mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2025-01-19 12:00:00 +00:00
Merge commit 'keys-fixes-20170927' into fixes-v4.14-rc3
From David Howells: "There are two sets of patches here: (1) A bunch of core keyrings bug fixes from Eric Biggers. (2) Fixing big_key to use safe crypto from Jason A. Donenfeld."
This commit is contained in:
James Morris
commit
2569e7e1d6
@ -187,6 +187,7 @@ struct key {
|
||||
#define KEY_FLAG_BUILTIN 8 /* set if key is built in to the kernel */
|
||||
#define KEY_FLAG_ROOT_CAN_INVAL 9 /* set if key can be invalidated by root without permission */
|
||||
#define KEY_FLAG_KEEP 10 /* set if key should not be removed */
|
||||
#define KEY_FLAG_UID_KEYRING 11 /* set if key is a user or user session keyring */
|
||||
|
||||
/* the key type and key description string
|
||||
* - the desc is used to match a key against search criteria
|
||||
@ -243,6 +244,7 @@ extern struct key *key_alloc(struct key_type *type,
|
||||
#define KEY_ALLOC_NOT_IN_QUOTA 0x0002 /* not in quota */
|
||||
#define KEY_ALLOC_BUILT_IN 0x0004 /* Key is built into kernel */
|
||||
#define KEY_ALLOC_BYPASS_RESTRICTION 0x0008 /* Override the check on restricted keyrings */
|
||||
#define KEY_ALLOC_UID_KEYRING 0x0010 /* allocating a user or user session keyring */
|
||||
|
||||
extern void key_revoke(struct key *key);
|
||||
extern void key_invalidate(struct key *key);
|
||||
|
||||
@ -45,10 +45,8 @@ config BIG_KEYS
|
||||
bool "Large payload keys"
|
||||
depends on KEYS
|
||||
depends on TMPFS
|
||||
depends on (CRYPTO_ANSI_CPRNG = y || CRYPTO_DRBG = y)
|
||||
select CRYPTO_AES
|
||||
select CRYPTO_ECB
|
||||
select CRYPTO_RNG
|
||||
select CRYPTO_GCM
|
||||
help
|
||||
This option provides support for holding large keys within the kernel
|
||||
(for example Kerberos ticket caches). The data may be stored out to
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
/* Large capacity key type
|
||||
*
|
||||
* Copyright (C) 2017 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
||||
* Copyright (C) 2013 Red Hat, Inc. All Rights Reserved.
|
||||
* Written by David Howells (dhowells@redhat.com)
|
||||
*
|
||||
@ -16,10 +17,10 @@
|
||||
#include <linux/shmem_fs.h>
|
||||
#include <linux/err.h>
|
||||
#include <linux/scatterlist.h>
|
||||
#include <linux/random.h>
|
||||
#include <keys/user-type.h>
|
||||
#include <keys/big_key-type.h>
|
||||
#include <crypto/rng.h>
|
||||
#include <crypto/skcipher.h>
|
||||
#include <crypto/aead.h>
|
||||
|
||||
/*
|
||||
* Layout of key payload words.
|
||||
@ -49,7 +50,12 @@ enum big_key_op {
|
||||
/*
|
||||
* Key size for big_key data encryption
|
||||
*/
|
||||
#define ENC_KEY_SIZE 16
|
||||
#define ENC_KEY_SIZE 32
|
||||
|
||||
/*
|
||||
* Authentication tag length
|
||||
*/
|
||||
#define ENC_AUTHTAG_SIZE 16
|
||||
|
||||
/*
|
||||
* big_key defined keys take an arbitrary string as the description and an
|
||||
@ -64,57 +70,62 @@ struct key_type key_type_big_key = {
|
||||
.destroy = big_key_destroy,
|
||||
.describe = big_key_describe,
|
||||
.read = big_key_read,
|
||||
/* no ->update(); don't add it without changing big_key_crypt() nonce */
|
||||
};
|
||||
|
||||
/*
|
||||
* Crypto names for big_key data encryption
|
||||
* Crypto names for big_key data authenticated encryption
|
||||
*/
|
||||
static const char big_key_rng_name[] = "stdrng";
|
||||
static const char big_key_alg_name[] = "ecb(aes)";
|
||||
static const char big_key_alg_name[] = "gcm(aes)";
|
||||
|
||||
/*
|
||||
* Crypto algorithms for big_key data encryption
|
||||
* Crypto algorithms for big_key data authenticated encryption
|
||||
*/
|
||||
static struct crypto_rng *big_key_rng;
|
||||
static struct crypto_skcipher *big_key_skcipher;
|
||||
static struct crypto_aead *big_key_aead;
|
||||
|
||||
/*
|
||||
* Generate random key to encrypt big_key data
|
||||
* Since changing the key affects the entire object, we need a mutex.
