1 /* request_key_auth.c: request key authorisation controlling key def 2 * 3 * Copyright (C) 2005 Red Hat, Inc. All Rights Reserved. 4 * Written by David Howells (dhowells@redhat.com) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License 8 * as published by the Free Software Foundation; either version 9 * 2 of the License, or (at your option) any later version. 10 * 11 * See Documentation/keys-request-key.txt 12 */ 13 14 #include <linux/module.h> 15 #include <linux/sched.h> 16 #include <linux/err.h> 17 #include <linux/seq_file.h> 18 #include <asm/uaccess.h> 19 #include "internal.h" 20 21 static int request_key_auth_instantiate(struct key *, const void *, size_t); 22 static void request_key_auth_describe(const struct key *, struct seq_file *); 23 static void request_key_auth_revoke(struct key *); 24 static void request_key_auth_destroy(struct key *); 25 static long request_key_auth_read(const struct key *, char __user *, size_t); 26 27 /* 28 * the request-key authorisation key type definition 29 */ 30 struct key_type key_type_request_key_auth = { 31 .name = ".request_key_auth", 32 .def_datalen = sizeof(struct request_key_auth), 33 .instantiate = request_key_auth_instantiate, 34 .describe = request_key_auth_describe, 35 .revoke = request_key_auth_revoke, 36 .destroy = request_key_auth_destroy, 37 .read = request_key_auth_read, 38 }; 39 40 /*****************************************************************************/ 41 /* 42 * instantiate a request-key authorisation key 43 */ 44 static int request_key_auth_instantiate(struct key *key, 45 const void *data, 46 size_t datalen) 47 { 48 key->payload.data = (struct request_key_auth *) data; 49 return 0; 50 51 } /* end request_key_auth_instantiate() */ 52 53 /*****************************************************************************/ 54 /* 55 * reading a request-key authorisation key retrieves the callout information 56 */ 57 static void request_key_auth_describe(const struct key *key, 58 struct seq_file *m) 59 { 60 struct request_key_auth *rka = key->payload.data; 61 62 seq_puts(m, "key:"); 63 seq_puts(m, key->description); 64 seq_printf(m, " pid:%d ci:%zu", rka->pid, strlen(rka->callout_info)); 65 66 } /* end request_key_auth_describe() */ 67 68 /*****************************************************************************/ 69 /* 70 * read the callout_info data 71 * - the key's semaphore is read-locked 72 */ 73 static long request_key_auth_read(const struct key *key, 74 char __user *buffer, size_t buflen) 75 { 76 struct request_key_auth *rka = key->payload.data; 77 size_t datalen; 78 long ret; 79 80 datalen = strlen(rka->callout_info); 81 ret = datalen; 82 83 /* we can return the data as is */ 84 if (buffer && buflen > 0) { 85 if (buflen > datalen) 86 buflen = datalen; 87 88 if (copy_to_user(buffer, rka->callout_info, buflen) != 0) 89 ret = -EFAULT; 90 } 91 92 return ret; 93 94 } /* end request_key_auth_read() */ 95 96 /*****************************************************************************/ 97 /* 98 * handle revocation of an authorisation token key 99 * - called with the key sem write-locked 100 */ 101 static void request_key_auth_revoke(struct key *key) 102 { 103 struct request_key_auth *rka = key->payload.data; 104 105 kenter("{%d}", key->serial); 106 107 if (rka->context) { 108 put_task_struct(rka->context); 109 rka->context = NULL; 110 } 111 112 } /* end request_key_auth_revoke() */ 113 114 /*****************************************************************************/ 115 /* 116 * destroy an instantiation authorisation token key 117 */ 118 static void request_key_auth_destroy(struct key *key) 119 { 120 struct request_key_auth *rka = key->payload.data; 121 122 kenter("{%d}", key->serial); 123 124 if (rka->context) { 125 put_task_struct(rka->context); 126 rka->context = NULL; 127 } 128 129 key_put(rka->target_key); 130 kfree(rka->callout_info); 131 kfree(rka); 132 133 } /* end request_key_auth_destroy() */ 134 135 /*****************************************************************************/ 136 /* 137 * create an authorisation token for /sbin/request-key or whoever to gain 138 * access to the caller's security data 139 */ 140 struct key *request_key_auth_new(struct key *target, const char *callout_info) 141 { 142 struct request_key_auth *rka, *irka; 143 struct key *authkey = NULL; 144 char desc[20]; 145 int ret; 146 147 kenter("%d,", target->serial); 148 149 /* allocate a auth record */ 150 rka = kmalloc(sizeof(*rka), GFP_KERNEL); 151 if (!rka) { 152 kleave(" = -ENOMEM"); 153 return ERR_PTR(-ENOMEM); 154 } 155 rka->callout_info = kmalloc(strlen(callout_info) + 1, GFP_KERNEL); 156 if (!rka->callout_info) { 157 kleave(" = -ENOMEM"); 158 kfree(rka); 159 return ERR_PTR(-ENOMEM); 160 } 161 162 /* see if the calling process is already servicing the key request of 163 * another process */ 164 if (current->request_key_auth) { 165 /* it is - use that instantiation context here too */ 166 down_read(¤t->request_key_auth->sem); 167 168 /* if the auth key has been revoked, then the key we're 169 * servicing is already instantiated */ 170 if (test_bit(KEY_FLAG_REVOKED, 171 ¤t->request_key_auth->flags)) 172 goto auth_key_revoked; 173 174 irka = current->request_key_auth->payload.data; 175 rka->context = irka->context; 176 rka->pid = irka->pid; 177 get_task_struct(rka->context); 178 179 up_read(¤t->request_key_auth->sem); 180 } 181 else { 182 /* it isn't - use this process as the context */ 183 rka->context = current; 184 rka->pid = current->pid; 185 get_task_struct(rka->context); 186 } 187 188 rka->target_key = key_get(target); 189 strcpy(rka->callout_info, callout_info); 190 191 /* allocate the auth key */ 192 sprintf(desc, "%x", target->serial); 193 194 authkey = key_alloc(&key_type_request_key_auth, desc, 195 current->fsuid, current->fsgid, current, 196 KEY_POS_VIEW | KEY_POS_READ | KEY_POS_SEARCH | 197 KEY_USR_VIEW, KEY_ALLOC_NOT_IN_QUOTA); 198 if (IS_ERR(authkey)) { 199 ret = PTR_ERR(authkey); 200 goto error_alloc; 201 } 202 203 /* construct and attach to the keyring */ 204 ret = key_instantiate_and_link(authkey, rka, 0, NULL, NULL); 205 if (ret < 0) 206 goto error_inst; 207 208 kleave(" = {%d}", authkey->serial); 209 return authkey; 210 211 auth_key_revoked: 212 up_read(¤t->request_key_auth->sem); 213 kfree(rka->callout_info); 214 kfree(rka); 215 kleave("= -EKEYREVOKED"); 216 return ERR_PTR(-EKEYREVOKED); 217 218 error_inst: 219 key_revoke(authkey); 220 key_put(authkey); 221 error_alloc: 222 key_put(rka->target_key); 223 kfree(rka->callout_info); 224 kfree(rka); 225 kleave("= %d", ret); 226 return ERR_PTR(ret); 227 228 } /* end request_key_auth_new() */ 229 230 /*****************************************************************************/ 231 /* 232 * see if an authorisation key is associated with a particular key 233 */ 234 static int key_get_instantiation_authkey_match(const struct key *key, 235 const void *_id) 236 { 237 struct request_key_auth *rka = key->payload.data; 238 key_serial_t id = (key_serial_t)(unsigned long) _id; 239 240 return rka->target_key->serial == id; 241 242 } /* end key_get_instantiation_authkey_match() */ 243 244 /*****************************************************************************/ 245 /* 246 * get the authorisation key for instantiation of a specific key if attached to 247 * the current process's keyrings 248 * - this key is inserted into a keyring and that is set as /sbin/request-key's 249 * session keyring 250 * - a target_id of zero specifies any valid token 251 */ 252 struct key *key_get_instantiation_authkey(key_serial_t target_id) 253 { 254 struct key *authkey; 255 key_ref_t authkey_ref; 256 257 authkey_ref = search_process_keyrings( 258 &key_type_request_key_auth, 259 (void *) (unsigned long) target_id, 260 key_get_instantiation_authkey_match, 261 current); 262 263 if (IS_ERR(authkey_ref)) { 264 authkey = ERR_CAST(authkey_ref); 265 goto error; 266 } 267 268 authkey = key_ref_to_ptr(authkey_ref); 269 if (test_bit(KEY_FLAG_REVOKED, &authkey->flags)) { 270 key_put(authkey); 271 authkey = ERR_PTR(-EKEYREVOKED); 272 } 273 274 error: 275 return authkey; 276 277 } /* end key_get_instantiation_authkey() */ 278