Linux Kernel  3.7.1
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
key.c
Go to the documentation of this file.
1 /* Basic authentication token and access key management
2  *
3  * Copyright (C) 2004-2008 Red Hat, Inc. All Rights Reserved.
4  * Written by David Howells ([email protected])
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU General Public License
8  * as published by the Free Software Foundation; either version
9  * 2 of the License, or (at your option) any later version.
10  */
11 
12 #include <linux/module.h>
13 #include <linux/init.h>
14 #include <linux/poison.h>
15 #include <linux/sched.h>
16 #include <linux/slab.h>
17 #include <linux/security.h>
18 #include <linux/workqueue.h>
19 #include <linux/random.h>
20 #include <linux/err.h>
21 #include "internal.h"
22 
24 struct rb_root key_serial_tree; /* tree of keys indexed by serial */
25 DEFINE_SPINLOCK(key_serial_lock);
26 
27 struct rb_root key_user_tree; /* tree of quota records indexed by UID */
28 DEFINE_SPINLOCK(key_user_lock);
29 
30 unsigned int key_quota_root_maxkeys = 200; /* root's key count quota */
31 unsigned int key_quota_root_maxbytes = 20000; /* root's key space quota */
32 unsigned int key_quota_maxkeys = 200; /* general key count quota */
33 unsigned int key_quota_maxbytes = 20000; /* general key space quota */
34 
35 static LIST_HEAD(key_types_list);
36 static DECLARE_RWSEM(key_types_sem);
37 
38 /* We serialise key instantiation and link */
39 DEFINE_MUTEX(key_construction_mutex);
40 
41 #ifdef KEY_DEBUGGING
42 void __key_check(const struct key *key)
43 {
44  printk("__key_check: key %p {%08x} should be {%08x}\n",
45  key, key->magic, KEY_DEBUG_MAGIC);
46  BUG();
47 }
48 #endif
49 
50 /*
51  * Get the key quota record for a user, allocating a new record if one doesn't
52  * already exist.
53  */
55 {
56  struct key_user *candidate = NULL, *user;
57  struct rb_node *parent = NULL;
58  struct rb_node **p;
59 
60 try_again:
61  p = &key_user_tree.rb_node;
62  spin_lock(&key_user_lock);
63 
64  /* search the tree for a user record with a matching UID */
65  while (*p) {
66  parent = *p;
67  user = rb_entry(parent, struct key_user, node);
68 
69  if (uid_lt(uid, user->uid))
70  p = &(*p)->rb_left;
71  else if (uid_gt(uid, user->uid))
72  p = &(*p)->rb_right;
73  else
74  goto found;
75  }
76 
77  /* if we get here, we failed to find a match in the tree */
78  if (!candidate) {
79  /* allocate a candidate user record if we don't already have
80  * one */
81  spin_unlock(&key_user_lock);
82 
83  user = NULL;
84  candidate = kmalloc(sizeof(struct key_user), GFP_KERNEL);
85  if (unlikely(!candidate))
86  goto out;
87 
88  /* the allocation may have scheduled, so we need to repeat the
89  * search lest someone else added the record whilst we were
90  * asleep */
91  goto try_again;
92  }
93 
94  /* if we get here, then the user record still hadn't appeared on the
95  * second pass - so we use the candidate record */
96  atomic_set(&candidate->usage, 1);
97  atomic_set(&candidate->nkeys, 0);
98  atomic_set(&candidate->nikeys, 0);
99  candidate->uid = uid;
100  candidate->qnkeys = 0;
101  candidate->qnbytes = 0;
102  spin_lock_init(&candidate->lock);
103  mutex_init(&candidate->cons_lock);
104 
105  rb_link_node(&candidate->node, parent, p);
106  rb_insert_color(&candidate->node, &key_user_tree);
107  spin_unlock(&key_user_lock);
108  user = candidate;
109  goto out;
110 
111  /* okay - we found a user record for this UID */
112 found:
113  atomic_inc(&user->usage);
114  spin_unlock(&key_user_lock);
115  kfree(candidate);
116 out:
117  return user;
118 }
119 
120 /*
121  * Dispose of a user structure
122  */
124 {
125  if (atomic_dec_and_lock(&user->usage, &key_user_lock)) {
126  rb_erase(&user->node, &key_user_tree);
127  spin_unlock(&key_user_lock);
128 
129  kfree(user);
130  }
131 }
132 
133 /*
134  * Allocate a serial number for a key. These are assigned randomly to avoid
135  * security issues through covert channel problems.
