search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Linux v2.6.17-rc2
[linux-2.6/linux-acpi-2.6/ibm-acpi-2.6.git] / security / keys / request_key.c
blobf030a0ccbb93f9f70f95cc44833dd48dd6b7e469
1 /* request_key.c: request a key from userspace
2 *
3 * Copyright (C) 2004-5 Red Hat, Inc. All Rights Reserved.
4 * Written by David Howells (dhowells@redhat.com)
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 *
11 * See Documentation/keys-request-key.txt
12 */
13
14 #include <linux/module.h>
15 #include <linux/sched.h>
16 #include <linux/kmod.h>
17 #include <linux/err.h>
18 #include <linux/keyctl.h>
19 #include "internal.h"
20
21 struct key_construction {
22 struct list_head link; /* link in construction queue */
23 struct key *key; /* key being constructed */
24 };
25
26 /* when waiting for someone else's keys, you get added to this */
27 DECLARE_WAIT_QUEUE_HEAD(request_key_conswq);
28
29 /*****************************************************************************/
30 /*
31 * request userspace finish the construction of a key
32 * - execute "/sbin/request-key <op> <key> <uid> <gid> <keyring> <keyring> <keyring>"
33 */
34 static int call_sbin_request_key(struct key *key,
35 struct key *authkey,
36 const char *op)
37 {
38 struct task_struct *tsk = current;
39 key_serial_t prkey, sskey;
40 struct key *keyring;
41 char *argv[9], *envp[3], uid_str[12], gid_str[12];
42 char key_str[12], keyring_str[3][12];
43 char desc[20];
44 int ret, i;
45
46 kenter("{%d},{%d},%s", key->serial, authkey->serial, op);
47
48 /* allocate a new session keyring */
49 sprintf(desc, "_req.%u", key->serial);
50
51 keyring = keyring_alloc(desc, current->fsuid, current->fsgid, 1, NULL);
52 if (IS_ERR(keyring)) {
53 ret = PTR_ERR(keyring);
54 goto error_alloc;
55 }
56
57 /* attach the auth key to the session keyring */
58 ret = __key_link(keyring, authkey);
59 if (ret < 0)
60 goto error_link;
61
62 /* record the UID and GID */
63 sprintf(uid_str, "%d", current->fsuid);
64 sprintf(gid_str, "%d", current->fsgid);
65
66 /* we say which key is under construction */
67 sprintf(key_str, "%d", key->serial);
68
69 /* we specify the process's default keyrings */
70 sprintf(keyring_str[0], "%d",
71 tsk->thread_keyring ? tsk->thread_keyring->serial : 0);
72
73 prkey = 0;
74 if (tsk->signal->process_keyring)
75 prkey = tsk->signal->process_keyring->serial;
76
77 sprintf(keyring_str[1], "%d", prkey);
78
79 if (tsk->signal->session_keyring) {
80 rcu_read_lock();
81 sskey = rcu_dereference(tsk->signal->session_keyring)->serial;
82 rcu_read_unlock();
83 }
84 else {
85 sskey = tsk->user->session_keyring->serial;
86 }
87
88 sprintf(keyring_str[2], "%d", sskey);
89
90 /* set up a minimal environment */
91 i = 0;
92 envp[i++] = "HOME=/";
93 envp[i++] = "PATH=/sbin:/bin:/usr/sbin:/usr/bin";
94 envp[i] = NULL;
95
96 /* set up the argument list */
97 i = 0;
98 argv[i++] = "/sbin/request-key";
99 argv[i++] = (char *) op;
100 argv[i++] = key_str;
101 argv[i++] = uid_str;
102 argv[i++] = gid_str;
103 argv[i++] = keyring_str[0];
104 argv[i++] = keyring_str[1];
105 argv[i++] = keyring_str[2];
106 argv[i] = NULL;
107
108 /* do it */
109 ret = call_usermodehelper_keys(argv[0], argv, envp, keyring, 1);
110
111 error_link:
112 key_put(keyring);
113
114 error_alloc:
115 kleave(" = %d", ret);
116 return ret;
117
118 } /* end call_sbin_request_key() */
119
120 /*****************************************************************************/
121 /*
122 * call out to userspace for the key
123 * - called with the construction sem held, but the sem is dropped here
124 * - we ignore program failure and go on key status instead
125 */
126 static struct key *__request_key_construction(struct key_type *type,
127 const char *description,
128 const char *callout_info)
129 {
130 request_key_actor_t actor;
131 struct key_construction cons;
132 struct timespec now;
133 struct key *key, *authkey;
134 int ret, negated;
135
136 kenter("%s,%s,%s", type->name, description, callout_info);
137
138 /* create a key and add it to the queue */
139 key = key_alloc(type, description,
140 current->fsuid, current->fsgid, KEY_POS_ALL, 0);
141 if (IS_ERR(key))
142 goto alloc_failed;
143
144 set_bit(KEY_FLAG_USER_CONSTRUCT, &key->flags);
145
146 cons.key = key;
147 list_add_tail(&cons.link, &key->user->consq);
148
149 /* we drop the construction sem here on behalf of the caller */
150 up_write(&key_construction_sem);
151
152 /* allocate an authorisation key */
