Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / 76d8aeabfeb1c42641a81c44280177b9a08670d8 / . / security / keys / request_key.c
blob: 1f6c0940297f4aadd2ee384a0daa9cb9ffa3bf05 [file] [log] [blame]
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1/* request_key.c: request a key from userspace
2 *
3 * Copyright (C) 2004 Red Hat, Inc. All Rights Reserved.
4 * Written by David Howells (dhowells@redhat.com)
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 */
11
12#include <linux/module.h>
13#include <linux/sched.h>
14#include <linux/kmod.h>
15#include <linux/err.h>
16#include "internal.h"
17
18struct key_construction {
19 struct list_head link; /* link in construction queue */
20 struct key *key; /* key being constructed */
21};
22
23/* when waiting for someone else's keys, you get added to this */
24DECLARE_WAIT_QUEUE_HEAD(request_key_conswq);
25
26/*****************************************************************************/
27/*
28 * request userspace finish the construction of a key
29 * - execute "/sbin/request-key <op> <key> <uid> <gid> <keyring> <keyring> <keyring> <info>"
30 * - if callout_info is an empty string, it'll be rendered as a "-" instead
31 */
32static int call_request_key(struct key *key,
33 const char *op,
34 const char *callout_info)
35{
36 struct task_struct *tsk = current;
37 unsigned long flags;
38 key_serial_t prkey, sskey;
39 char *argv[10], *envp[3], uid_str[12], gid_str[12];
40 char key_str[12], keyring_str[3][12];
41 int i;
42
43 /* record the UID and GID */
44 sprintf(uid_str, "%d", current->fsuid);
45 sprintf(gid_str, "%d", current->fsgid);
46
47 /* we say which key is under construction */
48 sprintf(key_str, "%d", key->serial);
49
50 /* we specify the process's default keyrings */
51 sprintf(keyring_str[0], "%d",
52 tsk->thread_keyring ? tsk->thread_keyring->serial : 0);
53
54 prkey = 0;
55 if (tsk->signal->process_keyring)
56 prkey = tsk->signal->process_keyring->serial;
57
58 sskey = 0;
59 spin_lock_irqsave(&tsk->sighand->siglock, flags);
60 if (tsk->signal->session_keyring)
61 sskey = tsk->signal->session_keyring->serial;
62 spin_unlock_irqrestore(&tsk->sighand->siglock, flags);
63
64
65 if (!sskey)
66 sskey = tsk->user->session_keyring->serial;
67
68 sprintf(keyring_str[1], "%d", prkey);
69 sprintf(keyring_str[2], "%d", sskey);
70
71 /* set up a minimal environment */
72 i = 0;
73 envp[i++] = "HOME=/";
74 envp[i++] = "PATH=/sbin:/bin:/usr/sbin:/usr/bin";
75 envp[i] = NULL;
76
77 /* set up the argument list */
78 i = 0;
79 argv[i++] = "/sbin/request-key";
80 argv[i++] = (char *) op;
81 argv[i++] = key_str;
82 argv[i++] = uid_str;
83 argv[i++] = gid_str;
84 argv[i++] = keyring_str[0];
85 argv[i++] = keyring_str[1];
86 argv[i++] = keyring_str[2];
87 argv[i++] = callout_info[0] ? (char *) callout_info : "-";
88 argv[i] = NULL;
89
90 /* do it */
91 return call_usermodehelper(argv[0], argv, envp, 1);
92
93} /* end call_request_key() */
94
95/*****************************************************************************/
96/*
97 * call out to userspace for the key
98 * - called with the construction sem held, but the sem is dropped here
99 * - we ignore program failure and go on key status instead
100 */
101static struct key *__request_key_construction(struct key_type *type,
102 const char *description,
103 const char *callout_info)
104{
105 struct key_construction cons;
106 struct timespec now;
107 struct key *key;
David Howells76d8aea2005-06-23 22:00:49 -0700[diff] [blame^]108 int ret, negated;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]109
110 /* create a key and add it to the queue */
111 key = key_alloc(type, description,
112 current->fsuid, current->fsgid, KEY_USR_ALL, 0);
113 if (IS_ERR(key))
114 goto alloc_failed;
115
