Blame - security/keys/request_key_auth.c - kernel/msm

blob: 86747151ee5b680ea1591bfb00aed4475e104f5f [file] [log] [blame]

David Howells	3e30148	2005-06-23 22:00:56 -0700	[diff] [blame]	1	/* request_key_auth.c: request key authorisation controlling key def
				2	*
				3	* Copyright (C) 2005 Red Hat, Inc. All Rights Reserved.
				4	* Written by David Howells (dhowells@redhat.com)
				5	*
				6	* This program is free software; you can redistribute it and/or
				7	* modify it under the terms of the GNU General Public License
				8	* as published by the Free Software Foundation; either version
				9	* 2 of the License, or (at your option) any later version.
David Howells	f1a9bad	2005-10-07 15:04:52 +0100	[diff] [blame]	10	*
				11	* See Documentation/keys-request-key.txt
David Howells	3e30148	2005-06-23 22:00:56 -0700	[diff] [blame]	12	*/
				13
				14	#include <linux/module.h>
				15	#include <linux/sched.h>
				16	#include <linux/err.h>
				17	#include <linux/seq_file.h>
Robert P. J. Day	fdb89bc	2008-04-29 01:01:32 -0700	[diff] [blame]	18	#include <linux/slab.h>
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	19	#include <asm/uaccess.h>
David Howells	3e30148	2005-06-23 22:00:56 -0700	[diff] [blame]	20	#include "internal.h"
				21
				22	static int request_key_auth_instantiate(struct key , const void , size_t);
				23	static void request_key_auth_describe(const struct key , struct seq_file );
David Howells	04c567d	2006-06-22 14:47:18 -0700	[diff] [blame]	24	static void request_key_auth_revoke(struct key *);
David Howells	3e30148	2005-06-23 22:00:56 -0700	[diff] [blame]	25	static void request_key_auth_destroy(struct key *);
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	26	static long request_key_auth_read(const struct key , char __user , size_t);
David Howells	3e30148	2005-06-23 22:00:56 -0700	[diff] [blame]	27
				28	/*
				29	* the request-key authorisation key type definition
				30	*/
				31	struct key_type key_type_request_key_auth = {
				32	.name = ".request_key_auth",
				33	.def_datalen = sizeof(struct request_key_auth),
				34	.instantiate = request_key_auth_instantiate,
				35	.describe = request_key_auth_describe,
David Howells	04c567d	2006-06-22 14:47:18 -0700	[diff] [blame]	36	.revoke = request_key_auth_revoke,
David Howells	3e30148	2005-06-23 22:00:56 -0700	[diff] [blame]	37	.destroy = request_key_auth_destroy,
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	38	.read = request_key_auth_read,
David Howells	3e30148	2005-06-23 22:00:56 -0700	[diff] [blame]	39	};
				40
				41	/*****************************************************************************/
				42	/*
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	43	* instantiate a request-key authorisation key
David Howells	3e30148	2005-06-23 22:00:56 -0700	[diff] [blame]	44	*/
				45	static int request_key_auth_instantiate(struct key *key,
				46	const void *data,
				47	size_t datalen)
				48	{
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	49	key->payload.data = (struct request_key_auth *) data;
				50	return 0;
David Howells	3e30148	2005-06-23 22:00:56 -0700	[diff] [blame]	51
				52	} /* end request_key_auth_instantiate() */
				53
				54	/*****************************************************************************/
				55	/*
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	56	* reading a request-key authorisation key retrieves the callout information
David Howells	3e30148	2005-06-23 22:00:56 -0700	[diff] [blame]	57	*/
				58	static void request_key_auth_describe(const struct key *key,
				59	struct seq_file *m)
				60	{
				61	struct request_key_auth *rka = key->payload.data;
				62
				63	seq_puts(m, "key:");
				64	seq_puts(m, key->description);
David Howells	4a38e12	2008-04-29 01:01:24 -0700	[diff] [blame]	65	seq_printf(m, " pid:%d ci:%zu", rka->pid, rka->callout_len);
David Howells	3e30148	2005-06-23 22:00:56 -0700	[diff] [blame]	66
