diff options
author | David Howells <dhowells@redhat.com> | 2011-03-07 10:06:09 -0500 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2011-03-07 19:17:18 -0500 |
commit | fdd1b94581782a2ddf9124414e5b7a5f48ce2f9c (patch) | |
tree | ce83bfd1f0b1a7d4b9521bdb3d6afef1bff1d4f2 /security/keys/key.c | |
parent | b9fffa3877a3ebbe0a5ad5a247358e2f7df15b24 (diff) |
KEYS: Add a new keyctl op to reject a key with a specified error code
Add a new keyctl op to reject a key with a specified error code. This works
much the same as negating a key, and so keyctl_negate_key() is made a special
case of keyctl_reject_key(). The difference is that keyctl_negate_key()
selects ENOKEY as the error to be reported.
Typically the key would be rejected with EKEYEXPIRED, EKEYREVOKED or
EKEYREJECTED, but this is not mandatory.
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/keys/key.c')
-rw-r--r-- | security/keys/key.c | 19 |
1 files changed, 11 insertions, 8 deletions
diff --git a/security/keys/key.c b/security/keys/key.c index 8e315ef2e88e..f7f9d93f08d9 100644 --- a/security/keys/key.c +++ b/security/keys/key.c | |||
@@ -511,26 +511,29 @@ int key_instantiate_and_link(struct key *key, | |||
511 | EXPORT_SYMBOL(key_instantiate_and_link); | 511 | EXPORT_SYMBOL(key_instantiate_and_link); |
512 | 512 | ||
513 | /** | 513 | /** |
514 | * key_negate_and_link - Negatively instantiate a key and link it into the keyring. | 514 | * key_reject_and_link - Negatively instantiate a key and link it into the keyring. |
515 | * @key: The key to instantiate. | 515 | * @key: The key to instantiate. |
516 | * @timeout: The timeout on the negative key. | 516 | * @timeout: The timeout on the negative key. |
517 | * @error: The error to return when the key is hit. | ||
517 | * @keyring: Keyring to create a link in on success (or NULL). | 518 | * @keyring: Keyring to create a link in on success (or NULL). |
518 | * @authkey: The authorisation token permitting instantiation. | 519 | * @authkey: The authorisation token permitting instantiation. |
519 | * | 520 | * |
520 | * Negatively instantiate a key that's in the uninstantiated state and, if | 521 | * Negatively instantiate a key that's in the uninstantiated state and, if |
521 | * successful, set its timeout and link it in to the destination keyring if one | 522 | * successful, set its timeout and stored error and link it in to the |
522 | * is supplied. The key and any links to the key will be automatically garbage | 523 | * destination keyring if one is supplied. The key and any links to the key |
523 | * collected after the timeout expires. | 524 | * will be automatically garbage collected after the timeout expires. |
524 | * | 525 | * |
525 | * Negative keys are used to rate limit repeated request_key() calls by causing | 526 | * Negative keys are used to rate limit repeated request_key() calls by causing |
526 | * them to return -ENOKEY until the negative key expires. | 527 | * them to return the stored error code (typically ENOKEY) until the negative |
528 | * key expires. | ||
527 | * | 529 | * |
528 | * If successful, 0 is returned, the authorisation token is revoked and anyone | 530 | * If successful, 0 is returned, the authorisation token is revoked and anyone |
529 | * waiting for the key is woken up. If the key was already instantiated, | 531 | * waiting for the key is woken up. If the key was already instantiated, |
530 | * -EBUSY will be returned. | 532 | * -EBUSY will be returned. |
531 | */ | 533 | */ |
532 | int key_negate_and_link(struct key *key, | 534 | int key_reject_and_link(struct key *key, |
533 | unsigned timeout, | 535 | unsigned timeout, |
536 | unsigned error, | ||
534 | struct key *keyring, | 537 | struct key *keyring, |
535 | struct key *authkey) | 538 | struct key *authkey) |
536 | { | 539 | { |
@@ -556,6 +559,7 @@ int key_negate_and_link(struct key *key, | |||
556 | atomic_inc(&key->user->nikeys); | 559 | atomic_inc(&key->user->nikeys); |
557 | set_bit(KEY_FLAG_NEGATIVE, &key->flags); | 560 | set_bit(KEY_FLAG_NEGATIVE, &key->flags); |
558 | set_bit(KEY_FLAG_INSTANTIATED, &key->flags); | 561 | set_bit(KEY_FLAG_INSTANTIATED, &key->flags); |
562 | key->type_data.reject_error = -error; | ||
559 | now = current_kernel_time(); | 563 | now = current_kernel_time(); |
560 | key->expiry = now.tv_sec + timeout; | 564 | key->expiry = now.tv_sec + timeout; |
561 | key_schedule_gc(key->expiry + key_gc_delay); | 565 | key_schedule_gc(key->expiry + key_gc_delay); |
@@ -585,8 +589,7 @@ int key_negate_and_link(struct key *key, | |||
585 | 589 | ||
586 | return ret == 0 ? link_ret : ret; | 590 | return ret == 0 ? link_ret : ret; |
587 | } | 591 | } |
588 | 592 | EXPORT_SYMBOL(key_reject_and_link); | |
589 | EXPORT_SYMBOL(key_negate_and_link); | ||
590 | 593 | ||
591 | /* | 594 | /* |
592 | * Garbage collect keys in process context so that we don't have to disable | 595 | * Garbage collect keys in process context so that we don't have to disable |