diff options
| -rw-r--r-- | include/linux/key.h | 11 | ||||
| -rw-r--r-- | include/linux/security.h | 6 | ||||
| -rw-r--r-- | security/capability.c | 2 | ||||
| -rw-r--r-- | security/keys/internal.h | 11 | ||||
| -rw-r--r-- | security/keys/key.c | 6 | ||||
| -rw-r--r-- | security/keys/keyctl.c | 44 | ||||
| -rw-r--r-- | security/keys/keyring.c | 8 | ||||
| -rw-r--r-- | security/keys/permission.c | 4 | ||||
| -rw-r--r-- | security/keys/persistent.c | 4 | ||||
| -rw-r--r-- | security/keys/proc.c | 2 | ||||
| -rw-r--r-- | security/security.c | 2 | ||||
| -rw-r--r-- | security/selinux/hooks.c | 2 | ||||
| -rw-r--r-- | security/smack/smack_lsm.c | 9 |
13 files changed, 59 insertions, 52 deletions
diff --git a/include/linux/key.h b/include/linux/key.h index 80d677483e31..cd0abb8c9c33 100644 --- a/include/linux/key.h +++ b/include/linux/key.h | |||
| @@ -309,6 +309,17 @@ static inline key_serial_t key_serial(const struct key *key) | |||
| 309 | 309 | ||
| 310 | extern void key_set_timeout(struct key *, unsigned); | 310 | extern void key_set_timeout(struct key *, unsigned); |
| 311 | 311 | ||
| 312 | /* | ||
| 313 | * The permissions required on a key that we're looking up. | ||
| 314 | */ | ||
| 315 | #define KEY_NEED_VIEW 0x01 /* Require permission to view attributes */ | ||
| 316 | #define KEY_NEED_READ 0x02 /* Require permission to read content */ | ||
| 317 | #define KEY_NEED_WRITE 0x04 /* Require permission to update / modify */ | ||
| 318 | #define KEY_NEED_SEARCH 0x08 /* Require permission to search (keyring) or find (key) */ | ||
| 319 | #define KEY_NEED_LINK 0x10 /* Require permission to link */ | ||
| 320 | #define KEY_NEED_SETATTR 0x20 /* Require permission to change attributes */ | ||
| 321 | #define KEY_NEED_ALL 0x3f /* All the above permissions */ | ||
| 322 | |||
| 312 | /** | 323 | /** |
| 313 | * key_is_instantiated - Determine if a key has been positively instantiated | 324 | * key_is_instantiated - Determine if a key has been positively instantiated |
| 314 | * @key: The key to check. | 325 | * @key: The key to check. |
diff --git a/include/linux/security.h b/include/linux/security.h index 2fc42d191f79..6726006bc766 100644 --- a/include/linux/security.h +++ b/include/linux/security.h | |||
| @@ -1708,7 +1708,7 @@ struct security_operations { | |||
| 1708 | void (*key_free) (struct key *key); | 1708 | void (*key_free) (struct key *key); |
| 1709 | int (*key_permission) (key_ref_t key_ref, | 1709 | int (*key_permission) (key_ref_t key_ref, |
| 1710 | const struct cred *cred, | 1710 | const struct cred *cred, |
| 1711 | key_perm_t perm); | 1711 | unsigned perm); |
| 1712 | int (*key_getsecurity)(struct key *key, char **_buffer); | 1712 | int (*key_getsecurity)(struct key *key, char **_buffer); |
| 1713 | #endif /* CONFIG_KEYS */ | 1713 | #endif /* CONFIG_KEYS */ |
| 1714 | 1714 | ||
| @@ -3030,7 +3030,7 @@ static inline int security_path_chroot(struct path *path) | |||
| 3030 | int security_key_alloc(struct key *key, const struct cred *cred, unsigned long flags); | 3030 | int security_key_alloc(struct key *key, const struct cred *cred, unsigned long flags); |
| 3031 | void security_key_free(struct key *key); | 3031 | void security_key_free(struct key *key); |
| 3032 | int security_key_permission(key_ref_t key_ref, | 3032 | int security_key_permission(key_ref_t key_ref, |
| 3033 | const struct cred *cred, key_perm_t perm); | 3033 | const struct cred *cred, unsigned perm); |
| 3034 | int security_key_getsecurity(struct key *key, char **_buffer); | 3034 | int security_key_getsecurity(struct key *key, char **_buffer); |
