mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2025-01-12 16:11:04 +00:00
c236b6dd48
-----BEGIN PGP SIGNATURE-----
iQIVAwUAXRPObfu3V2unywtrAQJLKA//WENO5pZDHe49T+4GCY0ZmnGHKBUnU7g9
DUjxSNS8a/nwCyEdApZk9uHp2xsOedP6pjQ4VRWMQfrIPx0Yh9o3J+BQxvyP7PDf
jEH+5CYC8dZnJJjjteWCcPEGrUoNb1YKfDRBU745YY+rLdHWvhHc27B6SYBg5BGT
OwW3qyHvp0WMp7TehMALdnkqGph5gR5QMr45tOrH6DkGAhN8mAIKD699d3MqZG73
+S5KlQOlDlEVrxbD/BgzlzEJQUBQyq8hd61taBFT7LXBNlLJJOnMhd7UJY5IJE7J
Vi9NpcLj4Emwv4wvZ2xneV0rMbsCbxRMKZLDRuqQ6Tm17xjpjro4n1ujneTAqmmy
d+XlrVQ2ZMciMNmGleezOoBib9QbY5NWdilc2ls5ydFGiBVL73bIOYtEQNai8lWd
LBBIIrxOmLO7bnipgqVKRnqeMdMkpWaLISoRfSeJbRt4lGxmka9bDBrSgONnxzJK
JG+sB8ahSVZaBbhERW8DKnBz61Yf8ka7ijVvjH3zCXu0rbLTy+LLUz5kbzbBP9Fc
LiUapLV/v420gD2ZRCgPQwtQui4TpBkSGJKS1Ippyn7LGBNCZLM4Y8vOoo4nqr7z
RhpEKbKeOdVjORaYjO8Zttj8gN9rT6WnPcyCTHdNEnyjotU1ykyVBkzexj+VYvjM
C3eIdjG7Jk0=
=c2FO
-----END PGP SIGNATURE-----
Merge tag 'keys-request-20190626' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs
Pull request_key improvements from David Howells:
"These are all request_key()-related, including a fix and some improvements:
- Fix the lack of a Link permission check on a key found by
request_key(), thereby enabling request_key() to link keys that
don't grant this permission to the target keyring (which must still
grant Write permission).
Note that the key must be in the caller's keyrings already to be
found.
- Invalidate used request_key authentication keys rather than
revoking them, so that they get cleaned up immediately rather than
hanging around till the expiry time is passed.
- Move the RCU locks outwards from the keyring search functions so
that a request_key_rcu() can be provided. This can be called in RCU
mode, so it can't sleep and can't upcall - but it can be called
from LOOKUP_RCU pathwalk mode.
- Cache the latest positive result of request_key*() temporarily in
task_struct so that filesystems that make a lot of request_key()
calls during pathwalk can take advantage of it to avoid having to
redo the searching. This requires CONFIG_KEYS_REQUEST_CACHE=y.
It is assumed that the key just found is likely to be used multiple
times in each step in an RCU pathwalk, and is likely to be reused
for the next step too.
Note that the cleanup of the cache is done on TIF_NOTIFY_RESUME,
just before userspace resumes, and on exit"
* tag 'keys-request-20190626' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs:
keys: Kill off request_key_async{,_with_auxdata}
keys: Cache result of request_key*() temporarily in task_struct
keys: Provide request_key_rcu()
keys: Move the RCU locks outwards from the keyring search functions
keys: Invalidate used request_key authentication keys
keys: Fix request_key() lack of Link perm check on found key
321 lines
7.7 KiB
C
321 lines
7.7 KiB
C
// SPDX-License-Identifier: GPL-2.0-or-later
|
|
/* procfs files for key database enumeration
|
|
*
|
|
* Copyright (C) 2004 Red Hat, Inc. All Rights Reserved.
