aboutsummaryrefslogtreecommitdiffstats
path: root/include/linux/key.h
diff options
context:
space:
mode:
Diffstat (limited to 'include/linux/key.h')
-rw-r--r--include/linux/key.h78
1 files changed, 63 insertions, 15 deletions
diff --git a/include/linux/key.h b/include/linux/key.h
index 970bbd916cf..f1efa016dbf 100644
--- a/include/linux/key.h
+++ b/include/linux/key.h
@@ -35,11 +35,18 @@ struct key;
35 35
36#undef KEY_DEBUGGING 36#undef KEY_DEBUGGING
37 37
38#define KEY_USR_VIEW 0x00010000 /* user can view a key's attributes */ 38#define KEY_POS_VIEW 0x01000000 /* possessor can view a key's attributes */
39#define KEY_USR_READ 0x00020000 /* user can read key payload / view keyring */ 39#define KEY_POS_READ 0x02000000 /* possessor can read key payload / view keyring */
40#define KEY_USR_WRITE 0x00040000 /* user can update key payload / add link to keyring */ 40#define KEY_POS_WRITE 0x04000000 /* possessor can update key payload / add link to keyring */
41#define KEY_USR_SEARCH 0x00080000 /* user can find a key in search / search a keyring */ 41#define KEY_POS_SEARCH 0x08000000 /* possessor can find a key in search / search a keyring */
42#define KEY_USR_LINK 0x00100000 /* user can create a link to a key/keyring */ 42#define KEY_POS_LINK 0x10000000 /* possessor can create a link to a key/keyring */
43#define KEY_POS_ALL 0x1f000000
44
45#define KEY_USR_VIEW 0x00010000 /* user permissions... */
46#define KEY_USR_READ 0x00020000
47#define KEY_USR_WRITE 0x00040000
48#define KEY_USR_SEARCH 0x00080000
49#define KEY_USR_LINK 0x00100000
43#define KEY_USR_ALL 0x001f0000 50#define KEY_USR_ALL 0x001f0000
44 51
45#define KEY_GRP_VIEW 0x00000100 /* group permissions... */ 52#define KEY_GRP_VIEW 0x00000100 /* group permissions... */
@@ -67,6 +74,38 @@ struct keyring_name;
67 74
68/*****************************************************************************/ 75/*****************************************************************************/
69/* 76/*
77 * key reference with possession attribute handling
78 *
79 * NOTE! key_ref_t is a typedef'd pointer to a type that is not actually
80 * defined. This is because we abuse the bottom bit of the reference to carry a
81 * flag to indicate whether the calling process possesses that key in one of
82 * its keyrings.
83 *
84 * the key_ref_t has been made a separate type so that the compiler can reject
85 * attempts to dereference it without proper conversion.
86 *
87 * the three functions are used to assemble and disassemble references
88 */
89typedef struct __key_reference_with_attributes *key_ref_t;
90
91static inline key_ref_t make_key_ref(const struct key *key,
92 unsigned long possession)
93{
94 return (key_ref_t) ((unsigned long) key | possession);
95}
96
97static inline struct key *key_ref_to_ptr(const key_ref_t key_ref)
98{
99 return (struct key *) ((unsigned long) key_ref & ~1UL);
100}
101
102static inline unsigned long is_key_possessed(const key_ref_t key_ref)
103{
104 return (unsigned long) key_ref & 1UL;
105}
106
107/*****************************************************************************/
108/*
70 * authentication token / access credential / keyring 109 * authentication token / access credential / keyring
71 * - types of key include: 110 * - types of key include:
72 * - keyrings 111 * - keyrings
@@ -215,20 +254,25 @@ static inline struct key *key_get(struct key *key)
215 return key; 254 return key;
216} 255}
217 256
257static inline void key_ref_put(key_ref_t key_ref)
258{
259 key_put(key_ref_to_ptr(key_ref));
260}
261
218extern struct key *request_key(struct key_type *type, 262extern struct key *request_key(struct key_type *type,
219 const char *description, 263 const char *description,
220 const char *callout_info); 264 const char *callout_info);
221 265
222extern int key_validate(struct key *key); 266extern int key_validate(struct key *key);
223 267
224extern struct key *key_create_or_update(struct key *keyring, 268extern key_ref_t key_create_or_update(key_ref_t keyring,
225 const char *type, 269 const char *type,
226 const char *description, 270 const char *description,
227 const void *payload, 271 const void *payload,
228 size_t plen, 272 size_t plen,
229 int not_in_quota); 273 int not_in_quota);
230 274
231extern int key_update(struct key *key, 275extern int key_update(key_ref_t key,
232 const void *payload, 276 const void *payload,
233 size_t plen); 277 size_t plen);
234 278
@@ -243,9 +287,9 @@ extern struct key *keyring_alloc(const char *description, uid_t uid, gid_t gid,
243 287
244extern int keyring_clear(struct key *keyring); 288extern int keyring_clear(struct key *keyring);
245 289
246extern struct key *keyring_search(struct key *keyring, 290extern key_ref_t keyring_search(key_ref_t keyring,
247 struct key_type *type, 291 struct key_type *type,
248 const char *description); 292 const char *description);
249 293
250extern int keyring_add_key(struct key *keyring, 294extern int keyring_add_key(struct key *keyring,
251 struct key *key); 295 struct key *key);
@@ -285,6 +329,10 @@ extern void key_init(void);
285#define key_serial(k) 0 329#define key_serial(k) 0
286#define key_get(k) ({ NULL; }) 330#define key_get(k) ({ NULL; })
287#define key_put(k) do { } while(0) 331#define key_put(k) do { } while(0)
332#define key_ref_put(k) do { } while(0)
333#define make_key_ref(k) ({ NULL; })
334#define key_ref_to_ptr(k) ({ NULL; })
335#define is_key_possessed(k) 0
288#define alloc_uid_keyring(u) 0 336#define alloc_uid_keyring(u) 0
289#define switch_uid_keyring(u) do { } while(0) 337#define switch_uid_keyring(u) do { } while(0)
290#define __install_session_keyring(t, k) ({ NULL; }) 338#define __install_session_keyring(t, k) ({ NULL; })