|
||||
*/
|
||||
static inline int big_key_gen_enckey(u8 *key)
|
||||
{
|
||||
return crypto_rng_get_bytes(big_key_rng, key, ENC_KEY_SIZE);
|
||||
}
|
||||
static DEFINE_MUTEX(big_key_aead_lock);
|
||||
|
||||
/*
|
||||
* Encrypt/decrypt big_key data
|
||||
*/
|
||||
static int big_key_crypt(enum big_key_op op, u8 *data, size_t datalen, u8 *key)
|
||||
{
|
||||
int ret = -EINVAL;
|
||||
int ret;
|
||||
struct scatterlist sgio;
|
||||
SKCIPHER_REQUEST_ON_STACK(req, big_key_skcipher);
|
||||
struct aead_request *aead_req;
|
||||
/* We always use a zero nonce. The reason we can get away with this is
|
||||
* because we're using a different randomly generated key for every
|
||||
* different encryption. Notably, too, key_type_big_key doesn't define
|
||||
* an .update function, so there's no chance we'll wind up reusing the
|
||||
* key to encrypt updated data. Simply put: one key, one encryption.
|
||||
*/
|
||||
u8 zero_nonce[crypto_aead_ivsize(big_key_aead)];
|
||||
|
||||
if (crypto_skcipher_setkey(big_key_skcipher, key, ENC_KEY_SIZE)) {
|
||||
aead_req = aead_request_alloc(big_key_aead, GFP_KERNEL);
|
||||
if (!aead_req)
|
||||
return -ENOMEM;
|
||||
|
||||
memset(zero_nonce, 0, sizeof(zero_nonce));
|
||||
sg_init_one(&sgio, data, datalen + (op == BIG_KEY_ENC ? ENC_AUTHTAG_SIZE : 0));
|
||||
aead_request_set_crypt(aead_req, &sgio, &sgio, datalen, zero_nonce);
|
||||
aead_request_set_callback(aead_req, CRYPTO_TFM_REQ_MAY_SLEEP, NULL, NULL);
|
||||
aead_request_set_ad(aead_req, 0);
|
||||
|
||||
mutex_lock(&big_key_aead_lock);
|
||||
if (crypto_aead_setkey(big_key_aead, key, ENC_KEY_SIZE)) {
|
||||
ret = -EAGAIN;
|
||||
goto error;
|
||||
}
|
||||
|
||||
skcipher_request_set_tfm(req, big_key_skcipher);
|
||||
skcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_SLEEP,
|
||||
NULL, NULL);
|
||||
|
||||
sg_init_one(&sgio, data, datalen);
|
||||
skcipher_request_set_crypt(req, &sgio, &sgio, datalen, NULL);
|
||||
|
||||
if (op == BIG_KEY_ENC)
|
||||
ret = crypto_skcipher_encrypt(req);
|
||||
ret = crypto_aead_encrypt(aead_req);
|
||||
else
|
||||
ret = crypto_skcipher_decrypt(req);
|
||||
|
||||
skcipher_request_zero(req);
|
||||
|
||||
ret = crypto_aead_decrypt(aead_req);
|
||||
error:
|
||||
mutex_unlock(&big_key_aead_lock);
|
||||
aead_request_free(aead_req);
|
||||
return ret;
|
||||
}
|
||||
|
||||
@ -146,16 +157,13 @@ int big_key_preparse(struct key_preparsed_payload *prep)
|
||||
*
|
||||
* File content is stored encrypted with randomly generated key.