| 3035 | 3035 | ||
| 3036 | #else | 3036 | #else |
| @@ -3048,7 +3048,7 @@ static inline void security_key_free(struct key *key) | |||
| 3048 | 3048 | ||
| 3049 | static inline int security_key_permission(key_ref_t key_ref, | 3049 | static inline int security_key_permission(key_ref_t key_ref, |
| 3050 | const struct cred *cred, | 3050 | const struct cred *cred, |
| 3051 | key_perm_t perm) | 3051 | unsigned perm) |
| 3052 | { | 3052 | { |
| 3053 | return 0; | 3053 | return 0; |
| 3054 | } | 3054 | } |
diff --git a/security/capability.c b/security/capability.c index ad0d4de69944..e76373de3129 100644 --- a/security/capability.c +++ b/security/capability.c | |||
| @@ -879,7 +879,7 @@ static void cap_key_free(struct key *key) | |||
| 879 | } | 879 | } |
| 880 | 880 | ||
| 881 | static int cap_key_permission(key_ref_t key_ref, const struct cred *cred, | 881 | static int cap_key_permission(key_ref_t key_ref, const struct cred *cred, |
| 882 | key_perm_t perm) | 882 | unsigned perm) |
| 883 | { | 883 | { |
| 884 | return 0; | 884 | return 0; |
| 885 | } | 885 | } |
diff --git a/security/keys/internal.h b/security/keys/internal.h index 80b2aac4f50c..5f20da01fd8d 100644 --- a/security/keys/internal.h +++ b/security/keys/internal.h | |||
| @@ -176,20 +176,11 @@ extern int key_task_permission(const key_ref_t key_ref, | |||
| 176 | /* | 176 | /* |
| 177 | * Check to see whether permission is granted to use a key in the desired way. | 177 | * Check to see whether permission is granted to use a key in the desired way. |
| 178 | */ | 178 | */ |
| 179 | static inline int key_permission(const key_ref_t key_ref, key_perm_t perm) | 179 | static inline int key_permission(const key_ref_t key_ref, unsigned perm) |
| 180 | { | 180 | { |
| 181 | return key_task_permission(key_ref, current_cred(), perm); | 181 | return key_task_permission(key_ref, current_cred(), perm); |
| 182 | } | 182 | } |
| 183 | 183 | ||
| 184 | /* required permissions */ | ||
| 185 | #define KEY_VIEW 0x01 /* require permission to view attributes */ | ||
| 186 | #define KEY_READ 0x02 /* require permission to read content */ | ||
| 187 | #define KEY_WRITE 0x04 /* require permission to update / modify */ | ||
| 188 | #define KEY_SEARCH 0x08 /* require permission to search (keyring) or find (key) */ | ||
| 189 | #define KEY_LINK 0x10 /* require permission to link */ | ||
| 190 | #define KEY_SETATTR 0x20 /* require permission to change attributes */ | ||
| 191 | #define KEY_ALL 0x3f /* all the above permissions */ | ||
| 192 | |||
| 193 | /* | 184 | /* |
| 194 | * Authorisation record for request_key(). | 185 | * Authorisation record for request_key(). |
| 195 | */ | 186 | */ |
diff --git a/security/keys/key.c b/security/keys/key.c index 6e21c11e48bc..2048a110e7f1 100644 --- a/security/keys/key.c +++ b/security/keys/key.c | |||
| @@ -714,7 +714,7 @@ static inline key_ref_t __key_update(key_ref_t key_ref, | |||
| 714 | int ret; | 714 | int ret; |
| 715 | 715 | ||
| 716 | /* need write permission on the key to update it */ | 716 | /* need write permission on the key to update it */ |
| 717 | ret = key_permission(key_ref, KEY_WRITE); | 717 | ret = key_permission(key_ref, KEY_NEED_WRITE); |
| 718 | if (ret < 0) | 718 | if (ret < 0) |
| 719 | goto error; | 719 | goto error; |
| 720 | 720 | ||
| @@ -838,7 +838,7 @@ key_ref_t key_create_or_update(key_ref_t keyring_ref, | |||
| 838 | 838 | ||
| 839 | /* if we're going to allocate a new key, we're going to have | 839 | /* if we're going to allocate a new key, we're going to have |
| 840 | * to modify the keyring */ | 840 | * to modify the keyring */ |