136  */
137 static inline void key_alloc_serial(struct key *key)
138 {
139  struct rb_node *parent, **p;
140  struct key *xkey;
141 
142  /* propose a random serial number and look for a hole for it in the
143  * serial number tree */
144  do {
145  get_random_bytes(&key->serial, sizeof(key->serial));
146 
147  key->serial >>= 1; /* negative numbers are not permitted */
148  } while (key->serial < 3);
149 
150  spin_lock(&key_serial_lock);
151 
152 attempt_insertion:
153  parent = NULL;
154  p = &key_serial_tree.rb_node;
155 
156  while (*p) {
157  parent = *p;
158  xkey = rb_entry(parent, struct key, serial_node);
159 
160  if (key->serial < xkey->serial)
161  p = &(*p)->rb_left;
162  else if (key->serial > xkey->serial)
163  p = &(*p)->rb_right;
164  else
165  goto serial_exists;
166  }
167 
168  /* we've found a suitable hole - arrange for this key to occupy it */
169  rb_link_node(&key->serial_node, parent, p);
170  rb_insert_color(&key->serial_node, &key_serial_tree);
171 
172  spin_unlock(&key_serial_lock);
173  return;
174 
175  /* we found a key with the proposed serial number - walk the tree from
176  * that point looking for the next unused serial number */
177 serial_exists:
178  for (;;) {
179  key->serial++;
180  if (key->serial < 3) {
181  key->serial = 3;
182  goto attempt_insertion;
183  }
184 
185  parent = rb_next(parent);
186  if (!parent)
187  goto attempt_insertion;
188 
189  xkey = rb_entry(parent, struct key, serial_node);
190  if (key->serial < xkey->serial)
191  goto attempt_insertion;
192  }
193 }
194 
224 struct key *key_alloc(struct key_type *type, const char *desc,
225  kuid_t uid, kgid_t gid, const struct cred *cred,
226  key_perm_t perm, unsigned long flags)
227 {
228  struct key_user *user = NULL;
229  struct key *key;
230  size_t desclen, quotalen;
231  int ret;
232 
233  key = ERR_PTR(-EINVAL);
234  if (!desc || !*desc)
235  goto error;
236 
237  if (type->vet_description) {
238  ret = type->vet_description(desc);
239  if (ret < 0) {
240  key = ERR_PTR(ret);
241  goto error;
242  }
243  }
244 
245  desclen = strlen(desc) + 1;
246  quotalen = desclen + type->def_datalen;
247 
248  /* get hold of the key tracking for this user */
249  user = key_user_lookup(uid);
250  if (!user)
251  goto no_memory_1;
252 
253  /* check that the user's quota permits allocation of another key and
254  * its description */
255  if (!(flags & KEY_ALLOC_NOT_IN_QUOTA)) {
256  unsigned maxkeys = uid_eq(uid, GLOBAL_ROOT_UID) ?
258  unsigned maxbytes = uid_eq(uid, GLOBAL_ROOT_UID) ?