|
||||
*/
|
||||
size_t enclen = ALIGN(datalen, crypto_skcipher_blocksize(big_key_skcipher));
|
||||
size_t enclen = datalen + ENC_AUTHTAG_SIZE;
|
||||
loff_t pos = 0;
|
||||
|
||||
/* prepare aligned data to encrypt */
|
||||
data = kmalloc(enclen, GFP_KERNEL);
|
||||
if (!data)
|
||||
return -ENOMEM;
|
||||
|
||||
memcpy(data, prep->data, datalen);
|
||||
memset(data + datalen, 0x00, enclen - datalen);
|
||||
|
||||
/* generate random key */
|
||||
enckey = kmalloc(ENC_KEY_SIZE, GFP_KERNEL);
|
||||
@ -163,13 +171,12 @@ int big_key_preparse(struct key_preparsed_payload *prep)
|
||||
ret = -ENOMEM;
|
||||
goto error;
|
||||
}
|
||||
|
||||
ret = big_key_gen_enckey(enckey);
|
||||
if (ret)
|
||||
ret = get_random_bytes_wait(enckey, ENC_KEY_SIZE);
|
||||
if (unlikely(ret))
|
||||
goto err_enckey;
|
||||
|
||||
/* encrypt aligned data */
|
||||
ret = big_key_crypt(BIG_KEY_ENC, data, enclen, enckey);
|
||||
ret = big_key_crypt(BIG_KEY_ENC, data, datalen, enckey);
|
||||
if (ret)
|
||||
goto err_enckey;
|
||||
|
||||
@ -195,7 +202,7 @@ int big_key_preparse(struct key_preparsed_payload *prep)
|
||||
*path = file->f_path;
|
||||
path_get(path);
|
||||
fput(file);
|
||||
kfree(data);
|
||||
kzfree(data);
|
||||
} else {
|
||||
/* Just store the data in a buffer */
|
||||
void *data = kmalloc(datalen, GFP_KERNEL);
|
||||
@ -211,9 +218,9 @@ int big_key_preparse(struct key_preparsed_payload *prep)
|
||||
err_fput:
|
||||
fput(file);
|
||||
err_enckey:
|
||||
kfree(enckey);
|
||||
kzfree(enckey);
|
||||
error:
|
||||
kfree(data);
|
||||
kzfree(data);
|
||||
return ret;
|
||||
}
|
||||
|
||||
@ -227,7 +234,7 @@ void big_key_free_preparse(struct key_preparsed_payload *prep)
|
||||
|
||||
path_put(path);
|
||||
}
|
||||
kfree(prep->payload.data[big_key_data]);
|
||||
kzfree(prep->payload.data[big_key_data]);
|
||||
}
|
||||
|
||||
/*
|
||||
@ -259,7 +266,7 @@ void big_key_destroy(struct key *key)
|
||||
path->mnt = NULL;
|
||||
path->dentry = NULL;
|
||||
}
|
||||
kfree(key->payload.data[big_key_data]);
|
||||
kzfree(key->payload.data[big_key_data]);
|
||||
key->payload.data[big_key_data] = NULL;
|
||||
}
|
||||
|
||||
@ -295,7 +302,7 @@ long big_key_read(const struct key *key, char __user *buffer, size_t buflen)
|
||||
struct file *file;
|
||||
u8 *data;
|
||||
u8 *enckey = (u8 *)key->payload.data[big_key_data];
|
||||
size_t enclen = ALIGN(datalen, crypto_skcipher_blocksize(big_key_skcipher));
|
||||
size_t enclen = datalen + ENC_AUTHTAG_SIZE;
|
||||
loff_t pos = 0;
|
||||
|
||||
data = kmalloc(enclen, GFP_KERNEL);
|
||||
@ -328,7 +335,7 @@ long big_key_read(const struct key *key, char __user *buffer, size_t buflen)
|
||||
err_fput:
|
||||
fput(file);
|
||||
error:
|
||||
kfree(data);
|
||||
kzfree(data);
|
||||
} else {
|
||||
ret = datalen;
|
||||
if (copy_to_user(buffer, key->payload.data[big_key_data],
|
||||
@ -344,47 +351,31 @@ error:
|
||||
*/
|
||||
static int __init big_key_init(void)
|
||||
{
|
||||
struct crypto_skcipher *cipher;
|
||||
struct crypto_rng *rng;
|
||||
int ret;