| 841 | ret = key_permission(keyring_ref, KEY_WRITE); | 841 | ret = key_permission(keyring_ref, KEY_NEED_WRITE); |
| 842 | if (ret < 0) { | 842 | if (ret < 0) { |
| 843 | key_ref = ERR_PTR(ret); | 843 | key_ref = ERR_PTR(ret); |
| 844 | goto error_link_end; | 844 | goto error_link_end; |
| @@ -928,7 +928,7 @@ int key_update(key_ref_t key_ref, const void *payload, size_t plen) | |||
| 928 | key_check(key); | 928 | key_check(key); |
| 929 | 929 | ||
| 930 | /* the key must be writable */ | 930 | /* the key must be writable */ |
| 931 | ret = key_permission(key_ref, KEY_WRITE); | 931 | ret = key_permission(key_ref, KEY_NEED_WRITE); |
| 932 | if (ret < 0) | 932 | if (ret < 0) |
| 933 | goto error; | 933 | goto error; |
| 934 | 934 | ||
diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c index cee72ce64222..cd5bd0cef25d 100644 --- a/security/keys/keyctl.c +++ b/security/keys/keyctl.c | |||
| @@ -111,7 +111,7 @@ SYSCALL_DEFINE5(add_key, const char __user *, _type, | |||
| 111 | } | 111 | } |
| 112 | 112 | ||
| 113 | /* find the target keyring (which must be writable) */ | 113 | /* find the target keyring (which must be writable) */ |
| 114 | keyring_ref = lookup_user_key(ringid, KEY_LOOKUP_CREATE, KEY_WRITE); | 114 | keyring_ref = lookup_user_key(ringid, KEY_LOOKUP_CREATE, KEY_NEED_WRITE); |
| 115 | if (IS_ERR(keyring_ref)) { | 115 | if (IS_ERR(keyring_ref)) { |
| 116 | ret = PTR_ERR(keyring_ref); | 116 | ret = PTR_ERR(keyring_ref); |
| 117 | goto error3; | 117 | goto error3; |
| @@ -195,7 +195,7 @@ SYSCALL_DEFINE4(request_key, const char __user *, _type, | |||
| 195 | dest_ref = NULL; | 195 | dest_ref = NULL; |
| 196 | if (destringid) { | 196 | if (destringid) { |
| 197 | dest_ref = lookup_user_key(destringid, KEY_LOOKUP_CREATE, | 197 | dest_ref = lookup_user_key(destringid, KEY_LOOKUP_CREATE, |
| 198 | KEY_WRITE); | 198 | KEY_NEED_WRITE); |
| 199 | if (IS_ERR(dest_ref)) { | 199 | if (IS_ERR(dest_ref)) { |
| 200 | ret = PTR_ERR(dest_ref); | 200 | ret = PTR_ERR(dest_ref); |
| 201 | goto error3; | 201 | goto error3; |
| @@ -253,7 +253,7 @@ long keyctl_get_keyring_ID(key_serial_t id, int create) | |||
| 253 | long ret; | 253 | long ret; |
| 254 | 254 | ||
| 255 | lflags = create ? KEY_LOOKUP_CREATE : 0; | 255 | lflags = create ? KEY_LOOKUP_CREATE : 0; |
| 256 | key_ref = lookup_user_key(id, lflags, KEY_SEARCH); | 256 | key_ref = lookup_user_key(id, lflags, KEY_NEED_SEARCH); |
| 257 | if (IS_ERR(key_ref)) { | 257 | if (IS_ERR(key_ref)) { |
| 258 | ret = PTR_ERR(key_ref); | 258 | ret = PTR_ERR(key_ref); |
| 259 | goto error; | 259 | goto error; |
| @@ -334,7 +334,7 @@ long keyctl_update_key(key_serial_t id, | |||
| 334 | } | 334 | } |
| 335 | 335 | ||
| 336 | /* find the target key (which must be writable) */ | 336 | /* find the target key (which must be writable) */ |
| 337 | key_ref = lookup_user_key(id, 0, KEY_WRITE); | 337 | key_ref = lookup_user_key(id, 0, KEY_NEED_WRITE); |
| 338 | if (IS_ERR(key_ref)) { | 338 | if (IS_ERR(key_ref)) { |
| 339 | ret = PTR_ERR(key_ref); | 339 | ret = PTR_ERR(key_ref); |
| 340 | goto error2; | 340 | goto error2; |
| @@ -365,12 +365,12 @@ long keyctl_revoke_key(key_serial_t id) | |||
| 365 | key_ref_t key_ref; | 365 | key_ref_t key_ref; |
| 366 | long ret; | 366 | long ret; |
| 367 | 367 | ||
| 368 | key_ref = lookup_user_key(id, 0, KEY_WRITE); | 368 | key_ref = lookup_user_key(id, 0, KEY_NEED_WRITE); |
| 369 | if (IS_ERR(key_ref)) { | 369 | if (IS_ERR(key_ref)) { |
| 370 | ret = PTR_ERR(key_ref); | 370 | ret = PTR_ERR(key_ref); |
| 371 | if (ret != -EACCES) | 371 | if (ret != -EACCES) |
| 372 | goto error; | 372 | goto error; |
