diff options
Diffstat (limited to 'security/keys/keyring.c')
-rw-r--r-- | security/keys/keyring.c | 64 |
1 files changed, 16 insertions, 48 deletions
diff --git a/security/keys/keyring.c b/security/keys/keyring.c index d37f713e73ce..0a2b8e916d97 100644 --- a/security/keys/keyring.c +++ b/security/keys/keyring.c | |||
@@ -80,7 +80,6 @@ EXPORT_SYMBOL(key_type_keyring); | |||
80 | */ | 80 | */ |
81 | static DECLARE_RWSEM(keyring_serialise_link_sem); | 81 | static DECLARE_RWSEM(keyring_serialise_link_sem); |
82 | 82 | ||
83 | /*****************************************************************************/ | ||
84 | /* | 83 | /* |
85 | * publish the name of a keyring so that it can be found by name (if it has | 84 | * publish the name of a keyring so that it can be found by name (if it has |
86 | * one) | 85 | * one) |
@@ -102,10 +101,8 @@ static void keyring_publish_name(struct key *keyring) | |||
102 | 101 | ||
103 | write_unlock(&keyring_name_lock); | 102 | write_unlock(&keyring_name_lock); |
104 | } | 103 | } |
104 | } | ||
105 | 105 | ||
106 | } /* end keyring_publish_name() */ | ||
107 | |||
108 | /*****************************************************************************/ | ||
109 | /* | 106 | /* |
110 | * initialise a keyring | 107 | * initialise a keyring |
111 | * - we object if we were given any data | 108 | * - we object if we were given any data |
@@ -123,10 +120,8 @@ static int keyring_instantiate(struct key *keyring, | |||
123 | } | 120 | } |
124 | 121 | ||
125 | return ret; | 122 | return ret; |
123 | } | ||
126 | 124 | ||
127 | } /* end keyring_instantiate() */ | ||
128 | |||
129 | /*****************************************************************************/ | ||
130 | /* | 125 | /* |
131 | * match keyrings on their name | 126 | * match keyrings on their name |
132 | */ | 127 | */ |
@@ -134,10 +129,8 @@ static int keyring_match(const struct key *keyring, const void *description) | |||
134 | { | 129 | { |
135 | return keyring->description && | 130 | return keyring->description && |
136 | strcmp(keyring->description, description) == 0; | 131 | strcmp(keyring->description, description) == 0; |
132 | } | ||
137 | 133 | ||
138 | } /* end keyring_match() */ | ||
139 | |||
140 | /*****************************************************************************/ | ||
141 | /* | 134 | /* |
142 | * dispose of the data dangling from the corpse of a keyring | 135 | * dispose of the data dangling from the corpse of a keyring |
143 | */ | 136 | */ |
@@ -164,10 +157,8 @@ static void keyring_destroy(struct key *keyring) | |||
164 | key_put(klist->keys[loop]); | 157 | key_put(klist->keys[loop]); |
165 | kfree(klist); | 158 | kfree(klist); |
166 | } | 159 | } |
160 | } | ||
167 | 161 | ||
168 | } /* end keyring_destroy() */ | ||
169 | |||
170 | /*****************************************************************************/ | ||
171 | /* | 162 | /* |
172 | * describe the keyring | 163 | * describe the keyring |
173 | */ | 164 | */ |
@@ -187,10 +178,8 @@ static void keyring_describe(const struct key *keyring, struct seq_file *m) | |||
187 | else | 178 | else |
188 | seq_puts(m, ": empty"); | 179 | seq_puts(m, ": empty"); |
189 | rcu_read_unlock(); | 180 | rcu_read_unlock(); |
181 | } | ||
190 | 182 | ||
191 | } /* end keyring_describe() */ | ||
192 | |||
193 | /*****************************************************************************/ | ||
194 | /* | 183 | /* |
195 | * read a list of key IDs from the keyring's contents | 184 | * read a list of key IDs from the keyring's contents |
196 | * - the keyring's semaphore is read-locked | 185 | * - the keyring's semaphore is read-locked |
