Lines Matching defs:keyring
19 #include <keys/keyring-type.h>
23 #define rcu_dereference_locked_keyring(keyring) \
25 (keyring)->payload.subscriptions, \
26 rwsem_is_locked((struct rw_semaphore *)&(keyring)->sem)))
53 * the keyring type definition
55 static int keyring_instantiate(struct key *keyring,
57 static int keyring_match(const struct key *keyring, const void *criterion);
58 static void keyring_revoke(struct key *keyring);
59 static void keyring_destroy(struct key *keyring);
60 static void keyring_describe(const struct key *keyring, struct seq_file *m);
61 static long keyring_read(const struct key *keyring,
65 .name = "keyring",
85 * publish the name of a keyring so that it can be found by name (if it has
88 static void keyring_publish_name(struct key *keyring)
92 if (keyring->description) {
93 bucket = keyring_hash(keyring->description);
100 list_add_tail(&keyring->type_data.link,
110 * initialise a keyring
113 static int keyring_instantiate(struct key *keyring,
120 /* make the keyring available by name if it has one */
121 keyring_publish_name(keyring);
133 static int keyring_match(const struct key *keyring, const void *description)
135 return keyring->description &&
136 strcmp(keyring->description, description) == 0;
142 * dispose of the data dangling from the corpse of a keyring
144 static void keyring_destroy(struct key *keyring)
149 if (keyring->description) {
152 if (keyring->type_data.link.next != NULL &&
153 !list_empty(&keyring->type_data.link))
154 list_del(&keyring->type_data.link);
159 klist = rcu_dereference_check(keyring->payload.subscriptions,
161 atomic_read(&keyring->usage) == 0);
172 * describe the keyring
174 static void keyring_describe(const struct key *keyring, struct seq_file *m)
178 if (keyring->description)
179 seq_puts(m, keyring->description);
184 klist = rcu_dereference(keyring->payload.subscriptions);
195 * read a list of key IDs from the keyring's contents
196 * - the keyring's semaphore is read-locked
198 static long keyring_read(const struct key *keyring,
207 klist = rcu_dereference_locked_keyring(keyring);
249 * allocate a keyring and link into the destination keyring
255 struct key *keyring;
258 keyring = key_alloc(&key_type_keyring, description,
263 if (!IS_ERR(keyring)) {
264 ret = key_instantiate_and_link(keyring, NULL, 0, dest, NULL);
266 key_put(keyring);
267 keyring = ERR_PTR(ret);
271 return keyring;
277 * search the supplied keyring tree for a key that matches the criterion
282 * - we rely on RCU to prevent the keyring lists from disappearing on us
285 * - we propagate the possession attribute from the keyring ref to the key ref
301 struct key *keyring, *key;
306 keyring = key_ref_to_ptr(keyring_ref);
308 key_check(keyring);
310 /* top keyring must have search permission to begin the search */
318 if (keyring->type != &key_type_keyring)
327 /* firstly we should check to see if this top-level keyring is what we
330 kflags = keyring->flags;
331 if (keyring->type == type && match(keyring, description)) {
332 key = keyring;
346 /* otherwise, the top keyring must not be revoked, expired, or
350 (keyring->expiry && now.tv_sec >= keyring->expiry))
353 /* start processing a new keyring */
355 if (test_bit(KEY_FLAG_REVOKED, &keyring->flags))
358 keylist = rcu_dereference(keyring->payload.subscriptions);
362 /* iterate through the keys in this keyring first */
419 /* begin again with the new keyring */
420 keyring = key;
424 /* the keyring we're looking at was disqualified or didn't contain a
428 /* resume the processing of a keyring higher up in the tree */
452 * search the supplied keyring tree for a key that matches the criterion
459 key_ref_t keyring_search(key_ref_t keyring,
466 return keyring_search_aux(keyring, current->cred,
475 * search the given keyring only (no recursion)
476 * - keyring must be locked by caller
477 * - caller must guarantee that the keyring is a keyring
486 struct key *keyring, *key;
489 keyring = key_ref_to_ptr(keyring_ref);
494 klist = rcu_dereference(keyring->payload.subscriptions);
522 * find a keyring with the specified name
528 struct key *keyring;
539 /* search this hash bucket for a keyring with a matching name
541 list_for_each_entry(keyring,
545 if (keyring->user->user_ns != current_user_ns())
548 if (test_bit(KEY_FLAG_REVOKED, &keyring->flags))