| 373 | key_ref = lookup_user_key(id, 0, KEY_SETATTR); | 373 | key_ref = lookup_user_key(id, 0, KEY_NEED_SETATTR); |
| 374 | if (IS_ERR(key_ref)) { | 374 | if (IS_ERR(key_ref)) { |
| 375 | ret = PTR_ERR(key_ref); | 375 | ret = PTR_ERR(key_ref); |
| 376 | goto error; | 376 | goto error; |
| @@ -401,7 +401,7 @@ long keyctl_invalidate_key(key_serial_t id) | |||
| 401 | 401 | ||
| 402 | kenter("%d", id); | 402 | kenter("%d", id); |
| 403 | 403 | ||
| 404 | key_ref = lookup_user_key(id, 0, KEY_SEARCH); | 404 | key_ref = lookup_user_key(id, 0, KEY_NEED_SEARCH); |
| 405 | if (IS_ERR(key_ref)) { | 405 | if (IS_ERR(key_ref)) { |
| 406 | ret = PTR_ERR(key_ref); | 406 | ret = PTR_ERR(key_ref); |
| 407 | goto error; | 407 | goto error; |
| @@ -428,7 +428,7 @@ long keyctl_keyring_clear(key_serial_t ringid) | |||
| 428 | key_ref_t keyring_ref; | 428 | key_ref_t keyring_ref; |
| 429 | long ret; | 429 | long ret; |
| 430 | 430 | ||
| 431 | keyring_ref = lookup_user_key(ringid, KEY_LOOKUP_CREATE, KEY_WRITE); | 431 | keyring_ref = lookup_user_key(ringid, KEY_LOOKUP_CREATE, KEY_NEED_WRITE); |
| 432 | if (IS_ERR(keyring_ref)) { | 432 | if (IS_ERR(keyring_ref)) { |
| 433 | ret = PTR_ERR(keyring_ref); | 433 | ret = PTR_ERR(keyring_ref); |
| 434 | 434 | ||
| @@ -470,13 +470,13 @@ long keyctl_keyring_link(key_serial_t id, key_serial_t ringid) | |||
| 470 | key_ref_t keyring_ref, key_ref; | 470 | key_ref_t keyring_ref, key_ref; |
| 471 | long ret; | 471 | long ret; |
| 472 | 472 | ||
| 473 | keyring_ref = lookup_user_key(ringid, KEY_LOOKUP_CREATE, KEY_WRITE); | 473 | keyring_ref = lookup_user_key(ringid, KEY_LOOKUP_CREATE, KEY_NEED_WRITE); |
| 474 | if (IS_ERR(keyring_ref)) { | 474 | if (IS_ERR(keyring_ref)) { |
| 475 | ret = PTR_ERR(keyring_ref); | 475 | ret = PTR_ERR(keyring_ref); |
| 476 | goto error; | 476 | goto error; |
| 477 | } | 477 | } |
| 478 | 478 | ||
| 479 | key_ref = lookup_user_key(id, KEY_LOOKUP_CREATE, KEY_LINK); | 479 | key_ref = lookup_user_key(id, KEY_LOOKUP_CREATE, KEY_NEED_LINK); |
| 480 | if (IS_ERR(key_ref)) { | 480 | if (IS_ERR(key_ref)) { |
| 481 | ret = PTR_ERR(key_ref); | 481 | ret = PTR_ERR(key_ref); |
| 482 | goto error2; | 482 | goto error2; |
| @@ -505,7 +505,7 @@ long keyctl_keyring_unlink(key_serial_t id, key_serial_t ringid) | |||
| 505 | key_ref_t keyring_ref, key_ref; | 505 | key_ref_t keyring_ref, key_ref; |
| 506 | long ret; | 506 | long ret; |
| 507 | 507 | ||
| 508 | keyring_ref = lookup_user_key(ringid, 0, KEY_WRITE); | 508 | keyring_ref = lookup_user_key(ringid, 0, KEY_NEED_WRITE); |
| 509 | if (IS_ERR(keyring_ref)) { | 509 | if (IS_ERR(keyring_ref)) { |
| 510 | ret = PTR_ERR(keyring_ref); | 510 | ret = PTR_ERR(keyring_ref); |
| 511 | goto error; | 511 | goto error; |
| @@ -548,7 +548,7 @@ long keyctl_describe_key(key_serial_t keyid, | |||
| 548 | char *tmpbuf; | 548 | char *tmpbuf; |
| 549 | long ret; | 549 | long ret; |
| 550 | 550 | ||
| 551 | key_ref = lookup_user_key(keyid, KEY_LOOKUP_PARTIAL, KEY_VIEW); | 551 | key_ref = lookup_user_key(keyid, KEY_LOOKUP_PARTIAL, KEY_NEED_VIEW); |
| 552 | if (IS_ERR(key_ref)) { | 552 | if (IS_ERR(key_ref)) { |
| 553 | /* viewing a key under construction is permitted if we have the | 553 | /* viewing a key under construction is permitted if we have the |
| 554 | * authorisation token handy */ | 554 | * authorisation token handy */ |
| @@ -639,7 +639,7 @@ long keyctl_keyring_search(key_serial_t ringid, | |||
| 639 | } | 639 | } |
| 640 | 640 | ||
| 641 | /* get the keyring at which to begin the search */ | 641 | /* get the keyring at which to begin the search */ |
