aboutsummaryrefslogtreecommitdiffstats
path: root/security/keys/keyring.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/keys/keyring.c')
-rw-r--r--security/keys/keyring.c64
1 files changed, 16 insertions, 48 deletions
diff --git a/security/keys/keyring.c b/security/keys/keyring.c
index d37f713e73ce..0a2b8e916d97 100644
--- a/security/keys/keyring.c
+++ b/security/keys/keyring.c
@@ -80,7 +80,6 @@ EXPORT_SYMBOL(key_type_keyring);
80 */ 80 */
81static DECLARE_RWSEM(keyring_serialise_link_sem); 81static DECLARE_RWSEM(keyring_serialise_link_sem);
82 82
83/*****************************************************************************/
84/* 83/*
85 * publish the name of a keyring so that it can be found by name (if it has 84 * publish the name of a keyring so that it can be found by name (if it has
86 * one) 85 * one)
@@ -102,10 +101,8 @@ static void keyring_publish_name(struct key *keyring)
102 101
103 write_unlock(&keyring_name_lock); 102 write_unlock(&keyring_name_lock);
104 } 103 }
104}
105 105
106} /* end keyring_publish_name() */
107
108/*****************************************************************************/
109/* 106/*
110 * initialise a keyring 107 * initialise a keyring
111 * - we object if we were given any data 108 * - we object if we were given any data
@@ -123,10 +120,8 @@ static int keyring_instantiate(struct key *keyring,
123 } 120 }
124 121
125 return ret; 122 return ret;
123}
126 124
127} /* end keyring_instantiate() */
128
129/*****************************************************************************/
130/* 125/*
131 * match keyrings on their name 126 * match keyrings on their name
132 */ 127 */
@@ -134,10 +129,8 @@ static int keyring_match(const struct key *keyring, const void *description)
134{ 129{
135 return keyring->description && 130 return keyring->description &&
136 strcmp(keyring->description, description) == 0; 131 strcmp(keyring->description, description) == 0;
132}
137 133
138} /* end keyring_match() */
139
140/*****************************************************************************/
141/* 134/*
142 * dispose of the data dangling from the corpse of a keyring 135 * dispose of the data dangling from the corpse of a keyring
143 */ 136 */
@@ -164,10 +157,8 @@ static void keyring_destroy(struct key *keyring)
164 key_put(klist->keys[loop]); 157 key_put(klist->keys[loop]);
165 kfree(klist); 158 kfree(klist);
166 } 159 }
160}
167 161
168} /* end keyring_destroy() */
169
170/*****************************************************************************/
171/* 162/*
172 * describe the keyring 163 * describe the keyring
173 */ 164 */
@@ -187,10 +178,8 @@ static void keyring_describe(const struct key *keyring, struct seq_file *m)
187 else 178 else
188 seq_puts(m, ": empty"); 179 seq_puts(m, ": empty");
189 rcu_read_unlock(); 180 rcu_read_unlock();
181}
190 182
191} /* end keyring_describe() */
192
193/*****************************************************************************/
194/* 183/*
195 * read a list of key IDs from the keyring's contents 184 * read a list of key IDs from the keyring's contents
196 * - the keyring's semaphore is read-locked 185 * - the keyring's semaphore is read-locked
@@ -241,10 +230,8 @@ static long keyring_read(const struct key *keyring,
241 230
242error: 231error:
243 return ret; 232 return ret;
233}
244 234
245} /* end keyring_read() */
246
247/*****************************************************************************/
248/* 235/*
249 * allocate a keyring and link into the destination keyring 236 * allocate a keyring and link into the destination keyring
250 */ 237 */
@@ -269,10 +256,8 @@ struct key *keyring_alloc(const char *description, uid_t uid, gid_t gid,
269 } 256 }
270 257
271 return keyring; 258 return keyring;
259}
272 260
273} /* end keyring_alloc() */
274
275/*****************************************************************************/
276/* 261/*
277 * search the supplied keyring tree for a key that matches the criterion 262 * search the supplied keyring tree for a key that matches the criterion
278 * - perform a breadth-then-depth search up to the prescribed limit 263 * - perform a breadth-then-depth search up to the prescribed limit
@@ -444,10 +429,8 @@ error_2:
444 rcu_read_unlock(); 429 rcu_read_unlock();
445error: 430error:
446 return key_ref; 431 return key_ref;
432}
447 433
448} /* end keyring_search_aux() */
449
450/*****************************************************************************/
451/* 434/*
452 * search the supplied keyring tree for a key that matches the criterion 435 * search the supplied keyring tree for a key that matches the criterion
453 * - perform a breadth-then-depth search up to the prescribed limit 436 * - perform a breadth-then-depth search up to the prescribed limit
