aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--include/keys/keyring-type.h31
-rw-r--r--include/linux/key-ui.h66
-rw-r--r--security/keys/internal.h31
-rw-r--r--security/keys/keyring.c1
-rw-r--r--security/keys/request_key.c2
5 files changed, 64 insertions, 67 deletions
diff --git a/include/keys/keyring-type.h b/include/keys/keyring-type.h
new file mode 100644
index 000000000000..843f872a4b63
--- /dev/null
+++ b/include/keys/keyring-type.h
@@ -0,0 +1,31 @@
1/* Keyring key type
2 *
3 * Copyright (C) 2008 Red Hat, Inc. All Rights Reserved.
4 * Written by David Howells (dhowells@redhat.com)
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 */
11
12#ifndef _KEYS_KEYRING_TYPE_H
13#define _KEYS_KEYRING_TYPE_H
14
15#include <linux/key.h>
16#include <linux/rcupdate.h>
17
18/*
19 * the keyring payload contains a list of the keys to which the keyring is
20 * subscribed
21 */
22struct keyring_list {
23 struct rcu_head rcu; /* RCU deletion hook */
24 unsigned short maxkeys; /* max keys this list can hold */
25 unsigned short nkeys; /* number of keys currently held */
26 unsigned short delkey; /* key to be unlinked by RCU */
27 struct key *keys[0];
28};
29
30
31#endif /* _KEYS_KEYRING_TYPE_H */
diff --git a/include/linux/key-ui.h b/include/linux/key-ui.h
deleted file mode 100644
index e8b8a7a5c496..000000000000
--- a/include/linux/key-ui.h
+++ /dev/null
@@ -1,66 +0,0 @@
1/* key-ui.h: key userspace interface stuff
2 *
3 * Copyright (C) 2004 Red Hat, Inc. All Rights Reserved.
4 * Written by David Howells (dhowells@redhat.com)
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 */
11
12#ifndef _LINUX_KEY_UI_H
13#define _LINUX_KEY_UI_H
14
15#include <linux/key.h>
16
17/* the key tree */
18extern struct rb_root key_serial_tree;
19extern spinlock_t key_serial_lock;
20
21/* required permissions */
22#define KEY_VIEW 0x01 /* require permission to view attributes */
23#define KEY_READ 0x02 /* require permission to read content */
24#define KEY_WRITE 0x04 /* require permission to update / modify */
25#define KEY_SEARCH 0x08 /* require permission to search (keyring) or find (key) */
26#define KEY_LINK 0x10 /* require permission to link */
27#define KEY_SETATTR 0x20 /* require permission to change attributes */
28#define KEY_ALL 0x3f /* all the above permissions */
29
30/*
31 * the keyring payload contains a list of the keys to which the keyring is
32 * subscribed
33 */
34struct keyring_list {
35 struct rcu_head rcu; /* RCU deletion hook */
36 unsigned short maxkeys; /* max keys this list can hold */
37 unsigned short nkeys; /* number of keys currently held */
38 unsigned short delkey; /* key to be unlinked by RCU */
39 struct key *keys[0];
40};
41
42/*
43 * check to see whether permission is granted to use a key in the desired way
44 */
45extern int key_task_permission(const key_ref_t key_ref,
46 struct task_struct *context,
47 key_perm_t perm);
48
49static inline int key_permission(const key_ref_t key_ref, key_perm_t perm)
50{
51 return key_task_permission(key_ref, current, perm);
52}
53
54extern key_ref_t lookup_user_key(struct task_struct *context,
55 key_serial_t id, int create, int partial,
56 key_perm_t perm);
57
58extern long join_session_keyring(const char *name);
59
60extern struct key_type *key_type_lookup(const char *type);
61extern void key_type_put(struct key_type *ktype);
62
63#define key_negative_timeout 60 /* default timeout on a negative key's existence */
64
65
66#endif /* _LINUX_KEY_UI_H */
diff --git a/security/keys/internal.h b/security/keys/internal.h
index b39f5c2e2c4b..a60c68138b4d 100644
--- a/security/keys/internal.h
+++ b/security/keys/internal.h
@@ -13,7 +13,6 @@
13#define _INTERNAL_H 13#define _INTERNAL_H
14 14
15#include <linux/key-type.h> 15#include <linux/key-type.h>
16#include <linux/key-ui.h>
17 16
18static inline __attribute__((format(printf, 1, 2))) 17static inline __attribute__((format(printf, 1, 2)))
19void no_printk(const char *fmt, ...) 18void no_printk(const char *fmt, ...)