| 642 | keyring_ref = lookup_user_key(ringid, 0, KEY_SEARCH); | 642 | keyring_ref = lookup_user_key(ringid, 0, KEY_NEED_SEARCH); |
| 643 | if (IS_ERR(keyring_ref)) { | 643 | if (IS_ERR(keyring_ref)) { |
| 644 | ret = PTR_ERR(keyring_ref); | 644 | ret = PTR_ERR(keyring_ref); |
| 645 | goto error2; | 645 | goto error2; |
| @@ -649,7 +649,7 @@ long keyctl_keyring_search(key_serial_t ringid, | |||
| 649 | dest_ref = NULL; | 649 | dest_ref = NULL; |
| 650 | if (destringid) { | 650 | if (destringid) { |
| 651 | dest_ref = lookup_user_key(destringid, KEY_LOOKUP_CREATE, | 651 | dest_ref = lookup_user_key(destringid, KEY_LOOKUP_CREATE, |
| 652 | KEY_WRITE); | 652 | KEY_NEED_WRITE); |
| 653 | if (IS_ERR(dest_ref)) { | 653 | if (IS_ERR(dest_ref)) { |
| 654 | ret = PTR_ERR(dest_ref); | 654 | ret = PTR_ERR(dest_ref); |
| 655 | goto error3; | 655 | goto error3; |
| @@ -676,7 +676,7 @@ long keyctl_keyring_search(key_serial_t ringid, | |||
| 676 | 676 | ||
| 677 | /* link the resulting key to the destination keyring if we can */ | 677 | /* link the resulting key to the destination keyring if we can */ |
| 678 | if (dest_ref) { | 678 | if (dest_ref) { |
| 679 | ret = key_permission(key_ref, KEY_LINK); | 679 | ret = key_permission(key_ref, KEY_NEED_LINK); |
| 680 | if (ret < 0) | 680 | if (ret < 0) |
| 681 | goto error6; | 681 | goto error6; |
| 682 | 682 | ||
| @@ -727,7 +727,7 @@ long keyctl_read_key(key_serial_t keyid, char __user *buffer, size_t buflen) | |||
| 727 | key = key_ref_to_ptr(key_ref); | 727 | key = key_ref_to_ptr(key_ref); |
| 728 | 728 | ||
| 729 | /* see if we can read it directly */ | 729 | /* see if we can read it directly */ |
| 730 | ret = key_permission(key_ref, KEY_READ); | 730 | ret = key_permission(key_ref, KEY_NEED_READ); |
| 731 | if (ret == 0) | 731 | if (ret == 0) |
| 732 | goto can_read_key; | 732 | goto can_read_key; |
| 733 | if (ret != -EACCES) | 733 | if (ret != -EACCES) |
| @@ -799,7 +799,7 @@ long keyctl_chown_key(key_serial_t id, uid_t user, gid_t group) | |||
| 799 | goto error; | 799 | goto error; |
| 800 | 800 | ||
| 801 | key_ref = lookup_user_key(id, KEY_LOOKUP_CREATE | KEY_LOOKUP_PARTIAL, | 801 | key_ref = lookup_user_key(id, KEY_LOOKUP_CREATE | KEY_LOOKUP_PARTIAL, |
| 802 | KEY_SETATTR); | 802 | KEY_NEED_SETATTR); |
| 803 | if (IS_ERR(key_ref)) { | 803 | if (IS_ERR(key_ref)) { |
| 804 | ret = PTR_ERR(key_ref); | 804 | ret = PTR_ERR(key_ref); |
| 805 | goto error; | 805 | goto error; |
| @@ -905,7 +905,7 @@ long keyctl_setperm_key(key_serial_t id, key_perm_t perm) | |||
| 905 | goto error; | 905 | goto error; |
| 906 | 906 | ||
| 907 | key_ref = lookup_user_key(id, KEY_LOOKUP_CREATE | KEY_LOOKUP_PARTIAL, | 907 | key_ref = lookup_user_key(id, KEY_LOOKUP_CREATE | KEY_LOOKUP_PARTIAL, |
| 908 | KEY_SETATTR); | 908 | KEY_NEED_SETATTR); |
| 909 | if (IS_ERR(key_ref)) { | 909 | if (IS_ERR(key_ref)) { |
| 910 | ret = PTR_ERR(key_ref); | 910 | ret = PTR_ERR(key_ref); |
| 911 | goto error; | 911 | goto error; |
| @@ -947,7 +947,7 @@ static long get_instantiation_keyring(key_serial_t ringid, | |||
| 947 | 947 | ||
| 948 | /* if a specific keyring is nominated by ID, then use that */ | 948 | /* if a specific keyring is nominated by ID, then use that */ |
| 949 | if (ringid > 0) { | 949 | if (ringid > 0) { |
| 950 | dkref = lookup_user_key(ringid, KEY_LOOKUP_CREATE, KEY_WRITE); | 950 | dkref = lookup_user_key(ringid, KEY_LOOKUP_CREATE, KEY_NEED_WRITE); |
| 951 | if (IS_ERR(dkref)) | 951 | if (IS_ERR(dkref)) |
| 952 | return PTR_ERR(dkref); | 952 | return PTR_ERR(dkref); |