@@ -465,12 +448,10 @@ key_ref_t keyring_search(key_ref_t keyring,
465 448
466 return keyring_search_aux(keyring, current->cred, 449 return keyring_search_aux(keyring, current->cred,
467 type, description, type->match); 450 type, description, type->match);
468 451}
469} /* end keyring_search() */
470 452
471EXPORT_SYMBOL(keyring_search); 453EXPORT_SYMBOL(keyring_search);
472 454
473/*****************************************************************************/
474/* 455/*
475 * search the given keyring only (no recursion) 456 * search the given keyring only (no recursion)
476 * - keyring must be locked by caller 457 * - keyring must be locked by caller
@@ -514,10 +495,8 @@ found:
514 atomic_inc(&key->usage); 495 atomic_inc(&key->usage);
515 rcu_read_unlock(); 496 rcu_read_unlock();
516 return make_key_ref(key, possessed); 497 return make_key_ref(key, possessed);
498}
517 499
518} /* end __keyring_search_one() */
519
520/*****************************************************************************/
521/* 500/*
522 * find a keyring with the specified name 501 * find a keyring with the specified name
523 * - all named keyrings are searched 502 * - all named keyrings are searched
@@ -569,10 +548,8 @@ struct key *find_keyring_by_name(const char *name, bool skip_perm_check)
569out: 548out:
570 read_unlock(&keyring_name_lock); 549 read_unlock(&keyring_name_lock);
571 return keyring; 550 return keyring;
551}
572 552
573} /* end find_keyring_by_name() */
574
575/*****************************************************************************/
576/* 553/*
577 * see if a cycle will will be created by inserting acyclic tree B in acyclic 554 * see if a cycle will will be created by inserting acyclic tree B in acyclic
578 * tree A at the topmost level (ie: as a direct child of A) 555 * tree A at the topmost level (ie: as a direct child of A)
@@ -657,8 +634,7 @@ too_deep:
657cycle_detected: 634cycle_detected:
658 ret = -EDEADLK; 635 ret = -EDEADLK;
659 goto error; 636 goto error;
660 637}
661} /* end keyring_detect_cycle() */
662 638
663/* 639/*
664 * dispose of a keyring list after the RCU grace period, freeing the unlinked 640 * dispose of a keyring list after the RCU grace period, freeing the unlinked
@@ -898,7 +874,6 @@ int key_link(struct key *keyring, struct key *key)
898 874
899EXPORT_SYMBOL(key_link); 875EXPORT_SYMBOL(key_link);
900 876
901/*****************************************************************************/
902/* 877/*
903 * unlink the first link to a key from a keyring 878 * unlink the first link to a key from a keyring
904 */ 879 */
@@ -968,12 +943,10 @@ nomem:
968 ret = -ENOMEM; 943 ret = -ENOMEM;
969 up_write(&keyring->sem); 944 up_write(&keyring->sem);
970 goto error; 945 goto error;
971 946}
972} /* end key_unlink() */
973 947
974EXPORT_SYMBOL(key_unlink); 948EXPORT_SYMBOL(key_unlink);
975 949
976/*****************************************************************************/
977/* 950/*
978 * dispose of a keyring list after the RCU grace period, releasing the keys it 951 * dispose of a keyring list after the RCU grace period, releasing the keys it
979 * links to 952 * links to
@@ -989,10 +962,8 @@ static void keyring_clear_rcu_disposal(struct rcu_head *rcu)
989 key_put(klist->keys[loop]); 962 key_put(klist->keys[loop]);
990 963
991 kfree(klist); 964 kfree(klist);
965}
992 966
993} /* end keyring_clear_rcu_disposal() */
994
995/*****************************************************************************/
996/* 967/*
997 * clear the specified process keyring 968 * clear the specified process keyring
998 * - implements keyctl(KEYCTL_CLEAR) 969 * - implements keyctl(KEYCTL_CLEAR)
@@ -1027,12 +998,10 @@ int keyring_clear(struct key *keyring)
1027 } 998 }
1028 999
1029 return ret; 1000 return ret;
1030 1001}
1031} /* end keyring_clear() */
1032 1002
1033EXPORT_SYMBOL(keyring_clear); 1003EXPORT_SYMBOL(keyring_clear);
1034 1004
1035/*****************************************************************************/
1036/* 1005/*
1037 * dispose of the links from a revoked keyring 1006 * dispose of the links from a revoked keyring
1038 * - called with the key sem write-locked 1007 * - called with the key sem write-locked
@@ -1050,8 +1019,7 @@ static void keyring_revoke(struct key *keyring)
1050 rcu_assign_pointer(keyring->payload.subscriptions, NULL); 1019 rcu_assign_pointer(keyring->payload.subscriptions, NULL);
1051 call_rcu(&klist->rcu, keyring_clear_rcu_disposal); 1020 call_rcu(&klist->rcu, keyring_clear_rcu_disposal);
1052 } 1021 }
1053 1022}
1054} /* end keyring_revoke() */
1055 1023
1056/* 1024/*
1057 * Determine whether a key is dead 1025 * Determine whether a key is dead