				67	} /* end request_key_auth_describe() */
				68
				69	/*****************************************************************************/
				70	/*
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	71	* read the callout_info data
				72	* - the key's semaphore is read-locked
				73	*/
				74	static long request_key_auth_read(const struct key *key,
				75	char __user *buffer, size_t buflen)
				76	{
				77	struct request_key_auth *rka = key->payload.data;
				78	size_t datalen;
				79	long ret;
				80
David Howells	4a38e12	2008-04-29 01:01:24 -0700	[diff] [blame]	81	datalen = rka->callout_len;
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	82	ret = datalen;
				83
				84	/* we can return the data as is */
				85	if (buffer && buflen > 0) {
				86	if (buflen > datalen)
				87	buflen = datalen;
				88
				89	if (copy_to_user(buffer, rka->callout_info, buflen) != 0)
				90	ret = -EFAULT;
				91	}
				92
				93	return ret;
				94
				95	} /* end request_key_auth_read() */
				96
				97	/*****************************************************************************/
				98	/*
David Howells	04c567d	2006-06-22 14:47:18 -0700	[diff] [blame]	99	* handle revocation of an authorisation token key
				100	* - called with the key sem write-locked
				101	*/
				102	static void request_key_auth_revoke(struct key *key)
				103	{
				104	struct request_key_auth *rka = key->payload.data;
				105
				106	kenter("{%d}", key->serial);
				107
David Howells	d84f4f9	2008-11-14 10:39:23 +1100	[diff] [blame]	108	if (rka->cred) {
				109	put_cred(rka->cred);
				110	rka->cred = NULL;
David Howells	04c567d	2006-06-22 14:47:18 -0700	[diff] [blame]	111	}
				112
				113	} /* end request_key_auth_revoke() */
				114
				115	/*****************************************************************************/
				116	/*
David Howells	3e30148	2005-06-23 22:00:56 -0700	[diff] [blame]	117	* destroy an instantiation authorisation token key
				118	*/
				119	static void request_key_auth_destroy(struct key *key)
				120	{
				121	struct request_key_auth *rka = key->payload.data;
				122
				123	kenter("{%d}", key->serial);
				124
David Howells	d84f4f9	2008-11-14 10:39:23 +1100	[diff] [blame]	125	if (rka->cred) {
				126	put_cred(rka->cred);
				127	rka->cred = NULL;
David Howells	04c567d	2006-06-22 14:47:18 -0700	[diff] [blame]	128	}
				129
David Howells	3e30148	2005-06-23 22:00:56 -0700	[diff] [blame]	130	key_put(rka->target_key);
David Howells	8bbf4976	2008-11-14 10:39:14 +1100	[diff] [blame]	131	key_put(rka->dest_keyring);
David Howells	76181c1	2007-10-16 23:29:46 -0700	[diff] [blame]	132	kfree(rka->callout_info);
David Howells	74fd92c	2005-10-07 15:01:09 +0100	[diff] [blame]	133	kfree(rka);
David Howells	3e30148	2005-06-23 22:00:56 -0700	[diff] [blame]	134
				135	} /* end request_key_auth_destroy() */
				136
				137	/*****************************************************************************/
				138	/*
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	139	* create an authorisation token for /sbin/request-key or whoever to gain
				140	* access to the caller's security data
David Howells	3e30148	2005-06-23 22:00:56 -0700	[diff] [blame]	141	*/
David Howells	4a38e12	2008-04-29 01:01:24 -0700	[diff] [blame]	142	struct key request_key_auth_new(struct key target, const void *callout_info,
David Howells	8bbf4976	2008-11-14 10:39:14 +1100	[diff] [blame]	143	size_t callout_len, struct key *dest_keyring)
David Howells	3e30148	2005-06-23 22:00:56 -0700	[diff] [blame]	144	{
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	145	struct request_key_auth rka, irka;
David Howells	d84f4f9	2008-11-14 10:39:23 +1100	[diff] [blame]	146	const struct cred *cred = current->cred;
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	147	struct key *authkey = NULL;
David Howells	3e30148	2005-06-23 22:00:56 -0700	[diff] [blame]	148	char desc[20];