260 
261  spin_lock(&user->lock);
262  if (!(flags & KEY_ALLOC_QUOTA_OVERRUN)) {
263  if (user->qnkeys + 1 >= maxkeys ||
264  user->qnbytes + quotalen >= maxbytes ||
265  user->qnbytes + quotalen < user->qnbytes)
266  goto no_quota;
267  }
268 
269  user->qnkeys++;
270  user->qnbytes += quotalen;
271  spin_unlock(&user->lock);
272  }
273 
274  /* allocate and initialise the key and its description */
275  key = kmem_cache_alloc(key_jar, GFP_KERNEL);
276  if (!key)
277  goto no_memory_2;
278 
279  if (desc) {
280  key->description = kmemdup(desc, desclen, GFP_KERNEL);
281  if (!key->description)
282  goto no_memory_3;
283  }
284 
285  atomic_set(&key->usage, 1);
286  init_rwsem(&key->sem);
287  lockdep_set_class(&key->sem, &type->lock_class);
288  key->type = type;
289  key->user = user;
290  key->quotalen = quotalen;
291  key->datalen = type->def_datalen;
292  key->uid = uid;
293  key->gid = gid;
294  key->perm = perm;
295  key->flags = 0;
296  key->expiry = 0;
297  key->payload.data = NULL;
298  key->security = NULL;
299 
300  if (!(flags & KEY_ALLOC_NOT_IN_QUOTA))
301  key->flags |= 1 << KEY_FLAG_IN_QUOTA;
302 
303  memset(&key->type_data, 0, sizeof(key->type_data));
304 
305 #ifdef KEY_DEBUGGING
306  key->magic = KEY_DEBUG_MAGIC;
307 #endif
308 
309  /* let the security module know about the key */
310  ret = security_key_alloc(key, cred, flags);
311  if (ret < 0)
312  goto security_error;
313 
314  /* publish the key by giving it a serial number */
315  atomic_inc(&user->nkeys);
316  key_alloc_serial(key);
317 
318 error:
319  return key;
320 
321 security_error:
322  kfree(key->description);
323  kmem_cache_free(key_jar, key);
324  if (!(flags & KEY_ALLOC_NOT_IN_QUOTA)) {
325  spin_lock(&user->lock);
326  user->qnkeys--;
327  user->qnbytes -= quotalen;
328  spin_unlock(&user->lock);
329  }
330  key_user_put(user);
331  key = ERR_PTR(ret);
332  goto error;
333 
334 no_memory_3:
335  kmem_cache_free(key_jar, key);
336 no_memory_2:
337  if (!(flags & KEY_ALLOC_NOT_IN_QUOTA)) {
338  spin_lock(&user->lock);
339  user->qnkeys--;
340  user->qnbytes -= quotalen;
341  spin_unlock(&user->lock);
342  }
343  key_user_put(user);
344 no_memory_1:
345  key = ERR_PTR(-ENOMEM);
346  goto error;
347 
348 no_quota:
349  spin_unlock(&user->lock);
350  key_user_put(user);
351  key = ERR_PTR(-EDQUOT);
352  goto error;
353 }
355 
367 int key_payload_reserve(struct key *key, size_t datalen)
368 {
369  int delta = (int)datalen - key->datalen;
370  int ret = 0;
371 
372  key_check(key);
373 
374  /* contemplate the quota adjustment */
375  if (delta != 0 && test_bit(KEY_FLAG_IN_QUOTA, &key->flags)) {
376  unsigned maxbytes = uid_eq(key->user->uid, GLOBAL_ROOT_UID) ?
378 
379  spin_lock(&key->user->lock);
380 
381  if (delta > 0 &&
382  (key->user->qnbytes + delta >= maxbytes ||
383  key->user->qnbytes + delta < key->user->qnbytes)) {
384  ret = -EDQUOT;
385  }
386  else {
387  key->user->qnbytes += delta;
388  key->quotalen += delta;
389  }
390  spin_unlock(&key->user->lock);
391  }
392 
393  /* change the recorded data length if that didn't generate an error */
394  if (ret == 0)
395  key->datalen = datalen;
396 
397  return ret;
398 }
400 
401 /*
402  * Instantiate a key and link it into the target keyring atomically. Must be
403  * called with the target keyring's semaphore writelocked. The target key's
404  * semaphore need not be locked as instantiation is serialised by
405  * key_construction_mutex.
