're looking at is the target key
650 static int keyctl_read_key_same(const struct key *key, const void *target)
652 return key == target;
654 } /* end keyctl_read_key_same() */
656 /*****************************************************************************/
658 * read a user key's payload
659 * - the keyring must be readable or the key must be searchable from the
661 * - if there's a buffer, we place up to buflen bytes of data into it
662 * - unless there's an error, we return the amount of data in the key,
663 * irrespective of how much we may have copied
664 * - implements keyctl(KEYCTL_READ)
666 long keyctl_read_key(key_serial_t keyid, char __user *buffer, size_t buflen)
668 struct key *key, *skey;
671 /* find the key first */
672 key = lookup_user_key(NULL, keyid, 0, 0, 0);
674 /* see if we can read it directly */
675 if (key_permission(key, KEY_READ))
678 /* we can't; see if it's searchable from this process's
680 * - we automatically take account of the fact that it may be
681 * dangling off an instantiation key
683 skey = search_process_keyrings(key->type, key,
684 keyctl_read_key_same, current);
697 /* the key is probably readable - now try to read it */
701 ret = key_validate(key);
704 if (key->type->read) {
705 /* read the data with the semaphore held (since we
707 down_read(&key->sem);
708 ret = key->type->read(key, buffer, buflen);
718 } /* end keyctl_read_key() */
720 /*****************************************************************************/
722 * change the ownership of a key
723 * - the keyring owned by the changer
724 * - if the uid or gid is -1, then that parameter is not changed
725 * - implements keyctl(KEYCTL_CHOWN)
727 long keyctl_chown_key(key_serial_t id, uid_t uid, gid_t gid)
733 if (uid == (uid_t) -1 && gid == (gid_t) -1)
736 key = lookup_user_key(NULL, id, 1, 1, 0);
742 /* make the changes with the locks held to prevent chown/chown races */
744 down_write(&key->sem);
746 if (!capable(CAP_SYS_ADMIN)) {
747 /* only the sysadmin can chown a key to some other UID */
748 if (uid != (uid_t) -1 && key->uid != uid)
751 /* only the sysadmin can set the key's GID to a group other
752 * than one of those that the current process subscribes to */
753 if (gid != (gid_t) -1 && gid != key->gid && !in_group_p(gid))
757 /* change the UID (have to update the quotas) */
758 if (uid != (uid_t) -1 && uid != key->uid) {
759 /* don't support UID changing yet */
765 if (gid != (gid_t) -1)
776 } /* end keyctl_chown_key() */
778 /*****************************************************************************/
780 * change the permission mask on a key
781 * - the keyring owned by the changer
782 * - implements keyctl(KEYCTL_SETPERM)
784 long keyctl_setperm_key(key_serial_t id, key_perm_t perm)
790 if (perm & ~(KEY_USR_ALL | KEY_GRP_ALL | KEY_OTH_ALL))
793 key = lookup_user_key(NULL, id, 1, 1, 0);
799 /* make the changes with the locks held to prevent chown/chmod races */
801 down_write(&key->sem);
803 /* if we're not the sysadmin, we can only change a key that we own */
804 if (capable(CAP_SYS_ADMIN) || key->uid == current->fsuid) {
814 } /* end keyctl_setperm_key() */
816 /*****************************************************************************/
818 * instantiate the key with the specified payload, and, if one is given, link
819 * the key into the keyring
821 long keyctl_instantiate_key(key_serial_t id,
822 const void __user *_payload,
826 struct request_key_auth *rka;
827 struct key *instkey, *keyring;
835 /* pull the payload in if one was supplied */
840 payload = kmalloc(plen, GFP_KERNEL);
845 if (copy_from_user(payload, _payload, plen) != 0)
849 /* find the instantiation authorisation key */
850 instkey = key_get_instantiation_authkey(id);
851 if (IS_ERR(instkey)) {