				149	int ret;
				150
				151	kenter("%d,", target->serial);
				152
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	153	/* allocate a auth record */
				154	rka = kmalloc(sizeof(*rka), GFP_KERNEL);
				155	if (!rka) {
				156	kleave(" = -ENOMEM");
				157	return ERR_PTR(-ENOMEM);
David Howells	3e30148	2005-06-23 22:00:56 -0700	[diff] [blame]	158	}
David Howells	4a38e12	2008-04-29 01:01:24 -0700	[diff] [blame]	159	rka->callout_info = kmalloc(callout_len, GFP_KERNEL);
David Howells	76181c1	2007-10-16 23:29:46 -0700	[diff] [blame]	160	if (!rka->callout_info) {
				161	kleave(" = -ENOMEM");
				162	kfree(rka);
				163	return ERR_PTR(-ENOMEM);
				164	}
David Howells	3e30148	2005-06-23 22:00:56 -0700	[diff] [blame]	165
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	166	/* see if the calling process is already servicing the key request of
				167	* another process */
David Howells	d84f4f9	2008-11-14 10:39:23 +1100	[diff] [blame]	168	if (cred->request_key_auth) {
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	169	/* it is - use that instantiation context here too */
David Howells	d84f4f9	2008-11-14 10:39:23 +1100	[diff] [blame]	170	down_read(&cred->request_key_auth->sem);
David Howells	04c567d	2006-06-22 14:47:18 -0700	[diff] [blame]	171
				172	/* if the auth key has been revoked, then the key we're
				173	* servicing is already instantiated */
David Howells	d84f4f9	2008-11-14 10:39:23 +1100	[diff] [blame]	174	if (test_bit(KEY_FLAG_REVOKED, &cred->request_key_auth->flags))
David Howells	04c567d	2006-06-22 14:47:18 -0700	[diff] [blame]	175	goto auth_key_revoked;
				176
David Howells	d84f4f9	2008-11-14 10:39:23 +1100	[diff] [blame]	177	irka = cred->request_key_auth->payload.data;
				178	rka->cred = get_cred(irka->cred);
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	179	rka->pid = irka->pid;
David Howells	04c567d	2006-06-22 14:47:18 -0700	[diff] [blame]	180
David Howells	d84f4f9	2008-11-14 10:39:23 +1100	[diff] [blame]	181	up_read(&cred->request_key_auth->sem);
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	182	}
				183	else {
				184	/* it isn't - use this process as the context */
David Howells	d84f4f9	2008-11-14 10:39:23 +1100	[diff] [blame]	185	rka->cred = get_cred(cred);
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	186	rka->pid = current->pid;
				187	}
				188
				189	rka->target_key = key_get(target);
David Howells	8bbf4976	2008-11-14 10:39:14 +1100	[diff] [blame]	190	rka->dest_keyring = key_get(dest_keyring);
David Howells	4a38e12	2008-04-29 01:01:24 -0700	[diff] [blame]	191	memcpy(rka->callout_info, callout_info, callout_len);
				192	rka->callout_len = callout_len;
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	193
David Howells	3e30148	2005-06-23 22:00:56 -0700	[diff] [blame]	194	/* allocate the auth key */
				195	sprintf(desc, "%x", target->serial);
				196
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	197	authkey = key_alloc(&key_type_request_key_auth, desc,
David Howells	d84f4f9	2008-11-14 10:39:23 +1100	[diff] [blame]	198	cred->fsuid, cred->fsgid, cred,
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	199	KEY_POS_VIEW \| KEY_POS_READ \| KEY_POS_SEARCH \|
David Howells	7e047ef	2006-06-26 00:24:50 -0700	[diff] [blame]	200	KEY_USR_VIEW, KEY_ALLOC_NOT_IN_QUOTA);
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	201	if (IS_ERR(authkey)) {
				202	ret = PTR_ERR(authkey);
				203	goto error_alloc;
David Howells	3e30148	2005-06-23 22:00:56 -0700	[diff] [blame]	204	}
				205
David Howells	d84f4f9	2008-11-14 10:39:23 +1100	[diff] [blame]	206	/* construct the auth key */
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	207	ret = key_instantiate_and_link(authkey, rka, 0, NULL, NULL);
				208	if (ret < 0)
				209	goto error_inst;
David Howells	3e30148	2005-06-23 22:00:56 -0700	[diff] [blame]	210