153 authkey = request_key_auth_new(key, callout_info);
154 if (IS_ERR(authkey)) {
155 ret = PTR_ERR(authkey);
156 authkey = NULL;
157 goto alloc_authkey_failed;
158 }
159
160 /* make the call */
161 actor = call_sbin_request_key;
162 if (type->request_key)
163 actor = type->request_key;
164 ret = actor(key, authkey, "create");
165 if (ret < 0)
166 goto request_failed;
167
168 /* if the key wasn't instantiated, then we want to give an error */
169 ret = -ENOKEY;
170 if (!test_bit(KEY_FLAG_INSTANTIATED, &key->flags))
171 goto request_failed;
172
173 key_revoke(authkey);
174 key_put(authkey);
175
176 down_write(&key_construction_sem);
177 list_del(&cons.link);
178 up_write(&key_construction_sem);
179
180 /* also give an error if the key was negatively instantiated */
181 check_not_negative:
182 if (test_bit(KEY_FLAG_NEGATIVE, &key->flags)) {
183 key_put(key);
184 key = ERR_PTR(-ENOKEY);
185 }
186
187 out:
188 kleave(" = %p", key);
189 return key;
190
191 request_failed:
192 key_revoke(authkey);
193 key_put(authkey);
194
195 alloc_authkey_failed:
196 /* it wasn't instantiated
197 * - remove from construction queue
198 * - mark the key as dead
199 */
200 negated = 0;
201 down_write(&key_construction_sem);
202
203 list_del(&cons.link);
204
205 /* check it didn't get instantiated between the check and the down */
206 if (!test_bit(KEY_FLAG_INSTANTIATED, &key->flags)) {
207 set_bit(KEY_FLAG_NEGATIVE, &key->flags);
208 set_bit(KEY_FLAG_INSTANTIATED, &key->flags);
209 negated = 1;
210 }
211
212 clear_bit(KEY_FLAG_USER_CONSTRUCT, &key->flags);
213
214 up_write(&key_construction_sem);
215
216 if (!negated)
217 goto check_not_negative; /* surprisingly, the key got
218 * instantiated */
219
220 /* set the timeout and store in the session keyring if we can */
221 now = current_kernel_time();
222 key->expiry = now.tv_sec + key_negative_timeout;
223
224 if (current->signal->session_keyring) {
225 struct key *keyring;
226
227 rcu_read_lock();
228 keyring = rcu_dereference(current->signal->session_keyring);
229 atomic_inc(&keyring->usage);
230 rcu_read_unlock();
231
232 key_link(keyring, key);
233 key_put(keyring);
234 }
235
236 key_put(key);
237
238 /* notify anyone who was waiting */
239 wake_up_all(&request_key_conswq);
240
241 key = ERR_PTR(ret);
242 goto out;
243
244 alloc_failed:
245 up_write(&key_construction_sem);
246 goto out;
247
248 } /* end __request_key_construction() */
249
250 /*****************************************************************************/
251 /*
252 * call out to userspace to request the key
253 * - we check the construction queue first to see if an appropriate key is
254 * already being constructed by userspace
255 */
256 static struct key *request_key_construction(struct key_type *type,
257 const char *description,
258 struct key_user *user,
259 const char *callout_info)
260 {
261 struct key_construction *pcons;
262 struct key *key, *ckey;
263
264 DECLARE_WAITQUEUE(myself, current);
265
266 kenter("%s,%s,{%d},%s",
267 type->name, description, user->uid, callout_info);
268
269 /* see if there's such a key under construction already */
270 down_write(&key_construction_sem);
271
272 list_for_each_entry(pcons, &user->consq, link) {
273 ckey = pcons->key;
274
275 if (ckey->type != type)
276 continue;
277
278 if (type->match(ckey, description))
279 goto found_key_under_construction;
280 }
281
282 /* see about getting userspace to construct the key */
283 key = __request_key_construction(type, description, callout_info);
284 error:
285 kleave(" = %p", key);
286 return key;
287
288 /* someone else has the same key under construction
289 * - we want to keep an eye on their key
290 */
291 found_key_under_construction:
292 atomic_inc(&ckey->usage);
293 up_write(&key_construction_sem);
294
295 /* wait for the key to be completed one way or another */
296 add_wait_queue(&request_key_conswq, &myself);
297
298 for (;;) {
299 set_current_state(TASK_INTERRUPTIBLE);
300 if (!test_bit(KEY_FLAG_USER_CONSTRUCT, &ckey->flags))
301 break;
302 if (signal_pending(current))
303 break;
304 schedule();
305 }
306
307 set_current_state(TASK_RUNNING);
308 remove_wait_queue(&request_key_conswq, &myself);
309
310 /* we'll need to search this process's keyrings to see if the key is
311 * now there since we can't automatically assume it's also available
312 * there */
313 key_put(ckey);
314 ckey = NULL;
315
316 key = NULL; /* request a retry */
317 goto error;
318
319 } /* end request_key_construction() */