David Howells76d8aea2005-06-23 22:00:49 -0700[diff] [blame^]116 set_bit(KEY_FLAG_USER_CONSTRUCT, &key->flags);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]117
118 cons.key = key;
119 list_add_tail(&cons.link, &key->user->consq);
120
121 /* we drop the construction sem here on behalf of the caller */
122 up_write(&key_construction_sem);
123
124 /* make the call */
125 ret = call_request_key(key, "create", callout_info);
126 if (ret < 0)
127 goto request_failed;
128
129 /* if the key wasn't instantiated, then we want to give an error */
130 ret = -ENOKEY;
David Howells76d8aea2005-06-23 22:00:49 -0700[diff] [blame^]131 if (!test_bit(KEY_FLAG_INSTANTIATED, &key->flags))
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]132 goto request_failed;
133
134 down_write(&key_construction_sem);
135 list_del(&cons.link);
136 up_write(&key_construction_sem);
137
138 /* also give an error if the key was negatively instantiated */
139 check_not_negative:
David Howells76d8aea2005-06-23 22:00:49 -0700[diff] [blame^]140 if (test_bit(KEY_FLAG_NEGATIVE, &key->flags)) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]141 key_put(key);
142 key = ERR_PTR(-ENOKEY);
143 }
144
145 out:
146 return key;
147
148 request_failed:
149 /* it wasn't instantiated
150 * - remove from construction queue
151 * - mark the key as dead
152 */
David Howells76d8aea2005-06-23 22:00:49 -0700[diff] [blame^]153 negated = 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]154 down_write(&key_construction_sem);
155
156 list_del(&cons.link);
157
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]158 /* check it didn't get instantiated between the check and the down */
David Howells76d8aea2005-06-23 22:00:49 -0700[diff] [blame^]159 if (!test_bit(KEY_FLAG_INSTANTIATED, &key->flags)) {
160 set_bit(KEY_FLAG_NEGATIVE, &key->flags);
161 set_bit(KEY_FLAG_INSTANTIATED, &key->flags);
162 negated = 1;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]163 }
164
David Howells76d8aea2005-06-23 22:00:49 -0700[diff] [blame^]165 clear_bit(KEY_FLAG_USER_CONSTRUCT, &key->flags);
166
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]167 up_write(&key_construction_sem);
168
David Howells76d8aea2005-06-23 22:00:49 -0700[diff] [blame^]169 if (!negated)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]170 goto check_not_negative; /* surprisingly, the key got
171 * instantiated */
172
173 /* set the timeout and store in the session keyring if we can */
174 now = current_kernel_time();
175 key->expiry = now.tv_sec + key_negative_timeout;
176
177 if (current->signal->session_keyring) {
178 unsigned long flags;
179 struct key *keyring;
180
181 spin_lock_irqsave(&current->sighand->siglock, flags);
182 keyring = current->signal->session_keyring;
183 atomic_inc(&keyring->usage);
184 spin_unlock_irqrestore(&current->sighand->siglock, flags);
185
186 key_link(keyring, key);
187 key_put(keyring);
188 }
189
190 key_put(key);
191
192 /* notify anyone who was waiting */
193 wake_up_all(&request_key_conswq);
194
195 key = ERR_PTR(ret);
196 goto out;
197
198 alloc_failed:
199 up_write(&key_construction_sem);
200 goto out;
201
202} /* end __request_key_construction() */
203
204/*****************************************************************************/
205/*
206 * call out to userspace to request the key
207 * - we check the construction queue first to see if an appropriate key is
208 * already being constructed by userspace
209 */
210static struct key *request_key_construction(struct key_type *type,
211 const char *description,
212 struct key_user *user,
213 const char *callout_info)
214{
215 struct key_construction *pcons;
216 struct key *key, *ckey;
217
218 DECLARE_WAITQUEUE(myself, current);
219
220 /* see if there's such a key under construction already */