|
|
* Written by David Howells (dhowells@redhat.com)
|
|
*/
|
|
|
|
#include <linux/init.h>
|
|
#include <linux/sched.h>
|
|
#include <linux/fs.h>
|
|
#include <linux/proc_fs.h>
|
|
#include <linux/seq_file.h>
|
|
#include <asm/errno.h>
|
|
#include "internal.h"
|
|
|
|
static void *proc_keys_start(struct seq_file *p, loff_t *_pos);
|
|
static void *proc_keys_next(struct seq_file *p, void *v, loff_t *_pos);
|
|
static void proc_keys_stop(struct seq_file *p, void *v);
|
|
static int proc_keys_show(struct seq_file *m, void *v);
|
|
|
|
static const struct seq_operations proc_keys_ops = {
|
|
.start = proc_keys_start,
|
|
.next = proc_keys_next,
|
|
.stop = proc_keys_stop,
|
|
.show = proc_keys_show,
|
|
};
|
|
|
|
static void *proc_key_users_start(struct seq_file *p, loff_t *_pos);
|
|
static void *proc_key_users_next(struct seq_file *p, void *v, loff_t *_pos);
|
|
static void proc_key_users_stop(struct seq_file *p, void *v);
|
|
static int proc_key_users_show(struct seq_file *m, void *v);
|
|
|
|
static const struct seq_operations proc_key_users_ops = {
|
|
.start = proc_key_users_start,
|
|
.next = proc_key_users_next,
|
|
.stop = proc_key_users_stop,
|
|
.show = proc_key_users_show,
|
|
};
|
|
|
|
/*
|
|
* Declare the /proc files.
|
|
*/
|
|
static int __init key_proc_init(void)
|
|
{
|
|
struct proc_dir_entry *p;
|
|
|
|
p = proc_create_seq("keys", 0, NULL, &proc_keys_ops);
|
|
if (!p)
|
|
panic("Cannot create /proc/keys\n");
|
|
|
|
p = proc_create_seq("key-users", 0, NULL, &proc_key_users_ops);
|
|
if (!p)
|
|
panic("Cannot create /proc/key-users\n");
|
|
|
|
return 0;
|
|
}
|
|
|
|
__initcall(key_proc_init);
|
|
|
|
/*
|
|
* Implement "/proc/keys" to provide a list of the keys on the system that
|
|
* grant View permission to the caller.
|
|
*/
|
|
static struct rb_node *key_serial_next(struct seq_file *p, struct rb_node *n)
|
|
{
|
|
struct user_namespace *user_ns = seq_user_ns(p);
|
|
|
|
n = rb_next(n);
|
|
while (n) {
|
|
struct key *key = rb_entry(n, struct key, serial_node);
|
|
if (kuid_has_mapping(user_ns, key->user->uid))
|
|
break;
|
|
n = rb_next(n);
|
|
}
|
|
return n;
|
|
}
|
|
|
|
static struct key *find_ge_key(struct seq_file *p, key_serial_t id)
|
|
{
|
|
struct user_namespace *user_ns = seq_user_ns(p);
|
|
struct rb_node *n = key_serial_tree.rb_node;
|
|
struct key *minkey = NULL;
|
|
|
|
while (n) {
|
|
struct key *key = rb_entry(n, struct key, serial_node);
|
|
if (id < key->serial) {
|
|
if (!minkey || minkey->serial > key->serial)
|
|
minkey = key;
|
|
n = n->rb_left;
|
|
} else if (id > key->serial) {
|
|
n = n->rb_right;
|
|
} else {
|
|
minkey = key;
|
|
break;
|
|
}
|
|
key = NULL;
|
|
}
|
|
|
|
if (!minkey)
|
|
return NULL;
|
|
|
|
for (;;) {
|
|
if (kuid_has_mapping(user_ns, minkey->user->uid))
|
|
return minkey;
|
|
n = rb_next(&minkey->serial_node);
|
|
if (!n)
|
|