406  */
407 static int __key_instantiate_and_link(struct key *key,
408  struct key_preparsed_payload *prep,
409  struct key *keyring,
410  struct key *authkey,
411  unsigned long *_prealloc)
412 {
413  int ret, awaken;
414 
415  key_check(key);
416  key_check(keyring);
417 
418  awaken = 0;
419  ret = -EBUSY;
420 
421  mutex_lock(&key_construction_mutex);
422 
423  /* can't instantiate twice */
424  if (!test_bit(KEY_FLAG_INSTANTIATED, &key->flags)) {
425  /* instantiate the key */
426  ret = key->type->instantiate(key, prep);
427 
428  if (ret == 0) {
429  /* mark the key as being instantiated */
430  atomic_inc(&key->user->nikeys);
431  set_bit(KEY_FLAG_INSTANTIATED, &key->flags);
432 
433  if (test_and_clear_bit(KEY_FLAG_USER_CONSTRUCT, &key->flags))
434  awaken = 1;
435 
436  /* and link it into the destination keyring */
437  if (keyring)
438  __key_link(keyring, key, _prealloc);
439 
440  /* disable the authorisation key */
441  if (authkey)
442  key_revoke(authkey);
443  }
444  }
445 
446  mutex_unlock(&key_construction_mutex);
447 
448  /* wake up anyone waiting for a key to be constructed */
449  if (awaken)
450  wake_up_bit(&key->flags, KEY_FLAG_USER_CONSTRUCT);
451 
452  return ret;
453 }
454 
471 int key_instantiate_and_link(struct key *key,
472  const void *data,
473  size_t datalen,
474  struct key *keyring,
475  struct key *authkey)
476 {
477  struct key_preparsed_payload prep;
478  unsigned long prealloc;
479  int ret;
480 
481  memset(&prep, 0, sizeof(prep));
482  prep.data = data;
483  prep.datalen = datalen;
484  prep.quotalen = key->type->def_datalen;
485  if (key->type->preparse) {
486  ret = key->type->preparse(&prep);
487  if (ret < 0)
488  goto error;
489  }
490 
491  if (keyring) {
492  ret = __key_link_begin(keyring, key->type, key->description,
493  &prealloc);
494  if (ret < 0)
495  goto error_free_preparse;
496  }
497 
498  ret = __key_instantiate_and_link(key, &prep, keyring, authkey,
499  &prealloc);
500 
501  if (keyring)
502  __key_link_end(keyring, key->type, prealloc);
503 
504 error_free_preparse:
505  if (key->type->preparse)
506  key->type->free_preparse(&prep);
507 error:
508  return ret;
509 }
510 
512 
534 int key_reject_and_link(struct key *key,
535  unsigned timeout,
536  unsigned error,
537  struct key *keyring,
538  struct key *authkey)
539 {
540  unsigned long prealloc;
541  struct timespec now;
542  int ret, awaken, link_ret = 0;
543 
544  key_check(key);
545  key_check(keyring);
546 
547  awaken = 0;
548  ret = -EBUSY;
549 
550  if (keyring)
551  link_ret = __key_link_begin(keyring, key->type,
552  key->description, &prealloc);
553 
555 
556  /* can't instantiate twice */
557  if (!test_bit(KEY_FLAG_INSTANTIATED, &key->flags)) {
558  /* mark the key as being negatively instantiated */
559  atomic_inc(&key->user->nikeys);
560  set_bit(KEY_FLAG_NEGATIVE, &key->flags);
561  set_bit(KEY_FLAG_INSTANTIATED, &key->flags);
562  key->type_data.reject_error = -error;
563  now = current_kernel_time();
564  key->expiry = now.tv_sec + timeout;
565  key_schedule_gc(key->expiry + key_gc_delay);
566 
567  if (test_and_clear_bit(KEY_FLAG_USER_CONSTRUCT, &key->flags))
568  awaken = 1;
569 
570  ret = 0;
571 
572  /* and link it into the destination keyring */
573  if (keyring && link_ret == 0)
574  __key_link(keyring, key, &prealloc);
575 
576  /* disable the authorisation key */
577  if (authkey)
578  key_revoke(authkey);
579  }
580 
582 
583  if (keyring)
584  __key_link_end(keyring, key->type, prealloc);
585 
586  /* wake up anyone waiting for a key to be constructed */
587  if (awaken)
588  wake_up_bit(&key->flags, KEY_FLAG_USER_CONSTRUCT);
589 
590  return ret == 0 ? link_ret : ret;
591 }
593 
602 void key_put(struct key *key)
603 {
604  if (key) {
605  key_check(key);
606 
607  if (atomic_dec_and_test(&key->usage))
609  }
610 }
612 
613 /*
614  * Find a key by its serial number.