|
||||
|
||||
rng = crypto_alloc_rng(big_key_rng_name, 0, 0);
|
||||
if (IS_ERR(rng)) {
|
||||
pr_err("Can't alloc rng: %ld\n", PTR_ERR(rng));
|
||||
return PTR_ERR(rng);
|
||||
}
|
||||
|
||||
big_key_rng = rng;
|
||||
|
||||
/* seed RNG */
|
||||
ret = crypto_rng_reset(rng, NULL, crypto_rng_seedsize(rng));
|
||||
if (ret) {
|
||||
pr_err("Can't reset rng: %d\n", ret);
|
||||
goto error_rng;
|
||||
}
|
||||
|
||||
/* init block cipher */
|
||||
cipher = crypto_alloc_skcipher(big_key_alg_name, 0, CRYPTO_ALG_ASYNC);
|
||||
if (IS_ERR(cipher)) {
|
||||
ret = PTR_ERR(cipher);
|
||||
big_key_aead = crypto_alloc_aead(big_key_alg_name, 0, CRYPTO_ALG_ASYNC);
|
||||
if (IS_ERR(big_key_aead)) {
|
||||
ret = PTR_ERR(big_key_aead);
|
||||
pr_err("Can't alloc crypto: %d\n", ret);
|
||||
goto error_rng;
|
||||
return ret;
|
||||
}
|
||||
ret = crypto_aead_setauthsize(big_key_aead, ENC_AUTHTAG_SIZE);
|
||||
if (ret < 0) {
|
||||
pr_err("Can't set crypto auth tag len: %d\n", ret);
|
||||
goto free_aead;
|
||||
}
|
||||
|
||||
big_key_skcipher = cipher;
|
||||
|
||||
ret = register_key_type(&key_type_big_key);
|
||||
if (ret < 0) {
|
||||
pr_err("Can't register type: %d\n", ret);
|
||||
goto error_cipher;
|
||||
goto free_aead;
|
||||
}
|
||||
|
||||
return 0;
|
||||
|
||||
error_cipher:
|
||||
crypto_free_skcipher(big_key_skcipher);
|
||||
error_rng:
|
||||
crypto_free_rng(big_key_rng);
|
||||
free_aead:
|
||||
crypto_free_aead(big_key_aead);
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
@ -141,7 +141,7 @@ extern key_ref_t keyring_search_aux(key_ref_t keyring_ref,
|
||||
extern key_ref_t search_my_process_keyrings(struct keyring_search_context *ctx);
|
||||
extern key_ref_t search_process_keyrings(struct keyring_search_context *ctx);
|
||||
|
||||
extern struct key *find_keyring_by_name(const char *name, bool skip_perm_check);
|
||||
extern struct key *find_keyring_by_name(const char *name, bool uid_keyring);
|
||||
|
||||
extern int install_user_keyrings(void);
|
||||
extern int install_thread_keyring_to_cred(struct cred *);
|
||||
|
||||
@ -54,10 +54,10 @@ void __key_check(const struct key *key)
|
||||
struct key_user *key_user_lookup(kuid_t uid)
|
||||
{
|
||||
struct key_user *candidate = NULL, *user;
|
||||
struct rb_node *parent = NULL;
|
||||
struct rb_node **p;
|
||||
struct rb_node *parent, **p;
|
||||
|
||||
try_again:
|
||||
parent = NULL;
|
||||
p = &key_user_tree.rb_node;
|
||||
spin_lock(&key_user_lock);
|
||||
|
||||
@ -302,6 +302,8 @@ struct key *key_alloc(struct key_type *type, const char *desc,
|
||||
key->flags |= 1 << KEY_FLAG_IN_QUOTA;
|
||||
if (flags & KEY_ALLOC_BUILT_IN)
|
||||
key->flags |= 1 << KEY_FLAG_BUILTIN;
|
||||
if (flags & KEY_ALLOC_UID_KEYRING)
|
||||
key->flags |= 1 << KEY_FLAG_UID_KEYRING;
|
||||
|
||||
#ifdef KEY_DEBUGGING
|
||||
key->magic = KEY_DEBUG_MAGIC;
|
||||
|
||||
@ -766,12 +766,17 @@ long keyctl_read_key(key_serial_t keyid, char __user *buffer, size_t buflen)
|
||||
|
||||
key = key_ref_to_ptr(key_ref);
|
||||
|
||||