852 ret = PTR_ERR(instkey);
856 rka = instkey->payload.data;
858 /* find the destination keyring amongst those belonging to the
862 keyring = lookup_user_key(rka->context, ringid, 1, 0,
864 if (IS_ERR(keyring)) {
865 ret = PTR_ERR(keyring);
870 /* instantiate the key and link it into a keyring */
871 ret = key_instantiate_and_link(rka->target_key, payload, plen,
882 } /* end keyctl_instantiate_key() */
884 /*****************************************************************************/
886 * negatively instantiate the key with the given timeout (in seconds), and, if
887 * one is given, link the key into the keyring
889 long keyctl_negate_key(key_serial_t id, unsigned timeout, key_serial_t ringid)
891 struct request_key_auth *rka;
892 struct key *instkey, *keyring;
895 /* find the instantiation authorisation key */
896 instkey = key_get_instantiation_authkey(id);
897 if (IS_ERR(instkey)) {
898 ret = PTR_ERR(instkey);
902 rka = instkey->payload.data;
904 /* find the destination keyring if present (which must also be
908 keyring = lookup_user_key(NULL, ringid, 1, 0, KEY_WRITE);
909 if (IS_ERR(keyring)) {
910 ret = PTR_ERR(keyring);
915 /* instantiate the key and link it into a keyring */
916 ret = key_negate_and_link(rka->target_key, timeout, keyring, instkey);
924 } /* end keyctl_negate_key() */
926 /*****************************************************************************/
928 * set the default keyring in which request_key() will cache keys
929 * - return the old setting
931 long keyctl_set_reqkey_keyring(int reqkey_defl)
935 switch (reqkey_defl) {
936 case KEY_REQKEY_DEFL_THREAD_KEYRING:
937 ret = install_thread_keyring(current);
942 case KEY_REQKEY_DEFL_PROCESS_KEYRING:
943 ret = install_process_keyring(current);
947 case KEY_REQKEY_DEFL_DEFAULT:
948 case KEY_REQKEY_DEFL_SESSION_KEYRING:
949 case KEY_REQKEY_DEFL_USER_KEYRING:
950 case KEY_REQKEY_DEFL_USER_SESSION_KEYRING:
952 current->jit_keyring = reqkey_defl;
954 case KEY_REQKEY_DEFL_NO_CHANGE:
955 return current->jit_keyring;
957 case KEY_REQKEY_DEFL_GROUP_KEYRING:
962 } /* end keyctl_set_reqkey_keyring() */
964 /*****************************************************************************/
966 * the key control system call
968 asmlinkage long sys_keyctl(int option, unsigned long arg2, unsigned long arg3,
969 unsigned long arg4, unsigned long arg5)
972 case KEYCTL_GET_KEYRING_ID:
973 return keyctl_get_keyring_ID((key_serial_t) arg2,
976 case KEYCTL_JOIN_SESSION_KEYRING:
977 return keyctl_join_session_keyring((const char __user *) arg2);
980 return keyctl_update_key((key_serial_t) arg2,
981 (const void __user *) arg3,
985 return keyctl_revoke_key((key_serial_t) arg2);
987 case KEYCTL_DESCRIBE:
988 return keyctl_describe_key((key_serial_t) arg2,
989 (char __user *) arg3,
993 return keyctl_keyring_clear((key_serial_t) arg2);
996 return keyctl_keyring_link((key_serial_t) arg2,
997 (key_serial_t) arg3);
1000 return keyctl_keyring_unlink((key_serial_t) arg2,
1001 (key_serial_t) arg3);
1004 return keyctl_keyring_search((key_serial_t) arg2,
1005 (const char __user *) arg3,
1006 (const char __user *) arg4,
1007 (key_serial_t) arg5);
1010 return keyctl_read_key((key_serial_t) arg2,
1011 (char __user *) arg3,
1015 return keyctl_chown_key((key_serial_t) arg2,
1019 case KEYCTL_SETPERM:
1020 return keyctl_setperm_key((key_serial_t) arg2,
1023 case KEYCTL_INSTANTIATE:
1024 return keyctl_instantiate_key((key_serial_t) arg2,
1025 (const void __user *) arg3,
1027 (key_serial_t) arg5);
1030 return keyctl_negate_key((key_serial_t) arg2,
1032 (key_serial_t) arg4);
1034 case KEYCTL_SET_REQKEY_KEYRING:
1035 return keyctl_set_reqkey_keyring(arg2);
1041 } /* end sys_keyctl() */
git://ftp.safe.ca / safe / jmp / linux-2.6 / blob