Linux Kernel  3.7.1
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
Macros | Functions | Variables
keyring.c File Reference
#include <linux/module.h>
#include <linux/init.h>
#include <linux/sched.h>
#include <linux/slab.h>
#include <linux/security.h>
#include <linux/seq_file.h>
#include <linux/err.h>
#include <keys/keyring-type.h>
#include <linux/uaccess.h>
#include "internal.h"

Go to the source code of this file.

Macros

#define rcu_dereference_locked_keyring(keyring)
 
#define rcu_deref_link_locked(klist, index, keyring)
 
#define MAX_KEYRING_LINKS
 
#define KEY_LINK_FIXQUOTA   1UL
 
#define KEYRING_SEARCH_MAX_DEPTH   6
 
#define KEYRING_NAME_HASH_SIZE   (1 << 5)
 

Functions

 EXPORT_SYMBOL (key_type_keyring)
 
struct keykeyring_alloc (const char *description, kuid_t uid, kgid_t gid, const struct cred *cred, unsigned long flags, struct key *dest)
 
key_ref_t keyring_search_aux (key_ref_t keyring_ref, const struct cred *cred, struct key_type *type, const void *description, key_match_func_t match, bool no_state_check)
 
key_ref_t keyring_search (key_ref_t keyring, struct key_type *type, const char *description)
 
 EXPORT_SYMBOL (keyring_search)
 
key_ref_t __keyring_search_one (key_ref_t keyring_ref, const struct key_type *ktype, const char *description, key_perm_t perm)
 
struct keyfind_keyring_by_name (const char *name, bool skip_perm_check)
 
int __key_link_begin (struct key *keyring, const struct key_type *type, const char *description, unsigned long *_prealloc) __acquires(&keyring-> sem) __acquires(&keyring_serialise_link_sem)
 
int __key_link_check_live_key (struct key *keyring, struct key *key)
 
void __key_link (struct key *keyring, struct key *key, unsigned long *_prealloc)
 
void __key_link_end (struct key *keyring, struct key_type *type, unsigned long prealloc) __releases(&keyring-> sem) __releases(&keyring_serialise_link_sem)
 
int key_link (struct key *keyring, struct key *key)
 
 EXPORT_SYMBOL (key_link)
 
int key_unlink (struct key *keyring, struct key *key)
 
 EXPORT_SYMBOL (key_unlink)
 
int keyring_clear (struct key *keyring)
 
 EXPORT_SYMBOL (keyring_clear)
 
void keyring_gc (struct key *keyring, time_t limit)
 

Variables

struct key_type key_type_keyring
 

Macro Definition Documentation

#define KEY_LINK_FIXQUOTA   1UL

Definition at line 37 of file keyring.c.

#define KEYRING_NAME_HASH_SIZE   (1 << 5)

Definition at line 48 of file keyring.c.

#define KEYRING_SEARCH_MAX_DEPTH   6

Definition at line 43 of file keyring.c.

#define MAX_KEYRING_LINKS
Value:
min_t(size_t, USHRT_MAX - 1, \
((PAGE_SIZE - sizeof(struct keyring_list)) / sizeof(struct key *)))

Definition at line 33 of file keyring.c.

#define rcu_deref_link_locked (   klist,
  index,
  keyring 
)
Value:
(klist)->keys[index], \
rwsem_is_locked((struct rw_semaphore *)&(keyring)->sem)))

Definition at line 28 of file keyring.c.

#define rcu_dereference_locked_keyring (   keyring)
Value:
(keyring)->payload.subscriptions, \
rwsem_is_locked((struct rw_semaphore *)&(keyring)->sem)))

Definition at line 23 of file keyring.c.

Function Documentation

void __key_link ( struct key keyring,
struct key key,
unsigned long _prealloc 
)

Definition at line 900 of file keyring.c.

int __key_link_begin ( struct key keyring,
const struct key_type *  type,
const char description,
unsigned long _prealloc 
) -> sem) __acquires(&keyring_serialise_link_sem)

Definition at line 751 of file keyring.c.

int __key_link_check_live_key ( struct key keyring,
struct key key 
)

Definition at line 883 of file keyring.c.

void __key_link_end ( struct key keyring,
struct key_type *  type,
unsigned long  prealloc 
) -> sem) __releases(&keyring_serialise_link_sem)

Definition at line 961 of file keyring.c.

key_ref_t __keyring_search_one ( key_ref_t  keyring_ref,
const struct key_type *  ktype,
const char description,
key_perm_t  perm 
)

Definition at line 541 of file keyring.c.