David Howells	d84f4f9	2008-11-14 10:39:23 +1100	[diff] [blame]	211	kleave(" = {%d,%d}", authkey->serial, atomic_read(&authkey->usage));
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	212	return authkey;
				213
David Howells	04c567d	2006-06-22 14:47:18 -0700	[diff] [blame]	214	auth_key_revoked:
David Howells	d84f4f9	2008-11-14 10:39:23 +1100	[diff] [blame]	215	up_read(&cred->request_key_auth->sem);
David Howells	76181c1	2007-10-16 23:29:46 -0700	[diff] [blame]	216	kfree(rka->callout_info);
David Howells	04c567d	2006-06-22 14:47:18 -0700	[diff] [blame]	217	kfree(rka);
				218	kleave("= -EKEYREVOKED");
				219	return ERR_PTR(-EKEYREVOKED);
				220
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	221	error_inst:
				222	key_revoke(authkey);
				223	key_put(authkey);
				224	error_alloc:
				225	key_put(rka->target_key);
David Howells	8bbf4976	2008-11-14 10:39:14 +1100	[diff] [blame]	226	key_put(rka->dest_keyring);
David Howells	76181c1	2007-10-16 23:29:46 -0700	[diff] [blame]	227	kfree(rka->callout_info);
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	228	kfree(rka);
				229	kleave("= %d", ret);
				230	return ERR_PTR(ret);
David Howells	3e30148	2005-06-23 22:00:56 -0700	[diff] [blame]	231
				232	} /* end request_key_auth_new() */
				233
				234	/*****************************************************************************/
				235	/*
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	236	* see if an authorisation key is associated with a particular key
				237	*/
				238	static int key_get_instantiation_authkey_match(const struct key *key,
				239	const void *_id)
				240	{
				241	struct request_key_auth *rka = key->payload.data;
				242	key_serial_t id = (key_serial_t)(unsigned long) _id;
				243
				244	return rka->target_key->serial == id;
				245
				246	} /* end key_get_instantiation_authkey_match() */
				247
				248	/*****************************************************************************/
				249	/*
David Howells	3e30148	2005-06-23 22:00:56 -0700	[diff] [blame]	250	* get the authorisation key for instantiation of a specific key if attached to
				251	* the current process's keyrings
				252	* - this key is inserted into a keyring and that is set as /sbin/request-key's
				253	* session keyring
				254	* - a target_id of zero specifies any valid token
				255	*/
				256	struct key *key_get_instantiation_authkey(key_serial_t target_id)
				257	{
David Howells	d84f4f9	2008-11-14 10:39:23 +1100	[diff] [blame]	258	const struct cred *cred = current_cred();
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	259	struct key *authkey;
				260	key_ref_t authkey_ref;
David Howells	3e30148	2005-06-23 22:00:56 -0700	[diff] [blame]	261
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	262	authkey_ref = search_process_keyrings(
				263	&key_type_request_key_auth,
				264	(void *) (unsigned long) target_id,
				265	key_get_instantiation_authkey_match,
David Howells	d84f4f9	2008-11-14 10:39:23 +1100	[diff] [blame]	266	cred);
David Howells	3e30148	2005-06-23 22:00:56 -0700	[diff] [blame]	267
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	268	if (IS_ERR(authkey_ref)) {
David Howells	e231c2e	2008-02-07 00:15:26 -0800	[diff] [blame]	269	authkey = ERR_CAST(authkey_ref);
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	270	goto error;
				271	}
David Howells	3e30148	2005-06-23 22:00:56 -0700	[diff] [blame]	272
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	273	authkey = key_ref_to_ptr(authkey_ref);
				274	if (test_bit(KEY_FLAG_REVOKED, &authkey->flags)) {
				275	key_put(authkey);
				276	authkey = ERR_PTR(-EKEYREVOKED);
				277	}
David Howells	3e30148	2005-06-23 22:00:56 -0700	[diff] [blame]	278
David Howells	b5f545c	2006-01-08 01:02:47 -0800	[diff] [blame]	279	error:
				280	return authkey;
David Howells	3e30148	2005-06-23 22:00:56 -0700	[diff] [blame]	281
				282	} /* end key_get_instantiation_authkey() */