| 953 | *_dest_keyring = key_ref_to_ptr(dkref); | 953 | *_dest_keyring = key_ref_to_ptr(dkref); |
| @@ -1315,7 +1315,7 @@ long keyctl_set_timeout(key_serial_t id, unsigned timeout) | |||
| 1315 | long ret; | 1315 | long ret; |
| 1316 | 1316 | ||
| 1317 | key_ref = lookup_user_key(id, KEY_LOOKUP_CREATE | KEY_LOOKUP_PARTIAL, | 1317 | key_ref = lookup_user_key(id, KEY_LOOKUP_CREATE | KEY_LOOKUP_PARTIAL, |
| 1318 | KEY_SETATTR); | 1318 | KEY_NEED_SETATTR); |
| 1319 | if (IS_ERR(key_ref)) { | 1319 | if (IS_ERR(key_ref)) { |
| 1320 | /* setting the timeout on a key under construction is permitted | 1320 | /* setting the timeout on a key under construction is permitted |
| 1321 | * if we have the authorisation token handy */ | 1321 | * if we have the authorisation token handy */ |
| @@ -1418,7 +1418,7 @@ long keyctl_get_security(key_serial_t keyid, | |||
| 1418 | char *context; | 1418 | char *context; |
| 1419 | long ret; | 1419 | long ret; |
| 1420 | 1420 | ||
| 1421 | key_ref = lookup_user_key(keyid, KEY_LOOKUP_PARTIAL, KEY_VIEW); | 1421 | key_ref = lookup_user_key(keyid, KEY_LOOKUP_PARTIAL, KEY_NEED_VIEW); |
| 1422 | if (IS_ERR(key_ref)) { | 1422 | if (IS_ERR(key_ref)) { |
| 1423 | if (PTR_ERR(key_ref) != -EACCES) | 1423 | if (PTR_ERR(key_ref) != -EACCES) |
| 1424 | return PTR_ERR(key_ref); | 1424 | return PTR_ERR(key_ref); |
| @@ -1482,7 +1482,7 @@ long keyctl_session_to_parent(void) | |||
| 1482 | struct cred *cred; | 1482 | struct cred *cred; |
| 1483 | int ret; | 1483 | int ret; |
| 1484 | 1484 | ||
| 1485 | keyring_r = lookup_user_key(KEY_SPEC_SESSION_KEYRING, 0, KEY_LINK); | 1485 | keyring_r = lookup_user_key(KEY_SPEC_SESSION_KEYRING, 0, KEY_NEED_LINK); |
| 1486 | if (IS_ERR(keyring_r)) | 1486 | if (IS_ERR(keyring_r)) |
| 1487 | return PTR_ERR(keyring_r); | 1487 | return PTR_ERR(keyring_r); |
| 1488 | 1488 | ||
diff --git a/security/keys/keyring.c b/security/keys/keyring.c index 2fb2576dc644..9cf2575f0d97 100644 --- a/security/keys/keyring.c +++ b/security/keys/keyring.c | |||
| @@ -541,7 +541,7 @@ static int keyring_search_iterator(const void *object, void *iterator_data) | |||
| 541 | /* key must have search permissions */ | 541 | /* key must have search permissions */ |
| 542 | if (!(ctx->flags & KEYRING_SEARCH_NO_CHECK_PERM) && | 542 | if (!(ctx->flags & KEYRING_SEARCH_NO_CHECK_PERM) && |
| 543 | key_task_permission(make_key_ref(key, ctx->possessed), | 543 | key_task_permission(make_key_ref(key, ctx->possessed), |
| 544 | ctx->cred, KEY_SEARCH) < 0) { | 544 | ctx->cred, KEY_NEED_SEARCH) < 0) { |
| 545 | ctx->result = ERR_PTR(-EACCES); | 545 | ctx->result = ERR_PTR(-EACCES); |
| 546 | kleave(" = %d [!perm]", ctx->skipped_ret); | 546 | kleave(" = %d [!perm]", ctx->skipped_ret); |
| 547 | goto skipped; | 547 | goto skipped; |
| @@ -721,7 +721,7 @@ ascend_to_node: | |||
| 721 | /* Search a nested keyring */ | 721 | /* Search a nested keyring */ |
| 722 | if (!(ctx->flags & KEYRING_SEARCH_NO_CHECK_PERM) && | 722 | if (!(ctx->flags & KEYRING_SEARCH_NO_CHECK_PERM) && |
| 723 | key_task_permission(make_key_ref(key, ctx->possessed), | 723 | key_task_permission(make_key_ref(key, ctx->possessed), |
| 724 | ctx->cred, KEY_SEARCH) < 0) | 724 | ctx->cred, KEY_NEED_SEARCH) < 0) |
| 725 | continue; | 725 | continue; |
| 726 | 726 | ||
| 727 | /* stack the current position */ | 727 | /* stack the current position */ |
| @@ -843,7 +843,7 @@ key_ref_t keyring_search_aux(key_ref_t keyring_ref, | |||
| 843 | return ERR_PTR(-ENOTDIR); | 843 | return ERR_PTR(-ENOTDIR); |
| 844 | 844 | ||
| 845 | if (!(ctx->flags & KEYRING_SEARCH_NO_CHECK_PERM)) { | 845 | if (!(ctx->flags & KEYRING_SEARCH_NO_CHECK_PERM)) { |