@@ -241,10 +230,8 @@ static long keyring_read(const struct key *keyring, | |||
241 | 230 | ||
242 | error: | 231 | error: |
243 | return ret; | 232 | return ret; |
233 | } | ||
244 | 234 | ||
245 | } /* end keyring_read() */ | ||
246 | |||
247 | /*****************************************************************************/ | ||
248 | /* | 235 | /* |
249 | * allocate a keyring and link into the destination keyring | 236 | * allocate a keyring and link into the destination keyring |
250 | */ | 237 | */ |
@@ -269,10 +256,8 @@ struct key *keyring_alloc(const char *description, uid_t uid, gid_t gid, | |||
269 | } | 256 | } |
270 | 257 | ||
271 | return keyring; | 258 | return keyring; |
259 | } | ||
272 | 260 | ||
273 | } /* end keyring_alloc() */ | ||
274 | |||
275 | /*****************************************************************************/ | ||
276 | /* | 261 | /* |
277 | * search the supplied keyring tree for a key that matches the criterion | 262 | * search the supplied keyring tree for a key that matches the criterion |
278 | * - perform a breadth-then-depth search up to the prescribed limit | 263 | * - perform a breadth-then-depth search up to the prescribed limit |
@@ -444,10 +429,8 @@ error_2: | |||
444 | rcu_read_unlock(); | 429 | rcu_read_unlock(); |
445 | error: | 430 | error: |
446 | return key_ref; | 431 | return key_ref; |
432 | } | ||
447 | 433 | ||
448 | } /* end keyring_search_aux() */ | ||
449 | |||
450 | /*****************************************************************************/ | ||
451 | /* | 434 | /* |
452 | * search the supplied keyring tree for a key that matches the criterion | 435 | * search the supplied keyring tree for a key that matches the criterion |
453 | * - perform a breadth-then-depth search up to the prescribed limit | 436 | * - perform a breadth-then-depth search up to the prescribed limit |
@@ -465,12 +448,10 @@ key_ref_t keyring_search(key_ref_t keyring, | |||
465 | 448 | ||
466 | return keyring_search_aux(keyring, current->cred, | 449 | return keyring_search_aux(keyring, current->cred, |
467 | type, description, type->match); | 450 | type, description, type->match); |
468 | 451 | } | |
469 | } /* end keyring_search() */ | ||
470 | 452 | ||
471 | EXPORT_SYMBOL(keyring_search); | 453 | EXPORT_SYMBOL(keyring_search); |
472 | 454 | ||
473 | /*****************************************************************************/ | ||
474 | /* | 455 | /* |
475 | * search the given keyring only (no recursion) | 456 | * search the given keyring only (no recursion) |
476 | * - keyring must be locked by caller | 457 | * - keyring must be locked by caller |
@@ -514,10 +495,8 @@ found: | |||
514 | atomic_inc(&key->usage); | 495 | atomic_inc(&key->usage); |
515 | rcu_read_unlock(); | 496 | rcu_read_unlock(); |
516 | return make_key_ref(key, possessed); | 497 | return make_key_ref(key, possessed); |
498 | } | ||
517 | 499 | ||
518 | } /* end __keyring_search_one() */ | ||
519 | |||
520 | /*****************************************************************************/ | ||
521 | /* | 500 | /* |
522 | * find a keyring with the specified name | 501 | * find a keyring with the specified name |
523 | * - all named keyrings are searched | 502 | * - all named keyrings are searched |
@@ -569,10 +548,8 @@ struct key *find_keyring_by_name(const char *name, bool skip_perm_check) | |||
569 | out: | 548 | out: |
570 | read_unlock(&keyring_name_lock); | 549 | read_unlock(&keyring_name_lock); |
571 | return keyring; | 550 | return keyring; |
551 | } | ||
572 | 552 | ||
573 | } /* end find_keyring_by_name() */ | ||
574 | |||
575 | /*****************************************************************************/ | ||