if (test_bit(KEY_FLAG_NEGATIVE, &key->flags)) {
|
||||
ret = -ENOKEY;
|
||||
goto error2;
|
||||
}
|
||||
|
||||
/* see if we can read it directly */
|
||||
ret = key_permission(key_ref, KEY_NEED_READ);
|
||||
if (ret == 0)
|
||||
goto can_read_key;
|
||||
if (ret != -EACCES)
|
||||
goto error;
|
||||
goto error2;
|
||||
|
||||
/* we can't; see if it's searchable from this process's keyrings
|
||||
* - we automatically take account of the fact that it may be
|
||||
@ -1406,11 +1411,9 @@ long keyctl_assume_authority(key_serial_t id)
|
||||
}
|
||||
|
||||
ret = keyctl_change_reqkey_auth(authkey);
|
||||
if (ret < 0)
|
||||
goto error;
|
||||
if (ret == 0)
|
||||
ret = authkey->serial;
|
||||
key_put(authkey);
|
||||
|
||||
ret = authkey->serial;
|
||||
error:
|
||||
return ret;
|
||||
}
|
||||
|
||||
@ -423,7 +423,7 @@ static void keyring_describe(const struct key *keyring, struct seq_file *m)
|
||||
}
|
||||
|
||||
struct keyring_read_iterator_context {
|
||||
size_t qty;
|
||||
size_t buflen;
|
||||
size_t count;
|
||||
key_serial_t __user *buffer;
|
||||
};
|
||||
@ -435,9 +435,9 @@ static int keyring_read_iterator(const void *object, void *data)
|
||||
int ret;
|
||||
|
||||
kenter("{%s,%d},,{%zu/%zu}",
|
||||
key->type->name, key->serial, ctx->count, ctx->qty);
|
||||
key->type->name, key->serial, ctx->count, ctx->buflen);
|
||||
|
||||
if (ctx->count >= ctx->qty)
|
||||
if (ctx->count >= ctx->buflen)
|
||||
return 1;
|
||||
|
||||
ret = put_user(key->serial, ctx->buffer);
|
||||
@ -472,16 +472,12 @@ static long keyring_read(const struct key *keyring,
|
||||
return 0;
|
||||
|
||||
/* Calculate how much data we could return */
|
||||
ctx.qty = nr_keys * sizeof(key_serial_t);
|
||||
|
||||
if (!buffer || !buflen)
|
||||
return ctx.qty;
|
||||
|
||||
if (buflen > ctx.qty)
|
||||
ctx.qty = buflen;
|
||||
return nr_keys * sizeof(key_serial_t);
|
||||
|
||||
/* Copy the IDs of the subscribed keys into the buffer */
|
||||
ctx.buffer = (key_serial_t __user *)buffer;
|
||||
ctx.buflen = buflen;
|
||||
ctx.count = 0;
|
||||
ret = assoc_array_iterate(&keyring->keys, keyring_read_iterator, &ctx);
|
||||
if (ret < 0) {
|
||||
@ -1101,15 +1097,15 @@ found:
|
||||
/*
|
||||
* Find a keyring with the specified name.
|
||||
*
|
||||
* All named keyrings in the current user namespace are searched, provided they
|
||||
* grant Search permission directly to the caller (unless this check is
|
||||
* skipped). Keyrings whose usage points have reached zero or who have been
|
||||
* revoked are skipped.
|
||||
* Only keyrings that have nonzero refcount, are not revoked, and are owned by a
|
||||
* user in the current user namespace are considered. If @uid_keyring is %true,
|
||||
* the keyring additionally must have been allocated as a user or user session
|
||||
* keyring; otherwise, it must grant Search permission directly to the caller.
|
||||
*
|
||||
* Returns a pointer to the keyring with the keyring's refcount having being
|
||||
* incremented on success. -ENOKEY is returned if a key could not be found.