221 down_write(&key_construction_sem);
222
223 list_for_each_entry(pcons, &user->consq, link) {
224 ckey = pcons->key;
225
226 if (ckey->type != type)
227 continue;
228
229 if (type->match(ckey, description))
230 goto found_key_under_construction;
231 }
232
233 /* see about getting userspace to construct the key */
234 key = __request_key_construction(type, description, callout_info);
235 error:
236 return key;
237
238 /* someone else has the same key under construction
239 * - we want to keep an eye on their key
240 */
241 found_key_under_construction:
242 atomic_inc(&ckey->usage);
243 up_write(&key_construction_sem);
244
245 /* wait for the key to be completed one way or another */
246 add_wait_queue(&request_key_conswq, &myself);
247
248 for (;;) {
249 set_current_state(TASK_UNINTERRUPTIBLE);
David Howells76d8aea2005-06-23 22:00:49 -0700[diff] [blame^]250 if (!test_bit(KEY_FLAG_USER_CONSTRUCT, &ckey->flags))
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]251 break;
252 schedule();
253 }
254
255 set_current_state(TASK_RUNNING);
256 remove_wait_queue(&request_key_conswq, &myself);
257
258 /* we'll need to search this process's keyrings to see if the key is
259 * now there since we can't automatically assume it's also available
260 * there */
261 key_put(ckey);
262 ckey = NULL;
263
264 key = NULL; /* request a retry */
265 goto error;
266
267} /* end request_key_construction() */
268
269/*****************************************************************************/
270/*
271 * request a key
272 * - search the process's keyrings
273 * - check the list of keys being created or updated
274 * - call out to userspace for a key if requested (supplementary info can be
275 * passed)
276 */
277struct key *request_key(struct key_type *type,
278 const char *description,
279 const char *callout_info)
280{
281 struct key_user *user;
282 struct key *key;
283
284 /* search all the process keyrings for a key */
285 key = search_process_keyrings_aux(type, description, type->match);
286
287 if (PTR_ERR(key) == -EAGAIN) {
288 /* the search failed, but the keyrings were searchable, so we
289 * should consult userspace if we can */
290 key = ERR_PTR(-ENOKEY);
291 if (!callout_info)
292 goto error;
293
294 /* - get hold of the user's construction queue */
295 user = key_user_lookup(current->fsuid);
296 if (!user) {
297 key = ERR_PTR(-ENOMEM);
298 goto error;
299 }
300
301 for (;;) {
302 /* ask userspace (returns NULL if it waited on a key
303 * being constructed) */
304 key = request_key_construction(type, description,
305 user, callout_info);
306 if (key)
307 break;
308
309 /* someone else made the key we want, so we need to
310 * search again as it might now be available to us */
311 key = search_process_keyrings_aux(type, description,
312 type->match);
313 if (PTR_ERR(key) != -EAGAIN)
314 break;
315 }
316
317 key_user_put(user);
318 }
319
320 error:
321 return key;
322
323} /* end request_key() */
324
325EXPORT_SYMBOL(request_key);
326
327/*****************************************************************************/
328/*
329 * validate a key
330 */
331int key_validate(struct key *key)
332{
333 struct timespec now;
334 int ret = 0;
335
336 if (key) {
337 /* check it's still accessible */
338 ret = -EKEYREVOKED;
David Howells76d8aea2005-06-23 22:00:49 -0700[diff] [blame^]339 if (test_bit(KEY_FLAG_REVOKED, &key->flags) ||
340 test_bit(KEY_FLAG_DEAD, &key->flags))
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]341 goto error;
342
343 /* check it hasn't expired */
344 ret = 0;
345 if (key->expiry) {
346 now = current_kernel_time();
347 if (now.tv_sec >= key->expiry)
348 ret = -EKEYEXPIRED;
349 }
350 }
351
352 error:
353 return ret;
354
355} /* end key_validate() */
356
357EXPORT_SYMBOL(key_validate);