320
321 /*****************************************************************************/
322 /*
323 * link a freshly minted key to an appropriate destination keyring
324 */
325 static void request_key_link(struct key *key, struct key *dest_keyring)
326 {
327 struct task_struct *tsk = current;
328 struct key *drop = NULL;
329
330 kenter("{%d},%p", key->serial, dest_keyring);
331
332 /* find the appropriate keyring */
333 if (!dest_keyring) {
334 switch (tsk->jit_keyring) {
335 case KEY_REQKEY_DEFL_DEFAULT:
336 case KEY_REQKEY_DEFL_THREAD_KEYRING:
337 dest_keyring = tsk->thread_keyring;
338 if (dest_keyring)
339 break;
340
341 case KEY_REQKEY_DEFL_PROCESS_KEYRING:
342 dest_keyring = tsk->signal->process_keyring;
343 if (dest_keyring)
344 break;
345
346 case KEY_REQKEY_DEFL_SESSION_KEYRING:
347 rcu_read_lock();
348 dest_keyring = key_get(
349 rcu_dereference(tsk->signal->session_keyring));
350 rcu_read_unlock();
351 drop = dest_keyring;
352
353 if (dest_keyring)
354 break;
355
356 case KEY_REQKEY_DEFL_USER_SESSION_KEYRING:
357 dest_keyring = current->user->session_keyring;
358 break;
359
360 case KEY_REQKEY_DEFL_USER_KEYRING:
361 dest_keyring = current->user->uid_keyring;
362 break;
363
364 case KEY_REQKEY_DEFL_GROUP_KEYRING:
365 default:
366 BUG();
367 }
368 }
369
370 /* and attach the key to it */
371 key_link(dest_keyring, key);
372
373 key_put(drop);
374
375 kleave("");
376
377 } /* end request_key_link() */
378
379 /*****************************************************************************/
380 /*
381 * request a key
382 * - search the process's keyrings
383 * - check the list of keys being created or updated
384 * - call out to userspace for a key if supplementary info was provided
385 * - cache the key in an appropriate keyring
386 */
387 struct key *request_key_and_link(struct key_type *type,
388 const char *description,
389 const char *callout_info,
390 struct key *dest_keyring)
391 {
392 struct key_user *user;
393 struct key *key;
394 key_ref_t key_ref;
395
396 kenter("%s,%s,%s,%p",
397 type->name, description, callout_info, dest_keyring);
398
399 /* search all the process keyrings for a key */
400 key_ref = search_process_keyrings(type, description, type->match,
401 current);
402
403 kdebug("search 1: %p", key_ref);
404
405 if (!IS_ERR(key_ref)) {
406 key = key_ref_to_ptr(key_ref);
407 }
408 else if (PTR_ERR(key_ref) != -EAGAIN) {
409 key = ERR_PTR(PTR_ERR(key_ref));
410 }
411 else {
412 /* the search failed, but the keyrings were searchable, so we
413 * should consult userspace if we can */
414 key = ERR_PTR(-ENOKEY);
415 if (!callout_info)
416 goto error;
417
418 /* - get hold of the user's construction queue */
419 user = key_user_lookup(current->fsuid);
420 if (!user)
421 goto nomem;
422
423 for (;;) {
424 if (signal_pending(current))
425 goto interrupted;
426
427 /* ask userspace (returns NULL if it waited on a key
428 * being constructed) */
429 key = request_key_construction(type, description,
430 user, callout_info);
431 if (key)
432 break;
433
434 /* someone else made the key we want, so we need to
435 * search again as it might now be available to us */
436 key_ref = search_process_keyrings(type, description,
437 type->match,
438 current);
439
440 kdebug("search 2: %p", key_ref);
441
442 if (!IS_ERR(key_ref)) {
443 key = key_ref_to_ptr(key_ref);
444 break;
445 }
446
447 if (PTR_ERR(key_ref) != -EAGAIN) {
448 key = ERR_PTR(PTR_ERR(key_ref));
449 break;
450 }
451 }
452
453 key_user_put(user);
454
455 /* link the new key into the appropriate keyring */
456 if (!IS_ERR(key))
457 request_key_link(key, dest_keyring);
458 }
459
460 error:
461 kleave(" = %p", key);
462 return key;
463
464 nomem:
465 key = ERR_PTR(-ENOMEM);
466 goto error;
467
468 interrupted:
469 key_user_put(user);
470 key = ERR_PTR(-EINTR);
471 goto error;
472
473 } /* end request_key_and_link() */
474
475 /*****************************************************************************/
476 /*
477 * request a key
478 * - search the process's keyrings
479 * - check the list of keys being created or updated
480 * - call out to userspace for a key if supplementary info was provided
481 */
482 struct key *request_key(struct key_type *type,
483 const char *description,
484 const char *callout_info)
485 {
486 return request_key_and_link(type, description, callout_info, NULL);
487
488 } /* end request_key() */
489
490 EXPORT_SYMBOL(request_key);
Linux 2.6 ibm-acpi/thinkpad-acpi driver git tree