551 if (strcmp(keyring->description, name) != 0)
555 key_permission(make_key_ref(keyring, 0),
560 * key_cleanup() if the keyring is currently 'dead'
562 if (!atomic_inc_not_zero(&keyring->usage))
568 keyring = ERR_PTR(-ENOKEY);
571 return keyring;
602 /* start processing a new keyring */
613 /* iterate through the remaining keys in this keyring */
630 /* begin again with the new keyring */
636 /* the keyring we're looking at was disqualified or didn't contain a
640 /* resume the checking of a keyring higher up in the tree */
664 * dispose of a keyring list after the RCU grace period, freeing the unlinked
678 * preallocate memory so that a key can be linked into to a keyring
680 int __key_link_begin(struct key *keyring, const struct key_type *type,
683 __acquires(&keyring->sem)
690 kenter("%d,%s,%s,", key_serial(keyring), type->name, description);
692 if (keyring->type != &key_type_keyring)
695 down_write(&keyring->sem);
698 if (test_bit(KEY_FLAG_REVOKED, &keyring->flags))
702 * when linking two keyring in opposite orders */
706 klist = rcu_dereference_locked_keyring(keyring);
734 ret = key_payload_reserve(keyring,
735 keyring->datalen + KEYQUOTA_LINK_BYTES);
783 key_payload_reserve(keyring,
784 keyring->datalen - KEYQUOTA_LINK_BYTES);
789 up_write(&keyring->sem);
800 int __key_link_check_live_key(struct key *keyring, struct key *key)
804 * keyring to another */
805 return keyring_detect_cycle(keyring, key);
810 * link a key into to a keyring
814 void __key_link(struct key *keyring, struct key *key,
822 kenter("%d,%d,%p", keyring->serial, key->serial, nklist);
824 klist = rcu_dereference_protected(keyring->payload.subscriptions,
825 rwsem_is_locked(&keyring->sem));
837 rcu_assign_pointer(keyring->payload.subscriptions, nklist);
839 /* dispose of the old keyring list and, if there was one, the
855 * finish linking a key into to a keyring
858 void __key_link_end(struct key *keyring, struct key_type *type,
860 __releases(&keyring->sem)
864 kenter("%d,%s,%p", keyring->serial, type->name, prealloc);
871 key_payload_reserve(keyring,
872 keyring->datalen - KEYQUOTA_LINK_BYTES);
874 up_write(&keyring->sem);
878 * link a key to a keyring
880 int key_link(struct key *keyring, struct key *key)
885 key_check(keyring);
888 ret = __key_link_begin(keyring, key->type, key->description, &prealloc);
890 ret = __key_link_check_live_key(keyring, key);
892 __key_link(keyring, key, &prealloc);
893 __key_link_end(keyring, key->type, prealloc);
903 * unlink the first link to a key from a keyring
905 int key_unlink(struct key *keyring, struct key *key)
910 key_check(keyring);
914 if (keyring->type != &key_type_keyring)
917 down_write(&keyring->sem);
919 klist = rcu_dereference_locked_keyring(keyring);
921 /* search the keyring for the key */
927 up_write(&keyring->sem);
952 key_payload_reserve(keyring,
953 keyring->datalen - KEYQUOTA_LINK_BYTES);
955 rcu_assign_pointer(keyring->payload.subscriptions, nklist);
957 up_write(&keyring->sem);
969 up_write(&keyring->sem);
978 * dispose of a keyring list after the RCU grace period, releasing the keys it
997 * clear the specified process keyring
1000 int keyring_clear(struct key *keyring)
1006 if (keyring->type == &key_type_keyring) {
1008 down_write(&keyring->sem);
1010 klist = rcu_dereference_locked_keyring(keyring);
1013 key_payload_reserve(keyring,
1016 rcu_assign_pointer(keyring->payload.subscriptions,
1020 up_write(&keyring->sem);
1037 * dispose of the links from a revoked keyring
1040 static void keyring_revoke(struct key *keyring)
1044 klist = rcu_dereference_locked_keyring(keyring);
1047 key_payload_reserve(keyring, 0);
1050 rcu_assign_pointer(keyring->payload.subscriptions, NULL);
1066 * Collect garbage from the contents of a keyring
1068 void keyring_gc(struct key *keyring, time_t limit)
1074 kenter("{%x,%s}", key_serial(keyring), keyring->description);
1076 down_write(&keyring->sem);
1078 klist = rcu_dereference_locked_keyring(keyring);
1091 /* allocate a new keyring payload */
1116 key_payload_reserve(keyring,
1121 rcu_assign_pointer(keyring->payload.subscriptions, NULL);
1124 rcu_assign_pointer(keyring->payload.subscriptions, new);
1127 up_write(&keyring->sem);
1136 up_write(&keyring->sem);
1141 up_write(&keyring->sem);
1146 up_write(&keyring->sem);
1151 up_write(&keyring->sem);