615  */
616 struct key *key_lookup(key_serial_t id)
617 {
618  struct rb_node *n;
619  struct key *key;
620 
621  spin_lock(&key_serial_lock);
622 
623  /* search the tree for the specified key */
624  n = key_serial_tree.rb_node;
625  while (n) {
626  key = rb_entry(n, struct key, serial_node);
627 
628  if (id < key->serial)
629  n = n->rb_left;
630  else if (id > key->serial)
631  n = n->rb_right;
632  else
633  goto found;
634  }
635 
636 not_found:
637  key = ERR_PTR(-ENOKEY);
638  goto error;
639 
640 found:
641  /* pretend it doesn't exist if it is awaiting deletion */
642  if (atomic_read(&key->usage) == 0)
643  goto not_found;
644 
645  /* this races with key_put(), but that doesn't matter since key_put()
646  * doesn't actually change the key
647  */
648  atomic_inc(&key->usage);
649 
650 error:
651  spin_unlock(&key_serial_lock);
652  return key;
653 }
654 
655 /*
656  * Find and lock the specified key type against removal.
657  *
658  * We return with the sem read-locked if successful. If the type wasn't
659  * available -ENOKEY is returned instead.
660  */
661 struct key_type *key_type_lookup(const char *type)
662 {
663  struct key_type *ktype;
664 
665  down_read(&key_types_sem);
666 
667  /* look up the key type to see if it's one of the registered kernel
668  * types */
669  list_for_each_entry(ktype, &key_types_list, link) {
670  if (strcmp(ktype->name, type) == 0)
671  goto found_kernel_type;
672  }
673 
674  up_read(&key_types_sem);
675  ktype = ERR_PTR(-ENOKEY);
676 
677 found_kernel_type:
678  return ktype;
679 }
680 
681 void key_set_timeout(struct key *key, unsigned timeout)
682 {
683  struct timespec now;
684  time_t expiry = 0;
685 
686  /* make the changes with the locks held to prevent races */
687  down_write(&key->sem);
688 
689  if (timeout > 0) {
690  now = current_kernel_time();
691  expiry = now.tv_sec + timeout;
692  }
693 
694  key->expiry = expiry;
695  key_schedule_gc(key->expiry + key_gc_delay);
696 
697  up_write(&key->sem);
698 }
700 
701 /*
702  * Unlock a key type locked by key_type_lookup().
703  */
704 void key_type_put(struct key_type *ktype)
705 {
706  up_read(&key_types_sem);
707 }
708 
709 /*
710  * Attempt to update an existing key.
711  *
712  * The key is given to us with an incremented refcount that we need to discard
713  * if we get an error.
714  */
715 static inline key_ref_t __key_update(key_ref_t key_ref,
716  struct key_preparsed_payload *prep)
717 {
718  struct key *key = key_ref_to_ptr(key_ref);
719  int ret;
720 
721  /* need write permission on the key to update it */
722  ret = key_permission(key_ref, KEY_WRITE);
723  if (ret < 0)
724  goto error;
725 
726  ret = -EEXIST;
727  if (!key->type->update)
728  goto error;
729 
730  down_write(&key->sem);
731 
732  ret = key->type->update(key, prep);
733  if (ret == 0)
734  /* updating a negative key instantiates it */
735  clear_bit(KEY_FLAG_NEGATIVE, &key->flags);
736 
737  up_write(&key->sem);
738 
739  if (ret < 0)
740  goto error;
741 out:
742  return key_ref;
743 
744 error:
745  key_put(key);
746  key_ref = ERR_PTR(ret);
747  goto out;
748 }
749 
775 key_ref_t key_create_or_update(key_ref_t keyring_ref,
776  const char *type,
777  const char *description,
778  const void *payload,
779  size_t plen,
780  key_perm_t perm,
781  unsigned long flags)
782 {
783  unsigned long prealloc;
784  struct key_preparsed_payload prep;
785  const struct cred *cred = current_cred();
786  struct key_type *ktype;
787  struct key *keyring, *key = NULL;
788  key_ref_t key_ref;