@@ -82,6 +81,9 @@ extern struct mutex key_construction_mutex;
82extern wait_queue_head_t request_key_conswq; 81extern wait_queue_head_t request_key_conswq;
83 82
84 83
84extern struct key_type *key_type_lookup(const char *type);
85extern void key_type_put(struct key_type *ktype);
86
85extern int __key_link(struct key *keyring, struct key *key); 87extern int __key_link(struct key *keyring, struct key *key);
86 88
87extern key_ref_t __keyring_search_one(key_ref_t keyring_ref, 89extern key_ref_t __keyring_search_one(key_ref_t keyring_ref,
@@ -118,6 +120,33 @@ extern struct key *request_key_and_link(struct key_type *type,
118 struct key *dest_keyring, 120 struct key *dest_keyring,
119 unsigned long flags); 121 unsigned long flags);
120 122
123extern key_ref_t lookup_user_key(struct task_struct *context,
124 key_serial_t id, int create, int partial,
125 key_perm_t perm);
126
127extern long join_session_keyring(const char *name);
128
129/*
130 * check to see whether permission is granted to use a key in the desired way
131 */
132extern int key_task_permission(const key_ref_t key_ref,
133 struct task_struct *context,
134 key_perm_t perm);
135
136static inline int key_permission(const key_ref_t key_ref, key_perm_t perm)
137{
138 return key_task_permission(key_ref, current, perm);
139}
140
141/* required permissions */
142#define KEY_VIEW 0x01 /* require permission to view attributes */
143#define KEY_READ 0x02 /* require permission to read content */
144#define KEY_WRITE 0x04 /* require permission to update / modify */
145#define KEY_SEARCH 0x08 /* require permission to search (keyring) or find (key) */
146#define KEY_LINK 0x10 /* require permission to link */
147#define KEY_SETATTR 0x20 /* require permission to change attributes */
148#define KEY_ALL 0x3f /* all the above permissions */
149
121/* 150/*
122 * request_key authorisation 151 * request_key authorisation
123 */ 152 */
diff --git a/security/keys/keyring.c b/security/keys/keyring.c
index a9ab8affc092..fdf75f901991 100644
--- a/security/keys/keyring.c
+++ b/security/keys/keyring.c
@@ -16,6 +16,7 @@
16#include <linux/security.h> 16#include <linux/security.h>
17#include <linux/seq_file.h> 17#include <linux/seq_file.h>
18#include <linux/err.h> 18#include <linux/err.h>
19#include <keys/keyring-type.h>
19#include <asm/uaccess.h> 20#include <asm/uaccess.h>
20#include "internal.h" 21#include "internal.h"
21 22
diff --git a/security/keys/request_key.c b/security/keys/request_key.c
index a8ebc9520cac..91953c814497 100644
--- a/security/keys/request_key.c
+++ b/security/keys/request_key.c
@@ -19,6 +19,8 @@
19#include <linux/slab.h> 19#include <linux/slab.h>
20#include "internal.h" 20#include "internal.h"
21 21
22#define key_negative_timeout 60 /* default timeout on a negative key's existence */
23
22/* 24/*
23 * wait_on_bit() sleep function for uninterruptible waiting 25 * wait_on_bit() sleep function for uninterruptible waiting
24 */ 26 */