return NULL;
|
|
minkey = rb_entry(n, struct key, serial_node);
|
|
}
|
|
}
|
|
|
|
static void *proc_keys_start(struct seq_file *p, loff_t *_pos)
|
|
__acquires(key_serial_lock)
|
|
{
|
|
key_serial_t pos = *_pos;
|
|
struct key *key;
|
|
|
|
spin_lock(&key_serial_lock);
|
|
|
|
if (*_pos > INT_MAX)
|
|
return NULL;
|
|
key = find_ge_key(p, pos);
|
|
if (!key)
|
|
return NULL;
|
|
*_pos = key->serial;
|
|
return &key->serial_node;
|
|
}
|
|
|
|
static inline key_serial_t key_node_serial(struct rb_node *n)
|
|
{
|
|
struct key *key = rb_entry(n, struct key, serial_node);
|
|
return key->serial;
|
|
}
|
|
|
|
static void *proc_keys_next(struct seq_file *p, void *v, loff_t *_pos)
|
|
{
|
|
struct rb_node *n;
|
|
|
|
n = key_serial_next(p, v);
|
|
if (n)
|
|
*_pos = key_node_serial(n);
|
|
return n;
|
|
}
|
|
|
|
static void proc_keys_stop(struct seq_file *p, void *v)
|
|
__releases(key_serial_lock)
|
|
{
|
|
spin_unlock(&key_serial_lock);
|
|
}
|
|
|
|
static int proc_keys_show(struct seq_file *m, void *v)
|
|
{
|
|
struct rb_node *_p = v;
|
|
struct key *key = rb_entry(_p, struct key, serial_node);
|
|
unsigned long flags;
|
|
key_ref_t key_ref, skey_ref;
|
|
time64_t now, expiry;
|
|
char xbuf[16];
|
|
short state;
|
|
u64 timo;
|
|
int rc;
|
|
|
|
struct keyring_search_context ctx = {
|
|
.index_key = key->index_key,
|
|
.cred = m->file->f_cred,
|
|
.match_data.cmp = lookup_user_key_possessed,
|
|
.match_data.raw_data = key,
|
|
.match_data.lookup_type = KEYRING_SEARCH_LOOKUP_DIRECT,
|
|
.flags = KEYRING_SEARCH_NO_STATE_CHECK,
|
|
};
|
|
|
|
key_ref = make_key_ref(key, 0);
|
|
|
|
/* determine if the key is possessed by this process (a test we can
|
|
* skip if the key does not indicate the possessor can view it
|
|
*/
|
|
if (key->perm & KEY_POS_VIEW) {
|
|
rcu_read_lock();
|
|
skey_ref = search_cred_keyrings_rcu(&ctx);
|
|
rcu_read_unlock();
|
|
if (!IS_ERR(skey_ref)) {
|
|
key_ref_put(skey_ref);
|
|
key_ref = make_key_ref(key, 1);
|
|
}
|
|
}
|
|
|
|
/* check whether the current task is allowed to view the key */
|
|
rc = key_task_permission(key_ref, ctx.cred, KEY_NEED_VIEW);
|
|
if (rc < 0)
|
|
return 0;
|
|
|
|
now = ktime_get_real_seconds();
|
|
|
|
rcu_read_lock();
|
|
|
|
/* come up with a suitable timeout value */
|
|
expiry = READ_ONCE(key->expiry);
|
|
if (expiry == 0) {
|
|
memcpy(xbuf, "perm", 5);
|
|
} else if (now >= expiry) {
|
|
memcpy(xbuf, "expd", 5);
|
|
} else {
|
|
timo = expiry - now;
|
|
|
|
if (timo < 60)
|
|
sprintf(xbuf, "%llus", timo);
|
|
else if (timo < 60*60)
|
|
sprintf(xbuf, "%llum", div_u64(timo, 60));
|
|
else if (timo < 60*60*24)
|
|
sprintf(xbuf, "%lluh", div_u64(timo, 60 * 60));
|
|
else if (timo < 60*60*24*7)
|
|
sprintf(xbuf, "%llud", div_u64(timo, 60 * 60 * 24));
|
|
else
|
|
sprintf(xbuf, "%lluw", div_u64(timo, 60 * 60 * 24 * 7));
|
|
}
|
|
|
|
state = key_read_state(key);