|
||||
*/
|
||||
struct key *find_keyring_by_name(const char *name, bool skip_perm_check)
|
||||
struct key *find_keyring_by_name(const char *name, bool uid_keyring)
|
||||
{
|
||||
struct key *keyring;
|
||||
int bucket;
|
||||
@ -1137,10 +1133,15 @@ struct key *find_keyring_by_name(const char *name, bool skip_perm_check)
|
||||
if (strcmp(keyring->description, name) != 0)
|
||||
continue;
|
||||
|
||||
if (!skip_perm_check &&
|
||||
key_permission(make_key_ref(keyring, 0),
|
||||
KEY_NEED_SEARCH) < 0)
|
||||
continue;
|
||||
if (uid_keyring) {
|
||||
if (!test_bit(KEY_FLAG_UID_KEYRING,
|
||||
&keyring->flags))
|
||||
continue;
|
||||
} else {
|
||||
if (key_permission(make_key_ref(keyring, 0),
|
||||
KEY_NEED_SEARCH) < 0)
|
||||
continue;
|
||||
}
|
||||
|
||||
/* we've got a match but we might end up racing with
|
||||
* key_cleanup() if the keyring is currently 'dead'
|
||||
|
||||
@ -187,7 +187,7 @@ static int proc_keys_show(struct seq_file *m, void *v)
|
||||
struct keyring_search_context ctx = {
|
||||
.index_key.type = key->type,
|
||||
.index_key.description = key->description,
|
||||
.cred = current_cred(),
|
||||
.cred = m->file->f_cred,
|
||||
.match_data.cmp = lookup_user_key_possessed,
|
||||
.match_data.raw_data = key,
|
||||
.match_data.lookup_type = KEYRING_SEARCH_LOOKUP_DIRECT,
|
||||
@ -207,11 +207,7 @@ static int proc_keys_show(struct seq_file *m, void *v)
|
||||
}
|
||||
}
|
||||
|
||||
/* check whether the current task is allowed to view the key (assuming
|
||||
* non-possession)
|
||||
* - the caller holds a spinlock, and thus the RCU read lock, making our
|
||||
* access to __current_cred() safe
|
||||
*/
|
||||
/* check whether the current task is allowed to view the key */
|
||||
rc = key_task_permission(key_ref, ctx.cred, KEY_NEED_VIEW);
|
||||
if (rc < 0)
|
||||
return 0;
|
||||
|
||||
@ -77,7 +77,8 @@ int install_user_keyrings(void)
|
||||
if (IS_ERR(uid_keyring)) {
|
||||
uid_keyring = keyring_alloc(buf, user->uid, INVALID_GID,
|
||||
cred, user_keyring_perm,
|
||||
KEY_ALLOC_IN_QUOTA,
|
||||
KEY_ALLOC_UID_KEYRING |
|
||||
KEY_ALLOC_IN_QUOTA,
|
||||
NULL, NULL);
|
||||
if (IS_ERR(uid_keyring)) {
|
||||
ret = PTR_ERR(uid_keyring);
|
||||
@ -94,7 +95,8 @@ int install_user_keyrings(void)
|
||||
session_keyring =
|
||||
keyring_alloc(buf, user->uid, INVALID_GID,
|
||||
cred, user_keyring_perm,
|
||||
KEY_ALLOC_IN_QUOTA,
|
||||
KEY_ALLOC_UID_KEYRING |
|
||||
KEY_ALLOC_IN_QUOTA,
|
||||
NULL, NULL);
|
||||
if (IS_ERR(session_keyring)) {
|
||||
ret = PTR_ERR(session_keyring);
|
||||
|
||||
@ -120,6 +120,18 @@ static void request_key_auth_revoke(struct key *key)
|
||||
}
|
||||
}
|
||||
|
||||
static void free_request_key_auth(struct request_key_auth *rka)
|
||||
{
|
||||
if (!rka)
|
||||
return;
|
||||
key_put(rka->target_key);
|
||||
key_put(rka->dest_keyring);
|
||||
if (rka->cred)
|
||||
put_cred(rka->cred);
|
||||
kfree(rka->callout_info);
|
||||
kfree(rka);
|
||||
}
|
||||
|
||||
/*
|
||||
* Destroy an instantiation authorisation token key.