EXPORT_SYMBOL ( key_type_keyring  )
EXPORT_SYMBOL ( keyring_search  )
EXPORT_SYMBOL ( key_link  )
EXPORT_SYMBOL ( key_unlink  )
EXPORT_SYMBOL ( keyring_clear  )
struct key* find_keyring_by_name ( const char name,
bool  skip_perm_check 
)
read

Definition at line 596 of file keyring.c.

int key_link ( struct key keyring,
struct key key 
)

key_link - Link a key to a keyring : The keyring to make the link in. : The key to link to.

Make a link in a keyring to a key, such that the keyring holds a reference on that key and the key can potentially be found by searching that keyring.

This function will write-lock the keyring's semaphore and will consume some of the user's key data quota to hold the link.

Returns 0 if successful, -ENOTDIR if the keyring isn't a keyring, -EKEYREVOKED if the keyring has been revoked, -ENFILE if the keyring is full, -EDQUOT if there is insufficient key data quota remaining to add another link or -ENOMEM if there's insufficient memory.

It is assumed that the caller has checked that it is permitted for a link to be made (the keyring should have Write permission and the key Link permission).

Definition at line 1003 of file keyring.c.

int key_unlink ( struct key keyring,
struct key key 
)

key_unlink - Unlink the first link to a key from a keyring. : The keyring to remove the link from. : The key the link is to.

Remove a link from a keyring to a key.

This function will write-lock the keyring's semaphore.

Returns 0 if successful, -ENOTDIR if the keyring isn't a keyring, -ENOENT if the key isn't linked to by the keyring or -ENOMEM if there's insufficient memory.

It is assumed that the caller has checked that it is permitted for a link to be removed (the keyring should have Write permission; no permissions are required on the key).

Definition at line 1040 of file keyring.c.

struct key* keyring_alloc ( const char description,
kuid_t  uid,
kgid_t  gid,
const struct cred cred,
unsigned long  flags,
struct key dest 
)
read

Definition at line 259 of file keyring.c.

int keyring_clear ( struct key keyring)

keyring_clear - Clear a keyring : The keyring to clear.

Clear the contents of the specified keyring.

Returns 0 if successful or -ENOTDIR if the keyring isn't a keyring.

Definition at line 1134 of file keyring.c.

void keyring_gc ( struct key keyring,
time_t  limit 
)

Definition at line 1195 of file keyring.c.

key_ref_t keyring_search ( key_ref_t  keyring,
struct key_type *  type,
const char description 
)

keyring_search - Search the supplied keyring tree for a matching key : The root of the keyring tree to be searched. : The type of keyring we want to find. : The name of the keyring we want to find.

As keyring_search_aux() above, but using the current task's credentials and type's default matching function.

Definition at line 514 of file keyring.c.

key_ref_t keyring_search_aux ( key_ref_t  keyring_ref,
const struct cred cred,
struct key_type *  type,
const void description,
key_match_func_t  match,
bool  no_state_check 
)

keyring_search_aux - Search a keyring tree for a key matching some criteria : A pointer to the keyring with possession indicator. : The credentials to use for permissions checks. : The type of key to search for. : Parameter for . : Function to rule on whether or not a key is the one required. : Don't check if a matching key is bad

Search the supplied keyring tree for a key that matches the criteria given. The root keyring and any linked keyrings must grant Search permission to the caller to be searchable and keys can only be found if they too grant Search to the caller. The possession flag on the root keyring pointer controls use of the possessor bits in permissions checking of the entire tree. In addition, the LSM gets to forbid keyring searches and key matches.

The search is performed as a breadth-then-depth search up to the prescribed limit (KEYRING_SEARCH_MAX_DEPTH).

Keys are matched to the type provided and are then filtered by the match function, which is given the description to use in any way it sees fit. The match function may use any attributes of a key that it wishes to to determine the match. Normally the match function from the key type would be used.

RCU is used to prevent the keyring key lists from disappearing without the need to take lots of locks.

Returns a pointer to the found key and increments the key usage count if successful; -EAGAIN if no matching keys were found, or if expired or revoked keys were found; -ENOKEY if only negative keys were found; -ENOTDIR if the specified keyring wasn't a keyring.

In the case of a successful return, the possession attribute from is propagated to the returned key reference.

Definition at line 318 of file keyring.c.

Variable Documentation

struct key_type key_type_keyring
Initial value:
= {
.name = "keyring",
.def_datalen = sizeof(struct keyring_list),
.instantiate = keyring_instantiate,
.match = keyring_match,
.revoke = keyring_revoke,
.destroy = keyring_destroy,
.describe = keyring_describe,
.read = keyring_read,
}

Definition at line 77 of file keyring.c.