789  int ret;
790 
791  /* look up the key type to see if it's one of the registered kernel
792  * types */
793  ktype = key_type_lookup(type);
794  if (IS_ERR(ktype)) {
795  key_ref = ERR_PTR(-ENODEV);
796  goto error;
797  }
798 
799  key_ref = ERR_PTR(-EINVAL);
800  if (!ktype->match || !ktype->instantiate ||
801  (!description && !ktype->preparse))
802  goto error_put_type;
803 
804  keyring = key_ref_to_ptr(keyring_ref);
805 
806  key_check(keyring);
807 
808  key_ref = ERR_PTR(-ENOTDIR);
809  if (keyring->type != &key_type_keyring)
810  goto error_put_type;
811 
812  memset(&prep, 0, sizeof(prep));
813  prep.data = payload;
814  prep.datalen = plen;
815  prep.quotalen = ktype->def_datalen;
816  if (ktype->preparse) {
817  ret = ktype->preparse(&prep);
818  if (ret < 0) {
819  key_ref = ERR_PTR(ret);
820  goto error_put_type;
821  }
822  if (!description)
823  description = prep.description;
824  key_ref = ERR_PTR(-EINVAL);
825  if (!description)
826  goto error_free_prep;
827  }
828 
829  ret = __key_link_begin(keyring, ktype, description, &prealloc);
830  if (ret < 0) {
831  key_ref = ERR_PTR(ret);
832  goto error_free_prep;
833  }
834 
835  /* if we're going to allocate a new key, we're going to have
836  * to modify the keyring */
837  ret = key_permission(keyring_ref, KEY_WRITE);
838  if (ret < 0) {
839  key_ref = ERR_PTR(ret);
840  goto error_link_end;
841  }
842 
843  /* if it's possible to update this type of key, search for an existing
844  * key of the same type and description in the destination keyring and
845  * update that instead if possible
846  */
847  if (ktype->update) {
848  key_ref = __keyring_search_one(keyring_ref, ktype, description,
849  0);
850  if (!IS_ERR(key_ref))
851  goto found_matching_key;
852  }
853 
854  /* if the client doesn't provide, decide on the permissions we want */
855  if (perm == KEY_PERM_UNDEF) {
856  perm = KEY_POS_VIEW | KEY_POS_SEARCH | KEY_POS_LINK | KEY_POS_SETATTR;
857  perm |= KEY_USR_VIEW | KEY_USR_SEARCH | KEY_USR_LINK | KEY_USR_SETATTR;
858 
859  if (ktype->read)
860  perm |= KEY_POS_READ | KEY_USR_READ;
861 
862  if (ktype == &key_type_keyring || ktype->update)
863  perm |= KEY_USR_WRITE;
864  }
865 
866  /* allocate a new key */
867  key = key_alloc(ktype, description, cred->fsuid, cred->fsgid, cred,
868  perm, flags);
869  if (IS_ERR(key)) {
870  key_ref = ERR_CAST(key);
871  goto error_link_end;
872  }
873 
874  /* instantiate it and link it into the target keyring */
875  ret = __key_instantiate_and_link(key, &prep, keyring, NULL, &prealloc);
876  if (ret < 0) {
877  key_put(key);
878  key_ref = ERR_PTR(ret);
879  goto error_link_end;
880  }
881 
882  key_ref = make_key_ref(key, is_key_possessed(keyring_ref));
883 
884 error_link_end:
885  __key_link_end(keyring, ktype, prealloc);
886 error_free_prep:
887  if (ktype->preparse)
888  ktype->free_preparse(&prep);
889 error_put_type:
890  key_type_put(ktype);
891 error:
892  return key_ref;
893 
894  found_matching_key:
895  /* we found a matching key, so we're going to try to update it
896  * - we can drop the locks first as we have the key pinned
897  */
898  __key_link_end(keyring, ktype, prealloc);
899 
900  key_ref = __key_update(key_ref, &prep);
901  goto error_free_prep;
902 }
904 
918 int key_update(key_ref_t key_ref, const void *payload, size_t plen)
919 {
920  struct key_preparsed_payload prep;
921  struct key *key = key_ref_to_ptr(key_ref);
922  int ret;
923 
924  key_check(key);
925 
926  /* the key must be writable */
927  ret = key_permission(key_ref, KEY_WRITE);