|
|
|
|
#define showflag(FLAGS, LETTER, FLAG) \
|
|
((FLAGS & (1 << FLAG)) ? LETTER : '-')
|
|
|
|
flags = READ_ONCE(key->flags);
|
|
seq_printf(m, "%08x %c%c%c%c%c%c%c %5d %4s %08x %5d %5d %-9.9s ",
|
|
key->serial,
|
|
state != KEY_IS_UNINSTANTIATED ? 'I' : '-',
|
|
showflag(flags, 'R', KEY_FLAG_REVOKED),
|
|
showflag(flags, 'D', KEY_FLAG_DEAD),
|
|
showflag(flags, 'Q', KEY_FLAG_IN_QUOTA),
|
|
showflag(flags, 'U', KEY_FLAG_USER_CONSTRUCT),
|
|
state < 0 ? 'N' : '-',
|
|
showflag(flags, 'i', KEY_FLAG_INVALIDATED),
|
|
refcount_read(&key->usage),
|
|
xbuf,
|
|
key->perm,
|
|
from_kuid_munged(seq_user_ns(m), key->uid),
|
|
from_kgid_munged(seq_user_ns(m), key->gid),
|
|
key->type->name);
|
|
|
|
#undef showflag
|
|
|
|
if (key->type->describe)
|
|
key->type->describe(key, m);
|
|
seq_putc(m, '\n');
|
|
|
|
rcu_read_unlock();
|
|
return 0;
|
|
}
|
|
|
|
static struct rb_node *__key_user_next(struct user_namespace *user_ns, struct rb_node *n)
|
|
{
|
|
while (n) {
|
|
struct key_user *user = rb_entry(n, struct key_user, node);
|
|
if (kuid_has_mapping(user_ns, user->uid))
|
|
break;
|
|
n = rb_next(n);
|
|
}
|
|
return n;
|
|
}
|
|
|
|
static struct rb_node *key_user_next(struct user_namespace *user_ns, struct rb_node *n)
|
|
{
|
|
return __key_user_next(user_ns, rb_next(n));
|
|
}
|
|
|
|
static struct rb_node *key_user_first(struct user_namespace *user_ns, struct rb_root *r)
|
|
{
|
|
struct rb_node *n = rb_first(r);
|
|
return __key_user_next(user_ns, n);
|
|
}
|
|
|
|
static void *proc_key_users_start(struct seq_file *p, loff_t *_pos)
|
|
__acquires(key_user_lock)
|
|
{
|
|
struct rb_node *_p;
|
|
loff_t pos = *_pos;
|
|
|
|
spin_lock(&key_user_lock);
|
|
|
|
_p = key_user_first(seq_user_ns(p), &key_user_tree);
|
|
while (pos > 0 && _p) {
|
|
pos--;
|
|
_p = key_user_next(seq_user_ns(p), _p);
|
|
}
|
|
|
|
return _p;
|
|
}
|
|
|
|
static void *proc_key_users_next(struct seq_file *p, void *v, loff_t *_pos)
|
|
{
|
|
(*_pos)++;
|
|
return key_user_next(seq_user_ns(p), (struct rb_node *)v);
|
|
}
|
|
|
|
static void proc_key_users_stop(struct seq_file *p, void *v)
|
|
__releases(key_user_lock)
|
|
{
|
|
spin_unlock(&key_user_lock);
|
|
}
|
|
|
|
static int proc_key_users_show(struct seq_file *m, void *v)
|
|
{
|
|
struct rb_node *_p = v;
|
|
struct key_user *user = rb_entry(_p, struct key_user, node);
|
|
unsigned maxkeys = uid_eq(user->uid, GLOBAL_ROOT_UID) ?
|
|
key_quota_root_maxkeys : key_quota_maxkeys;
|
|
unsigned maxbytes = uid_eq(user->uid, GLOBAL_ROOT_UID) ?
|
|
key_quota_root_maxbytes : key_quota_maxbytes;
|
|
|
|
seq_printf(m, "%5u: %5d %d/%d %d/%d %d/%d\n",
|
|
from_kuid_munged(seq_user_ns(m), user->uid),
|
|
refcount_read(&user->usage),
|
|
atomic_read(&user->nkeys),
|
|
atomic_read(&user->nikeys),
|
|
user->qnkeys,
|
|
maxkeys,
|
|
user->qnbytes,
|
|
maxbytes);
|
|
|
|
return 0;
|
|
}
|