576 | /* | 553 | /* |
577 | * see if a cycle will will be created by inserting acyclic tree B in acyclic | 554 | * see if a cycle will will be created by inserting acyclic tree B in acyclic |
578 | * tree A at the topmost level (ie: as a direct child of A) | 555 | * tree A at the topmost level (ie: as a direct child of A) |
@@ -657,8 +634,7 @@ too_deep: | |||
657 | cycle_detected: | 634 | cycle_detected: |
658 | ret = -EDEADLK; | 635 | ret = -EDEADLK; |
659 | goto error; | 636 | goto error; |
660 | 637 | } | |
661 | } /* end keyring_detect_cycle() */ | ||
662 | 638 | ||
663 | /* | 639 | /* |
664 | * dispose of a keyring list after the RCU grace period, freeing the unlinked | 640 | * dispose of a keyring list after the RCU grace period, freeing the unlinked |
@@ -898,7 +874,6 @@ int key_link(struct key *keyring, struct key *key) | |||
898 | 874 | ||
899 | EXPORT_SYMBOL(key_link); | 875 | EXPORT_SYMBOL(key_link); |
900 | 876 | ||
901 | /*****************************************************************************/ | ||
902 | /* | 877 | /* |
903 | * unlink the first link to a key from a keyring | 878 | * unlink the first link to a key from a keyring |
904 | */ | 879 | */ |
@@ -968,12 +943,10 @@ nomem: | |||
968 | ret = -ENOMEM; | 943 | ret = -ENOMEM; |
969 | up_write(&keyring->sem); | 944 | up_write(&keyring->sem); |
970 | goto error; | 945 | goto error; |
971 | 946 | } | |
972 | } /* end key_unlink() */ | ||
973 | 947 | ||
974 | EXPORT_SYMBOL(key_unlink); | 948 | EXPORT_SYMBOL(key_unlink); |
975 | 949 | ||
976 | /*****************************************************************************/ | ||
977 | /* | 950 | /* |
978 | * dispose of a keyring list after the RCU grace period, releasing the keys it | 951 | * dispose of a keyring list after the RCU grace period, releasing the keys it |
979 | * links to | 952 | * links to |
@@ -989,10 +962,8 @@ static void keyring_clear_rcu_disposal(struct rcu_head *rcu) | |||
989 | key_put(klist->keys[loop]); | 962 | key_put(klist->keys[loop]); |
990 | 963 | ||
991 | kfree(klist); | 964 | kfree(klist); |
965 | } | ||
992 | 966 | ||
993 | } /* end keyring_clear_rcu_disposal() */ | ||
994 | |||
995 | /*****************************************************************************/ | ||
996 | /* | 967 | /* |
997 | * clear the specified process keyring | 968 | * clear the specified process keyring |
998 | * - implements keyctl(KEYCTL_CLEAR) | 969 | * - implements keyctl(KEYCTL_CLEAR) |
@@ -1027,12 +998,10 @@ int keyring_clear(struct key *keyring) | |||
1027 | } | 998 | } |
1028 | 999 | ||
1029 | return ret; | 1000 | return ret; |
1030 | 1001 | } | |
1031 | } /* end keyring_clear() */ | ||
1032 | 1002 | ||
1033 | EXPORT_SYMBOL(keyring_clear); | 1003 | EXPORT_SYMBOL(keyring_clear); |
1034 | 1004 | ||
1035 | /*****************************************************************************/ | ||
1036 | /* | 1005 | /* |
1037 | * dispose of the links from a revoked keyring | 1006 | * dispose of the links from a revoked keyring |
1038 | * - called with the key sem write-locked | 1007 | * - called with the key sem write-locked |
@@ -1050,8 +1019,7 @@ static void keyring_revoke(struct key *keyring) | |||
1050 | rcu_assign_pointer(keyring->payload.subscriptions, NULL); | 1019 | rcu_assign_pointer(keyring->payload.subscriptions, NULL); |
1051 | call_rcu(&klist->rcu, keyring_clear_rcu_disposal); | 1020 | call_rcu(&klist->rcu, keyring_clear_rcu_disposal); |
1052 | } | 1021 | } |
1053 | 1022 | } | |
1054 | } /* end keyring_revoke() */ | ||
1055 | 1023 | ||
1056 | /* | 1024 | /* |
1057 | * Determine whether a key is dead | 1025 | * Determine whether a key is dead |