diff options
Diffstat (limited to 'include/linux/key.h')
-rw-r--r-- | include/linux/key.h | 78 |
1 files changed, 63 insertions, 15 deletions
diff --git a/include/linux/key.h b/include/linux/key.h index 970bbd916cf..f1efa016dbf 100644 --- a/include/linux/key.h +++ b/include/linux/key.h | |||
@@ -35,11 +35,18 @@ struct key; | |||
35 | 35 | ||
36 | #undef KEY_DEBUGGING | 36 | #undef KEY_DEBUGGING |
37 | 37 | ||
38 | #define KEY_USR_VIEW 0x00010000 /* user can view a key's attributes */ | 38 | #define KEY_POS_VIEW 0x01000000 /* possessor can view a key's attributes */ |
39 | #define KEY_USR_READ 0x00020000 /* user can read key payload / view keyring */ | 39 | #define KEY_POS_READ 0x02000000 /* possessor can read key payload / view keyring */ |
40 | #define KEY_USR_WRITE 0x00040000 /* user can update key payload / add link to keyring */ | 40 | #define KEY_POS_WRITE 0x04000000 /* possessor can update key payload / add link to keyring */ |
41 | #define KEY_USR_SEARCH 0x00080000 /* user can find a key in search / search a keyring */ | 41 | #define KEY_POS_SEARCH 0x08000000 /* possessor can find a key in search / search a keyring */ |
42 | #define KEY_USR_LINK 0x00100000 /* user can create a link to a key/keyring */ | 42 | #define KEY_POS_LINK 0x10000000 /* possessor can create a link to a key/keyring */ |
43 | #define KEY_POS_ALL 0x1f000000 | ||
44 | |||
45 | #define KEY_USR_VIEW 0x00010000 /* user permissions... */ | ||
46 | #define KEY_USR_READ 0x00020000 | ||
47 | #define KEY_USR_WRITE 0x00040000 | ||
48 | #define KEY_USR_SEARCH 0x00080000 | ||
49 | #define KEY_USR_LINK 0x00100000 | ||
43 | #define KEY_USR_ALL 0x001f0000 | 50 | #define KEY_USR_ALL 0x001f0000 |
44 | 51 | ||
45 | #define KEY_GRP_VIEW 0x00000100 /* group permissions... */ | 52 | #define KEY_GRP_VIEW 0x00000100 /* group permissions... */ |
@@ -67,6 +74,38 @@ struct keyring_name; | |||
67 | 74 | ||
68 | /*****************************************************************************/ | 75 | /*****************************************************************************/ |
69 | /* | 76 | /* |
77 | * key reference with possession attribute handling | ||
78 | * | ||
79 | * NOTE! key_ref_t is a typedef'd pointer to a type that is not actually | ||
80 | * defined. This is because we abuse the bottom bit of the reference to carry a | ||
81 | * flag to indicate whether the calling process possesses that key in one of | ||
82 | * its keyrings. | ||
83 | * | ||
84 | * the key_ref_t has been made a separate type so that the compiler can reject | ||
85 | * attempts to dereference it without proper conversion. | ||
86 | * | ||
87 | * the three functions are used to assemble and disassemble references | ||
88 | */ | ||
89 | typedef struct __key_reference_with_attributes *key_ref_t; | ||
90 | |||
91 | static inline key_ref_t make_key_ref(const struct key *key, | ||
92 | unsigned long possession) | ||
93 | { | ||
94 | return (key_ref_t) ((unsigned long) key | possession); | ||
95 | } | ||
96 | |||
97 | static inline struct key *key_ref_to_ptr(const key_ref_t key_ref) | ||
98 | { | ||
99 | return (struct key *) ((unsigned long) key_ref & ~1UL); | ||
100 | } | ||
101 | |||
102 | static inline unsigned long is_key_possessed(const key_ref_t key_ref) | ||
103 | { | ||
104 | return (unsigned long) key_ref & 1UL; | ||
105 | } | ||
106 | |||
107 | /*****************************************************************************/ | ||
108 | /* | ||
70 | * authentication token / access credential / keyring | 109 | * authentication token / access credential / keyring |
71 | * - types of key include: | 110 | * - types of key include: |
72 | * - keyrings | 111 | * - keyrings |
@@ -215,20 +254,25 @@ static inline struct key *key_get(struct key *key) | |||
215 | return key; | 254 | return key; |
216 | } | 255 | } |
217 | 256 | ||
257 | static inline void key_ref_put(key_ref_t key_ref) | ||
258 | { | ||
259 | key_put(key_ref_to_ptr(key_ref)); | ||
260 | } | ||
261 | |||
218 | extern struct key *request_key(struct key_type *type, | 262 | extern struct key *request_key(struct key_type *type, |
219 | const char *description, | 263 | const char *description, |
220 | const char *callout_info); | 264 | const char *callout_info); |
221 | 265 | ||
222 | extern int key_validate(struct key *key); | 266 | extern int key_validate(struct key *key); |
223 | 267 | ||
224 | extern struct key *key_create_or_update(struct key *keyring, | 268 | extern key_ref_t key_create_or_update(key_ref_t keyring, |
225 | const char *type, | 269 | const char *type, |
226 | const char *description, | 270 | const char *description, |
227 | const void *payload, | 271 | const void *payload, |
228 | size_t plen, | 272 | size_t plen, |
229 | int not_in_quota); | 273 | int not_in_quota); |
230 | 274 | ||
231 | extern int key_update(struct key *key, | 275 | extern int key_update(key_ref_t key, |
232 | const void *payload, | 276 | const void *payload, |
233 | size_t plen); | 277 | size_t plen); |
234 | 278 | ||
@@ -243,9 +287,9 @@ extern struct key *keyring_alloc(const char *description, uid_t uid, gid_t gid, | |||
243 | 287 | ||
244 | extern int keyring_clear(struct key *keyring); | 288 | extern int keyring_clear(struct key *keyring); |
245 | 289 | ||
246 | extern struct key *keyring_search(struct key *keyring, | 290 | extern key_ref_t keyring_search(key_ref_t keyring, |
247 | struct key_type *type, | 291 | struct key_type *type, |
248 | const char *description); | 292 | const char *description); |
249 | 293 | ||
250 | extern int keyring_add_key(struct key *keyring, | 294 | extern int keyring_add_key(struct key *keyring, |
251 | struct key *key); | 295 | struct key *key); |
@@ -285,6 +329,10 @@ extern void key_init(void); | |||
285 | #define key_serial(k) 0 | 329 | #define key_serial(k) 0 |
286 | #define key_get(k) ({ NULL; }) | 330 | #define key_get(k) ({ NULL; }) |
287 | #define key_put(k) do { } while(0) | 331 | #define key_put(k) do { } while(0) |
332 | #define key_ref_put(k) do { } while(0) | ||
333 | #define make_key_ref(k) ({ NULL; }) | ||
334 | #define key_ref_to_ptr(k) ({ NULL; }) | ||
335 | #define is_key_possessed(k) 0 | ||
288 | #define alloc_uid_keyring(u) 0 | 336 | #define alloc_uid_keyring(u) 0 |
289 | #define switch_uid_keyring(u) do { } while(0) | 337 | #define switch_uid_keyring(u) do { } while(0) |
290 | #define __install_session_keyring(t, k) ({ NULL; }) | 338 | #define __install_session_keyring(t, k) ({ NULL; }) |