summaryrefslogtreecommitdiffstats
path: root/security/keys/user_defined.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/keys/user_defined.c')
-rw-r--r--security/keys/user_defined.c207
1 files changed, 207 insertions, 0 deletions
diff --git a/security/keys/user_defined.c b/security/keys/user_defined.c
new file mode 100644
index 000000000..749e2a4dc
--- /dev/null
+++ b/security/keys/user_defined.c
@@ -0,0 +1,207 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/* user_defined.c: user defined key type
+ *
+ * Copyright (C) 2004 Red Hat, Inc. All Rights Reserved.
+ * Written by David Howells (dhowells@redhat.com)
+ */
+
+#include <linux/export.h>
+#include <linux/init.h>
+#include <linux/slab.h>
+#include <linux/seq_file.h>
+#include <linux/err.h>
+#include <keys/user-type.h>
+#include <linux/uaccess.h>
+#include "internal.h"
+
+static int logon_vet_description(const char *desc);
+
+/*
+ * user defined keys take an arbitrary string as the description and an
+ * arbitrary blob of data as the payload
+ */
+struct key_type key_type_user = {
+ .name = "user",
+ .preparse = user_preparse,
+ .free_preparse = user_free_preparse,
+ .instantiate = generic_key_instantiate,
+ .update = user_update,
+ .revoke = user_revoke,
+ .destroy = user_destroy,
+ .describe = user_describe,
+ .read = user_read,
+};
+
+EXPORT_SYMBOL_GPL(key_type_user);
+
+/*
+ * This key type is essentially the same as key_type_user, but it does
+ * not define a .read op. This is suitable for storing username and
+ * password pairs in the keyring that you do not want to be readable
+ * from userspace.
+ */
+struct key_type key_type_logon = {
+ .name = "logon",
+ .preparse = user_preparse,
+ .free_preparse = user_free_preparse,
+ .instantiate = generic_key_instantiate,
+ .update = user_update,
+ .revoke = user_revoke,
+ .destroy = user_destroy,
+ .describe = user_describe,
+ .vet_description = logon_vet_description,
+};
+EXPORT_SYMBOL_GPL(key_type_logon);
+
+/*
+ * Preparse a user defined key payload
+ */
+int user_preparse(struct key_preparsed_payload *prep)
+{
+ struct user_key_payload *upayload;
+ size_t datalen = prep->datalen;
+
+ if (datalen <= 0 || datalen > 32767 || !prep->data)
+ return -EINVAL;
+
+ upayload = kmalloc(sizeof(*upayload) + datalen, GFP_KERNEL);
+ if (!upayload)
+ return -ENOMEM;
+
+ /* attach the data */
+ prep->quotalen = datalen;
+ prep->payload.data[0] = upayload;
+ upayload->datalen = datalen;
+ memcpy(upayload->data, prep->data, datalen);
+ return 0;
+}
+EXPORT_SYMBOL_GPL(user_preparse);
+
+/*
+ * Free a preparse of a user defined key payload
+ */
+void user_free_preparse(struct key_preparsed_payload *prep)
+{
+ kfree_sensitive(prep->payload.data[0]);
+}
+EXPORT_SYMBOL_GPL(user_free_preparse);
+
+static void user_free_payload_rcu(struct rcu_head *head)
+{
+ struct user_key_payload *payload;
+
+ payload = container_of(head, struct user_key_payload, rcu);
+ kfree_sensitive(payload);
+}
+
+/*
+ * update a user defined key
+ * - the key's semaphore is write-locked
+ */
+int user_update(struct key *key, struct key_preparsed_payload *prep)
+{
+ struct user_key_payload *zap = NULL;
+ int ret;
+
+ /* check the quota and attach the new data */
+ ret = key_payload_reserve(key, prep->datalen);
+ if (ret < 0)
+ return ret;
+
+ /* attach the new data, displacing the old */
+ key->expiry = prep->expiry;
+ if (key_is_positive(key))
+ zap = dereference_key_locked(key);
+ rcu_assign_keypointer(key, prep->payload.data[0]);
+ prep->payload.data[0] = NULL;
+
+ if (zap)
+ call_rcu(&zap->rcu, user_free_payload_rcu);
+ return ret;
+}
+EXPORT_SYMBOL_GPL(user_update);
+
+/*
+ * dispose of the links from a revoked keyring
+ * - called with the key sem write-locked
+ */
+void user_revoke(struct key *key)
+{
+ struct user_key_payload *upayload = user_key_payload_locked(key);
+
+ /* clear the quota */
+ key_payload_reserve(key, 0);
+
+ if (upayload) {
+ rcu_assign_keypointer(key, NULL);
+ call_rcu(&upayload->rcu, user_free_payload_rcu);
+ }
+}
+
+EXPORT_SYMBOL(user_revoke);
+
+/*
+ * dispose of the data dangling from the corpse of a user key
+ */
+void user_destroy(struct key *key)
+{
+ struct user_key_payload *upayload = key->payload.data[0];
+
+ kfree_sensitive(upayload);
+}
+
+EXPORT_SYMBOL_GPL(user_destroy);
+
+/*
+ * describe the user key
+ */
+void user_describe(const struct key *key, struct seq_file *m)
+{
+ seq_puts(m, key->description);
+ if (key_is_positive(key))
+ seq_printf(m, ": %u", key->datalen);
+}
+
+EXPORT_SYMBOL_GPL(user_describe);
+
+/*
+ * read the key data
+ * - the key's semaphore is read-locked
+ */
+long user_read(const struct key *key, char *buffer, size_t buflen)
+{
+ const struct user_key_payload *upayload;
+ long ret;
+
+ upayload = user_key_payload_locked(key);
+ ret = upayload->datalen;
+
+ /* we can return the data as is */
+ if (buffer && buflen > 0) {
+ if (buflen > upayload->datalen)
+ buflen = upayload->datalen;
+
+ memcpy(buffer, upayload->data, buflen);
+ }
+
+ return ret;
+}
+
+EXPORT_SYMBOL_GPL(user_read);
+
+/* Vet the description for a "logon" key */
+static int logon_vet_description(const char *desc)
+{
+ char *p;
+
+ /* require a "qualified" description string */
+ p = strchr(desc, ':');
+ if (!p)
+ return -EINVAL;
+
+ /* also reject description with ':' as first char */
+ if (p == desc)
+ return -EINVAL;
+
+ return 0;
+}