928  if (ret < 0)
929  goto error;
930 
931  /* attempt to update it if supported */
932  ret = -EOPNOTSUPP;
933  if (!key->type->update)
934  goto error;
935 
936  memset(&prep, 0, sizeof(prep));
937  prep.data = payload;
938  prep.datalen = plen;
939  prep.quotalen = key->type->def_datalen;
940  if (key->type->preparse) {
941  ret = key->type->preparse(&prep);
942  if (ret < 0)
943  goto error;
944  }
945 
946  down_write(&key->sem);
947 
948  ret = key->type->update(key, &prep);
949  if (ret == 0)
950  /* updating a negative key instantiates it */
951  clear_bit(KEY_FLAG_NEGATIVE, &key->flags);
952 
953  up_write(&key->sem);
954 
955  if (key->type->preparse)
956  key->type->free_preparse(&prep);
957 error:
958  return ret;
959 }
961 
971 void key_revoke(struct key *key)
972 {
973  struct timespec now;
974  time_t time;
975 
976  key_check(key);
977 
978  /* make sure no one's trying to change or use the key when we mark it
979  * - we tell lockdep that we might nest because we might be revoking an
980  * authorisation key whilst holding the sem on a key we've just
981  * instantiated
982  */
983  down_write_nested(&key->sem, 1);
984  if (!test_and_set_bit(KEY_FLAG_REVOKED, &key->flags) &&
985  key->type->revoke)
986  key->type->revoke(key);
987 
988  /* set the death time to no more than the expiry time */
989  now = current_kernel_time();
990  time = now.tv_sec;
991  if (key->revoked_at == 0 || key->revoked_at > time) {
992  key->revoked_at = time;
993  key_schedule_gc(key->revoked_at + key_gc_delay);
994  }
995 
996  up_write(&key->sem);
997 }
999 
1007 void key_invalidate(struct key *key)
1008 {
1009  kenter("%d", key_serial(key));
1010 
1011  key_check(key);
1012 
1013  if (!test_bit(KEY_FLAG_INVALIDATED, &key->flags)) {
1014  down_write_nested(&key->sem, 1);
1015  if (!test_and_set_bit(KEY_FLAG_INVALIDATED, &key->flags))
1017  up_write(&key->sem);
1018  }
1019 }
1021 
1030 int register_key_type(struct key_type *ktype)
1031 {
1032  struct key_type *p;
1033  int ret;
1034 
1035  memset(&ktype->lock_class, 0, sizeof(ktype->lock_class));
1036 
1037  ret = -EEXIST;
1038  down_write(&key_types_sem);
1039 
1040  /* disallow key types with the same name */
1041  list_for_each_entry(p, &key_types_list, link) {
1042  if (strcmp(p->name, ktype->name) == 0)
1043  goto out;
1044  }
1045 
1046  /* store the type */
1047  list_add(&ktype->link, &key_types_list);
1048 
1049  pr_notice("Key type %s registered\n", ktype->name);
1050  ret = 0;
1051 
1052 out:
1053  up_write(&key_types_sem);
1054  return ret;
1055 }
1057 
1066 void unregister_key_type(struct key_type *ktype)
1067 {
1068  down_write(&key_types_sem);
1069  list_del_init(&ktype->link);
1070  downgrade_write(&key_types_sem);
1071  key_gc_keytype(ktype);
1072  pr_notice("Key type %s unregistered\n", ktype->name);
1073  up_read(&key_types_sem);
1074 }
1076 
1077 /*
1078  * Initialise the key management state.
1079  */
1080 void __init key_init(void)
1081 {
1082  /* allocate a slab in which we can store keys */
1083  key_jar = kmem_cache_create("key_jar", sizeof(struct key),
1085 
1086  /* add the special key types */
1087  list_add_tail(&key_type_keyring.link, &key_types_list);
1088  list_add_tail(&key_type_dead.link, &key_types_list);
1089  list_add_tail(&key_type_user.link, &key_types_list);
1090  list_add_tail(&key_type_logon.link, &key_types_list);
1091 
1092  /* record the root user tracking */
1093  rb_link_node(&root_key_user.node,
1094  NULL,
1095  &key_user_tree.rb_node);
1096 
1098  &key_user_tree);
1099 }