| 846 | err = key_task_permission(keyring_ref, ctx->cred, KEY_SEARCH); | 846 | err = key_task_permission(keyring_ref, ctx->cred, KEY_NEED_SEARCH); |
| 847 | if (err < 0) | 847 | if (err < 0) |
| 848 | return ERR_PTR(err); | 848 | return ERR_PTR(err); |
| 849 | } | 849 | } |
| @@ -973,7 +973,7 @@ struct key *find_keyring_by_name(const char *name, bool skip_perm_check) | |||
| 973 | 973 | ||
| 974 | if (!skip_perm_check && | 974 | if (!skip_perm_check && |
| 975 | key_permission(make_key_ref(keyring, 0), | 975 | key_permission(make_key_ref(keyring, 0), |
| 976 | KEY_SEARCH) < 0) | 976 | KEY_NEED_SEARCH) < 0) |
| 977 | continue; | 977 | continue; |
| 978 | 978 | ||
| 979 | /* we've got a match but we might end up racing with | 979 | /* we've got a match but we might end up racing with |
diff --git a/security/keys/permission.c b/security/keys/permission.c index efcc0c855a0d..732cc0beffdf 100644 --- a/security/keys/permission.c +++ b/security/keys/permission.c | |||
| @@ -28,7 +28,7 @@ | |||
| 28 | * permissions bits or the LSM check. | 28 | * permissions bits or the LSM check. |
| 29 | */ | 29 | */ |
| 30 | int key_task_permission(const key_ref_t key_ref, const struct cred *cred, | 30 | int key_task_permission(const key_ref_t key_ref, const struct cred *cred, |
| 31 | key_perm_t perm) | 31 | unsigned perm) |
| 32 | { | 32 | { |
| 33 | struct key *key; | 33 | struct key *key; |
| 34 | key_perm_t kperm; | 34 | key_perm_t kperm; |
| @@ -68,7 +68,7 @@ use_these_perms: | |||
| 68 | if (is_key_possessed(key_ref)) | 68 | if (is_key_possessed(key_ref)) |
| 69 | kperm |= key->perm >> 24; | 69 | kperm |= key->perm >> 24; |
| 70 | 70 | ||
| 71 | kperm = kperm & perm & KEY_ALL; | 71 | kperm = kperm & perm & KEY_NEED_ALL; |
| 72 | 72 | ||
| 73 | if (kperm != perm) | 73 | if (kperm != perm) |
| 74 | return -EACCES; | 74 | return -EACCES; |
diff --git a/security/keys/persistent.c b/security/keys/persistent.c index 0ad3ee283781..c9fae5ea89fe 100644 --- a/security/keys/persistent.c +++ b/security/keys/persistent.c | |||
| @@ -108,7 +108,7 @@ static long key_get_persistent(struct user_namespace *ns, kuid_t uid, | |||
| 108 | return PTR_ERR(persistent_ref); | 108 | return PTR_ERR(persistent_ref); |
| 109 | 109 | ||
| 110 | found: | 110 | found: |
| 111 | ret = key_task_permission(persistent_ref, current_cred(), KEY_LINK); | 111 | ret = key_task_permission(persistent_ref, current_cred(), KEY_NEED_LINK); |
| 112 | if (ret == 0) { | 112 | if (ret == 0) { |
| 113 | persistent = key_ref_to_ptr(persistent_ref); | 113 | persistent = key_ref_to_ptr(persistent_ref); |
| 114 | ret = key_link(key_ref_to_ptr(dest_ref), persistent); | 114 | ret = key_link(key_ref_to_ptr(dest_ref), persistent); |
| @@ -151,7 +151,7 @@ long keyctl_get_persistent(uid_t _uid, key_serial_t destid) | |||
| 151 | } | 151 | } |
| 152 | 152 | ||
| 153 | /* There must be a destination keyring */ | 153 | /* There must be a destination keyring */ |
| 154 | dest_ref = lookup_user_key(destid, KEY_LOOKUP_CREATE, KEY_WRITE); | 154 | dest_ref = lookup_user_key(destid, KEY_LOOKUP_CREATE, KEY_NEED_WRITE); |
| 155 | if (IS_ERR(dest_ref)) | 155 | if (IS_ERR(dest_ref)) |
| 156 | return PTR_ERR(dest_ref); | 156 | return PTR_ERR(dest_ref); |
| 157 | if (key_ref_to_ptr(dest_ref)->type != &key_type_keyring) { | 157 | if (key_ref_to_ptr(dest_ref)->type != &key_type_keyring) { |
diff --git a/security/keys/proc.c b/security/keys/proc.c index 88e9a466940f..d3f6f2fd21db 100644 --- a/security/keys/proc.c +++ b/security/keys/proc.c | |||
| @@ -218,7 +218,7 @@ static int proc_keys_show(struct seq_file *m, void *v) | |||
