David Howells | 468ed2b | 2005-10-07 15:07:38 +0100 | [diff] [blame] | 1 | /* permission.c: key permission determination |
| 2 | * |
| 3 | * Copyright (C) 2005 Red Hat, Inc. All Rights Reserved. |
| 4 | * Written by David Howells (dhowells@redhat.com) |
| 5 | * |
| 6 | * This program is free software; you can redistribute it and/or |
| 7 | * modify it under the terms of the GNU General Public License |
| 8 | * as published by the Free Software Foundation; either version |
| 9 | * 2 of the License, or (at your option) any later version. |
| 10 | */ |
| 11 | |
| 12 | #include <linux/module.h> |
David Howells | 29db919 | 2005-10-30 15:02:44 -0800 | [diff] [blame] | 13 | #include <linux/security.h> |
David Howells | 468ed2b | 2005-10-07 15:07:38 +0100 | [diff] [blame] | 14 | #include "internal.h" |
| 15 | |
| 16 | /*****************************************************************************/ |
David Howells | d84f4f9 | 2008-11-14 10:39:23 +1100 | [diff] [blame] | 17 | /** |
| 18 | * key_task_permission - Check a key can be used |
| 19 | * @key_ref: The key to check |
| 20 | * @cred: The credentials to use |
| 21 | * @perm: The permissions to check for |
| 22 | * |
| 23 | * Check to see whether permission is granted to use a key in the desired way, |
| 24 | * but permit the security modules to override. |
| 25 | * |
| 26 | * The caller must hold either a ref on cred or must hold the RCU readlock or a |
| 27 | * spinlock. |
David Howells | 468ed2b | 2005-10-07 15:07:38 +0100 | [diff] [blame] | 28 | */ |
David Howells | d84f4f9 | 2008-11-14 10:39:23 +1100 | [diff] [blame] | 29 | int key_task_permission(const key_ref_t key_ref, const struct cred *cred, |
David Howells | 468ed2b | 2005-10-07 15:07:38 +0100 | [diff] [blame] | 30 | key_perm_t perm) |
| 31 | { |
| 32 | struct key *key; |
| 33 | key_perm_t kperm; |
| 34 | int ret; |
| 35 | |
| 36 | key = key_ref_to_ptr(key_ref); |
| 37 | |
Serge E. Hallyn | 8ff3bc3 | 2009-02-26 18:27:47 -0600 | [diff] [blame] | 38 | if (key->user->user_ns != cred->user->user_ns) |
| 39 | goto use_other_perms; |
| 40 | |
David Howells | 468ed2b | 2005-10-07 15:07:38 +0100 | [diff] [blame] | 41 | /* use the second 8-bits of permissions for keys the caller owns */ |
David Howells | b6dff3e | 2008-11-14 10:39:16 +1100 | [diff] [blame] | 42 | if (key->uid == cred->fsuid) { |
David Howells | 468ed2b | 2005-10-07 15:07:38 +0100 | [diff] [blame] | 43 | kperm = key->perm >> 16; |
| 44 | goto use_these_perms; |
| 45 | } |
| 46 | |
| 47 | /* use the third 8-bits of permissions for keys the caller has a group |
| 48 | * membership in common with */ |
| 49 | if (key->gid != -1 && key->perm & KEY_GRP_ALL) { |
David Howells | b6dff3e | 2008-11-14 10:39:16 +1100 | [diff] [blame] | 50 | if (key->gid == cred->fsgid) { |
David Howells | 468ed2b | 2005-10-07 15:07:38 +0100 | [diff] [blame] | 51 | kperm = key->perm >> 8; |
| 52 | goto use_these_perms; |
| 53 | } |
| 54 | |
David Howells | b6dff3e | 2008-11-14 10:39:16 +1100 | [diff] [blame] | 55 | ret = groups_search(cred->group_info, key->gid); |
David Howells | 468ed2b | 2005-10-07 15:07:38 +0100 | [diff] [blame] | 56 | if (ret) { |
| 57 | kperm = key->perm >> 8; |
| 58 | goto use_these_perms; |
| 59 | } |
| 60 | } |
| 61 | |
Serge E. Hallyn | 8ff3bc3 | 2009-02-26 18:27:47 -0600 | [diff] [blame] | 62 | use_other_perms: |
| 63 | |
David Howells | 468ed2b | 2005-10-07 15:07:38 +0100 | [diff] [blame] | 64 | /* otherwise use the least-significant 8-bits */ |
| 65 | kperm = key->perm; |
| 66 | |
| 67 | use_these_perms: |
David Howells | c69e8d9 | 2008-11-14 10:39:19 +1100 | [diff] [blame] | 68 | |
David Howells | 7ab501d | 2005-10-07 16:41:24 +0100 | [diff] [blame] | 69 | /* use the top 8-bits of permissions for keys the caller possesses |
| 70 | * - possessor permissions are additive with other permissions |
| 71 | */ |
| 72 | if (is_key_possessed(key_ref)) |
| 73 | kperm |= key->perm >> 24; |
| 74 | |
David Howells | 468ed2b | 2005-10-07 15:07:38 +0100 | [diff] [blame] | 75 | kperm = kperm & perm & KEY_ALL; |
| 76 | |
David Howells | 29db919 | 2005-10-30 15:02:44 -0800 | [diff] [blame] | 77 | if (kperm != perm) |
| 78 | return -EACCES; |
| 79 | |
| 80 | /* let LSM be the final arbiter */ |
David Howells | d84f4f9 | 2008-11-14 10:39:23 +1100 | [diff] [blame] | 81 | return security_key_permission(key_ref, cred, perm); |
David Howells | 468ed2b | 2005-10-07 15:07:38 +0100 | [diff] [blame] | 82 | |
| 83 | } /* end key_task_permission() */ |
| 84 | |
| 85 | EXPORT_SYMBOL(key_task_permission); |
David Howells | b5f545c | 2006-01-08 01:02:47 -0800 | [diff] [blame] | 86 | |
| 87 | /*****************************************************************************/ |
| 88 | /* |
| 89 | * validate a key |
| 90 | */ |
| 91 | int key_validate(struct key *key) |
| 92 | { |
| 93 | struct timespec now; |
| 94 | int ret = 0; |
| 95 | |
| 96 | if (key) { |
| 97 | /* check it's still accessible */ |
| 98 | ret = -EKEYREVOKED; |
| 99 | if (test_bit(KEY_FLAG_REVOKED, &key->flags) || |
| 100 | test_bit(KEY_FLAG_DEAD, &key->flags)) |
| 101 | goto error; |
| 102 | |
| 103 | /* check it hasn't expired */ |
| 104 | ret = 0; |
| 105 | if (key->expiry) { |
| 106 | now = current_kernel_time(); |
| 107 | if (now.tv_sec >= key->expiry) |
| 108 | ret = -EKEYEXPIRED; |
| 109 | } |
| 110 | } |
| 111 | |
| 112 | error: |
| 113 | return ret; |
| 114 | |
| 115 | } /* end key_validate() */ |
| 116 | |
| 117 | EXPORT_SYMBOL(key_validate); |