|
||||
*/
|
||||
@ -129,15 +141,7 @@ static void request_key_auth_destroy(struct key *key)
|
||||
|
||||
kenter("{%d}", key->serial);
|
||||
|
||||
if (rka->cred) {
|
||||
put_cred(rka->cred);
|
||||
rka->cred = NULL;
|
||||
}
|
||||
|
||||
key_put(rka->target_key);
|
||||
key_put(rka->dest_keyring);
|
||||
kfree(rka->callout_info);
|
||||
kfree(rka);
|
||||
free_request_key_auth(rka);
|
||||
}
|
||||
|
||||
/*
|
||||
@ -151,22 +155,18 @@ struct key *request_key_auth_new(struct key *target, const void *callout_info,
|
||||
const struct cred *cred = current->cred;
|
||||
struct key *authkey = NULL;
|
||||
char desc[20];
|
||||
int ret;
|
||||
int ret = -ENOMEM;
|
||||
|
||||
kenter("%d,", target->serial);
|
||||
|
||||
/* allocate a auth record */
|
||||
rka = kmalloc(sizeof(*rka), GFP_KERNEL);
|
||||
if (!rka) {
|
||||
kleave(" = -ENOMEM");
|
||||
return ERR_PTR(-ENOMEM);
|
||||
}
|
||||
rka->callout_info = kmalloc(callout_len, GFP_KERNEL);
|
||||
if (!rka->callout_info) {
|
||||
kleave(" = -ENOMEM");
|
||||
kfree(rka);
|
||||
return ERR_PTR(-ENOMEM);
|
||||
}
|
||||
rka = kzalloc(sizeof(*rka), GFP_KERNEL);
|
||||
if (!rka)
|
||||
goto error;
|
||||
rka->callout_info = kmemdup(callout_info, callout_len, GFP_KERNEL);
|
||||
if (!rka->callout_info)
|
||||
goto error_free_rka;
|
||||
rka->callout_len = callout_len;
|
||||
|
||||
/* see if the calling process is already servicing the key request of
|
||||
* another process */
|
||||
@ -176,8 +176,12 @@ struct key *request_key_auth_new(struct key *target, const void *callout_info,
|
||||
|
||||
/* if the auth key has been revoked, then the key we're
|
||||
* servicing is already instantiated */
|
||||
if (test_bit(KEY_FLAG_REVOKED, &cred->request_key_auth->flags))
|
||||
goto auth_key_revoked;
|
||||
if (test_bit(KEY_FLAG_REVOKED,
|
||||
&cred->request_key_auth->flags)) {
|
||||
up_read(&cred->request_key_auth->sem);
|
||||
ret = -EKEYREVOKED;
|
||||
goto error_free_rka;
|
||||
}
|
||||
|
||||
irka = cred->request_key_auth->payload.data[0];
|
||||
rka->cred = get_cred(irka->cred);
|
||||
@ -193,8 +197,6 @@ struct key *request_key_auth_new(struct key *target, const void *callout_info,
|
||||
|
||||
rka->target_key = key_get(target);
|
||||
rka->dest_keyring = key_get(dest_keyring);
|
||||
memcpy(rka->callout_info, callout_info, callout_len);
|
||||
rka->callout_len = callout_len;
|
||||
|
||||
/* allocate the auth key */
|
||||
sprintf(desc, "%x", target->serial);
|
||||
@ -205,32 +207,22 @@ struct key *request_key_auth_new(struct key *target, const void *callout_info,
|
||||
KEY_USR_VIEW, KEY_ALLOC_NOT_IN_QUOTA, NULL);
|
||||
if (IS_ERR(authkey)) {
|
||||
ret = PTR_ERR(authkey);
|
||||
goto error_alloc;
|
||||
goto error_free_rka;
|
||||
}
|
||||
|
||||
/* construct the auth key */
|
||||
ret = key_instantiate_and_link(authkey, rka, 0, NULL, NULL);
|
||||
if (ret < 0)
|
||||
goto error_inst;
|
||||
goto error_put_authkey;
|
||||
|
||||
kleave(" = {%d,%d}", authkey->serial, refcount_read(&authkey->usage));
|
||||
return authkey;
|
||||
|
||||
auth_key_revoked:
|
||||
up_read(&cred->request_key_auth->sem);
|
||||
kfree(rka->callout_info);
|
||||
kfree(rka);
|
||||
kleave("= -EKEYREVOKED");
|
||||
return ERR_PTR(-EKEYREVOKED);
|
||||
|
||||
error_inst:
|
||||
key_revoke(authkey);
|
||||
error_put_authkey:
|
||||
key_put(authkey);
|
||||
error_alloc:
|
||||
key_put(rka->target_key);
|
||||
key_put(rka->dest_keyring);
|
||||
kfree(rka->callout_info);
|
||||
kfree(rka);
|
||||
error_free_rka:
|
||||
free_request_key_auth(rka);
|
||||
error:
|
||||
kleave("= %d", ret);
|
||||
return ERR_PTR(ret);
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user