1 files changed, 19 insertions, 8 deletions
diff --git a/security/keys/key.c b/security/keys/key.c
index 1c2d43dc5107..f7f9d93f08d9 100644
--- a/security/keys/key.c
+++ b/security/keys/key.c
@@ -249,6 +249,14 @@ struct key *key_alloc(struct key_type *type, const char *desc,
        if (!desc || !*desc)
                goto error;
+        if (type->vet_description) {
+                ret = type->vet_description(desc);
+                if (ret < 0) {
+                        key = ERR_PTR(ret);
+                        goto error;
+                }
+        }
        desclen = strlen(desc) + 1;
        quotalen = desclen + type->def_datalen;
@@ -503,26 +511,29 @@ int key_instantiate_and_link(struct key *key,
 EXPORT_SYMBOL(key_instantiate_and_link);
 /**
- * key_negate_and_link - Negatively instantiate a key and link it into the keyring.
+ * key_reject_and_link - Negatively instantiate a key and link it into the keyring.
 * @key: The key to instantiate.
 * @timeout: The timeout on the negative key.
+ * @error: The error to return when the key is hit.
 * @keyring: Keyring to create a link in on success (or NULL).
 * @authkey: The authorisation token permitting instantiation.
 *
 * Negatively instantiate a key that's in the uninstantiated state and, if
- * successful, set its timeout and link it in to the destination keyring if one
+ * successful, set its timeout and stored error and link it in to the
- * is supplied.  The key and any links to the key will be automatically garbage
+ * destination keyring if one is supplied.  The key and any links to the key
- * collected after the timeout expires.
+ * will be automatically garbage collected after the timeout expires.
 *
 * Negative keys are used to rate limit repeated request_key() calls by causing
- * them to return -ENOKEY until the negative key expires.
+ * them to return the stored error code (typically ENOKEY) until the negative
+ * key expires.
 *
 * If successful, 0 is returned, the authorisation token is revoked and anyone
 * waiting for the key is woken up.  If the key was already instantiated,
 * -EBUSY will be returned.
 */
-int key_negate_and_link(struct key *key,
+int key_reject_and_link(struct key *key,
                        unsigned timeout,
+                        unsigned error,
                        struct key *keyring,
                        struct key *authkey)
 {
@@ -548,6 +559,7 @@ int key_negate_and_link(struct key *key,
                atomic_inc(&key->user->nikeys);
                set_bit(KEY_FLAG_NEGATIVE, &key->flags);
                set_bit(KEY_FLAG_INSTANTIATED, &key->flags);
+                key->type_data.reject_error = -error;
                now = current_kernel_time();
                key->expiry = now.tv_sec + timeout;
                key_schedule_gc(key->expiry + key_gc_delay);
@@ -577,8 +589,7 @@ int key_negate_and_link(struct key *key,
        return ret == 0 ? link_ret : ret;
 }
+EXPORT_SYMBOL(key_reject_and_link);
-EXPORT_SYMBOL(key_negate_and_link);
 /*
 * Garbage collect keys in process context so that we don't have to disable

diff --git a/security/keys/key.c b/security/keys/key.c index 1c2d43dc5107..f7f9d93f08d9 100644 --- a/security/keys/key.c +++ b/security/keys/key.c
@@ -249,6 +249,14 @@ struct key key_alloc(struct key_type type, const char *desc,
249	if (!desc \|\| !*desc)	249	if (!desc \|\| !*desc)
250	goto error;	250	goto error;
251		251
		252	if (type->vet_description) {
		253	ret = type->vet_description(desc);
		254	if (ret < 0) {
		255	key = ERR_PTR(ret);
		256	goto error;
		257	}
		258	}
		259
252	desclen = strlen(desc) + 1;	260	desclen = strlen(desc) + 1;
253	quotalen = desclen + type->def_datalen;	261	quotalen = desclen + type->def_datalen;
254		262
@@ -503,26 +511,29 @@ int key_instantiate_and_link(struct key *key,
503	EXPORT_SYMBOL(key_instantiate_and_link);	511	EXPORT_SYMBOL(key_instantiate_and_link);
504		512
505	/**	513	/**
506	* key_negate_and_link - Negatively instantiate a key and link it into the keyring.	514	* key_reject_and_link - Negatively instantiate a key and link it into the keyring.
507	* @key: The key to instantiate.	515	* @key: The key to instantiate.
508	* @timeout: The timeout on the negative key.	516	* @timeout: The timeout on the negative key.
		517	* @error: The error to return when the key is hit.
509	* @keyring: Keyring to create a link in on success (or NULL).	518	* @keyring: Keyring to create a link in on success (or NULL).
510	* @authkey: The authorisation token permitting instantiation.	519	* @authkey: The authorisation token permitting instantiation.
511	*	520	*
512	* Negatively instantiate a key that's in the uninstantiated state and, if	521	* Negatively instantiate a key that's in the uninstantiated state and, if
513	* successful, set its timeout and link it in to the destination keyring if one	522	* successful, set its timeout and stored error and link it in to the
514	* is supplied. The key and any links to the key will be automatically garbage	523	* destination keyring if one is supplied. The key and any links to the key
515	* collected after the timeout expires.	524	* will be automatically garbage collected after the timeout expires.
516	*	525	*
517	* Negative keys are used to rate limit repeated request_key() calls by causing	526	* Negative keys are used to rate limit repeated request_key() calls by causing
518	* them to return -ENOKEY until the negative key expires.	527	* them to return the stored error code (typically ENOKEY) until the negative
		528	* key expires.
519	*	529	*
520	* If successful, 0 is returned, the authorisation token is revoked and anyone	530	* If successful, 0 is returned, the authorisation token is revoked and anyone
521	* waiting for the key is woken up. If the key was already instantiated,	531	* waiting for the key is woken up. If the key was already instantiated,
522	* -EBUSY will be returned.	532	* -EBUSY will be returned.
523	*/	533	*/
524	int key_negate_and_link(struct key *key,	534	int key_reject_and_link(struct key *key,
525	unsigned timeout,	535	unsigned timeout,
		536	unsigned error,
526	struct key *keyring,	537	struct key *keyring,
527	struct key *authkey)	538	struct key *authkey)
528	{	539	{
@@ -548,6 +559,7 @@ int key_negate_and_link(struct key *key,
548	atomic_inc(&key->user->nikeys);	559	atomic_inc(&key->user->nikeys);
549	set_bit(KEY_FLAG_NEGATIVE, &key->flags);	560	set_bit(KEY_FLAG_NEGATIVE, &key->flags);
550	set_bit(KEY_FLAG_INSTANTIATED, &key->flags);	561	set_bit(KEY_FLAG_INSTANTIATED, &key->flags);
		562	key->type_data.reject_error = -error;
551	now = current_kernel_time();	563	now = current_kernel_time();
552	key->expiry = now.tv_sec + timeout;	564	key->expiry = now.tv_sec + timeout;
553	key_schedule_gc(key->expiry + key_gc_delay);	565	key_schedule_gc(key->expiry + key_gc_delay);
@@ -577,8 +589,7 @@ int key_negate_and_link(struct key *key,
577		589
578	return ret == 0 ? link_ret : ret;	590	return ret == 0 ? link_ret : ret;
579	}	591	}
580		592	EXPORT_SYMBOL(key_reject_and_link);
581	EXPORT_SYMBOL(key_negate_and_link);
582		593
583	/*	594	/*
584	* Garbage collect keys in process context so that we don't have to disable	595	* Garbage collect keys in process context so that we don't have to disable