| 218 | * - the caller holds a spinlock, and thus the RCU read lock, making our | 218 | * - the caller holds a spinlock, and thus the RCU read lock, making our |
| 219 | * access to __current_cred() safe | 219 | * access to __current_cred() safe |
| 220 | */ | 220 | */ |
| 221 | rc = key_task_permission(key_ref, ctx.cred, KEY_VIEW); | 221 | rc = key_task_permission(key_ref, ctx.cred, KEY_NEED_VIEW); |
| 222 | if (rc < 0) | 222 | if (rc < 0) |
| 223 | return 0; | 223 | return 0; |
| 224 | 224 | ||
diff --git a/security/security.c b/security/security.c index 919cad93ac82..d91fec458e90 100644 --- a/security/security.c +++ b/security/security.c | |||
| @@ -1407,7 +1407,7 @@ void security_key_free(struct key *key) | |||
| 1407 | } | 1407 | } |
| 1408 | 1408 | ||
| 1409 | int security_key_permission(key_ref_t key_ref, | 1409 | int security_key_permission(key_ref_t key_ref, |
| 1410 | const struct cred *cred, key_perm_t perm) | 1410 | const struct cred *cred, unsigned perm) |
| 1411 | { | 1411 | { |
| 1412 | return security_ops->key_permission(key_ref, cred, perm); | 1412 | return security_ops->key_permission(key_ref, cred, perm); |
| 1413 | } | 1413 | } |
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 869c2f1e0da1..6ab22720c277 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
| @@ -5719,7 +5719,7 @@ static void selinux_key_free(struct key *k) | |||
| 5719 | 5719 | ||
| 5720 | static int selinux_key_permission(key_ref_t key_ref, | 5720 | static int selinux_key_permission(key_ref_t key_ref, |
| 5721 | const struct cred *cred, | 5721 | const struct cred *cred, |
| 5722 | key_perm_t perm) | 5722 | unsigned perm) |
| 5723 | { | 5723 | { |
| 5724 | struct key *key; | 5724 | struct key *key; |
| 5725 | struct key_security_struct *ksec; | 5725 | struct key_security_struct *ksec; |
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 14f52be78c75..8177e7df8c2d 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c | |||
| @@ -3506,11 +3506,12 @@ static void smack_key_free(struct key *key) | |||
| 3506 | * an error code otherwise | 3506 | * an error code otherwise |
| 3507 | */ | 3507 | */ |
| 3508 | static int smack_key_permission(key_ref_t key_ref, | 3508 | static int smack_key_permission(key_ref_t key_ref, |
| 3509 | const struct cred *cred, key_perm_t perm) | 3509 | const struct cred *cred, unsigned perm) |
| 3510 | { | 3510 | { |
| 3511 | struct key *keyp; | 3511 | struct key *keyp; |
| 3512 | struct smk_audit_info ad; | 3512 | struct smk_audit_info ad; |
| 3513 | struct smack_known *tkp = smk_of_task(cred->security); | 3513 | struct smack_known *tkp = smk_of_task(cred->security); |
| 3514 | int request = 0; | ||
| 3514 | 3515 | ||
| 3515 | keyp = key_ref_to_ptr(key_ref); | 3516 | keyp = key_ref_to_ptr(key_ref); |
| 3516 | if (keyp == NULL) | 3517 | if (keyp == NULL) |
| @@ -3531,7 +3532,11 @@ static int smack_key_permission(key_ref_t key_ref, | |||
| 3531 | ad.a.u.key_struct.key = keyp->serial; | 3532 | ad.a.u.key_struct.key = keyp->serial; |
| 3532 | ad.a.u.key_struct.key_desc = keyp->description; | 3533 | ad.a.u.key_struct.key_desc = keyp->description; |
| 3533 | #endif | 3534 | #endif |
| 3534 | return smk_access(tkp, keyp->security, MAY_READWRITE, &ad); | 3535 | if (perm & KEY_NEED_READ) |
| 3536 | request = MAY_READ; | ||
| 3537 | if (perm & (KEY_NEED_WRITE | KEY_NEED_LINK | KEY_NEED_SETATTR)) | ||
| 3538 | request = MAY_WRITE; | ||
| 3539 | return smk_access(tkp, keyp->security, request, &ad); | ||
| 3535 | } | 3540 | } |
| 3536 | #endif /* CONFIG_KEYS */ | 3541 | #endif /* CONFIG_KEYS */ |
| 3537 | 3542 | ||