aboutsummaryrefslogtreecommitdiffstats
path: root/security/keys
diff options
context:
space:
mode:
Diffstat (limited to 'security/keys')
-rw-r--r--security/keys/Makefile1
-rw-r--r--security/keys/compat.c3
-rw-r--r--security/keys/gc.c194
-rw-r--r--security/keys/internal.h10
-rw-r--r--security/keys/key.c24
-rw-r--r--security/keys/keyctl.c161
-rw-r--r--security/keys/keyring.c85
-rw-r--r--security/keys/proc.c93
-rw-r--r--security/keys/process_keys.c69
-rw-r--r--security/keys/sysctl.c28
10 files changed, 599 insertions, 69 deletions
diff --git a/security/keys/Makefile b/security/keys/Makefile
index 747a464943af..74d5447d7df7 100644
--- a/security/keys/Makefile
+++ b/security/keys/Makefile
@@ -3,6 +3,7 @@
3# 3#
4 4
5obj-y := \ 5obj-y := \
6 gc.o \
6 key.o \ 7 key.o \
7 keyring.o \ 8 keyring.o \
8 keyctl.o \ 9 keyctl.o \
diff --git a/security/keys/compat.c b/security/keys/compat.c
index c766c68a63bc..792c0a611a6d 100644
--- a/security/keys/compat.c
+++ b/security/keys/compat.c
@@ -82,6 +82,9 @@ asmlinkage long compat_sys_keyctl(u32 option,
82 case KEYCTL_GET_SECURITY: 82 case KEYCTL_GET_SECURITY:
83 return keyctl_get_security(arg2, compat_ptr(arg3), arg4); 83 return keyctl_get_security(arg2, compat_ptr(arg3), arg4);
84 84
85 case KEYCTL_SESSION_TO_PARENT:
86 return keyctl_session_to_parent();
87
85 default: 88 default:
86 return -EOPNOTSUPP; 89 return -EOPNOTSUPP;
87 } 90 }
diff --git a/security/keys/gc.c b/security/keys/gc.c
new file mode 100644
index 000000000000..1e616aef55fd
--- /dev/null
+++ b/security/keys/gc.c
@@ -0,0 +1,194 @@
1/* Key garbage collector
2 *
3 * Copyright (C) 2009 Red Hat, Inc. All Rights Reserved.
4 * Written by David Howells (dhowells@redhat.com)
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public Licence
8 * as published by the Free Software Foundation; either version
9 * 2 of the Licence, or (at your option) any later version.
10 */
11
12#include <linux/module.h>
13#include <keys/keyring-type.h>
14#include "internal.h"
15
16/*
17 * Delay between key revocation/expiry in seconds
18 */
19unsigned key_gc_delay = 5 * 60;
20
21/*
22 * Reaper
23 */
24static void key_gc_timer_func(unsigned long);
25static void key_garbage_collector(struct work_struct *);
26static DEFINE_TIMER(key_gc_timer, key_gc_timer_func, 0, 0);
27static DECLARE_WORK(key_gc_work, key_garbage_collector);
28static key_serial_t key_gc_cursor; /* the last key the gc considered */
29static unsigned long key_gc_executing;
30static time_t key_gc_next_run = LONG_MAX;
31
32/*
33 * Schedule a garbage collection run
34 * - precision isn't particularly important
35 */
36void key_schedule_gc(time_t gc_at)
37{
38 unsigned long expires;
39 time_t now = current_kernel_time().tv_sec;
40
41 kenter("%ld", gc_at - now);
42
43 gc_at += key_gc_delay;
44
45 if (now >= gc_at) {
46 schedule_work(&key_gc_work);
47 } else if (gc_at < key_gc_next_run) {
48 expires = jiffies + (gc_at - now) * HZ;
49 mod_timer(&key_gc_timer, expires);
50 }
51}
52
53/*
54 * The garbage collector timer kicked off
55 */
56static void key_gc_timer_func(unsigned long data)
57{
58 kenter("");
59 key_gc_next_run = LONG_MAX;
60 schedule_work(&key_gc_work);
61}
62
63/*
64 * Garbage collect pointers from a keyring
65 * - return true if we altered the keyring
66 */
67static bool key_gc_keyring(struct key *keyring, time_t limit)
68 __releases(key_serial_lock)
69{
70 struct keyring_list *klist;
71 struct key *key;
72 int loop;
73
74 kenter("%x", key_serial(keyring));
75
76 if (test_bit(KEY_FLAG_REVOKED, &keyring->flags))
77 goto dont_gc;
78
79 /* scan the keyring looking for dead keys */
80 klist = rcu_dereference(keyring->payload.subscriptions);
81 if (!klist)
82 goto dont_gc;
83
84 for (loop = klist->nkeys - 1; loop >= 0; loop--) {
85 key = klist->keys[loop];
86 if (test_bit(KEY_FLAG_DEAD, &key->flags) ||
87 (key->expiry > 0 && key->expiry <= limit))
88 goto do_gc;
89 }
90
91dont_gc:
92 kleave(" = false");
93 return false;
94
95do_gc:
96 key_gc_cursor = keyring->serial;
97 key_get(keyring);
98 spin_unlock(&key_serial_lock);
99 keyring_gc(keyring, limit);
100 key_put(keyring);
101 kleave(" = true");
102 return true;
103}
104
105/*
106 * Garbage collector for keys
107 * - this involves scanning the keyrings for dead, expired and revoked keys
108 * that have overstayed their welcome
109 */
110static void key_garbage_collector(struct work_struct *work)
111{
112 struct rb_node *rb;
113 key_serial_t cursor;
114 struct key *key, *xkey;
115 time_t new_timer = LONG_MAX, limit;
116
117 kenter("");
118
119 if (test_and_set_bit(0, &key_gc_executing)) {
120 key_schedule_gc(current_kernel_time().tv_sec);
121 return;
122 }
123
124 limit = current_kernel_time().tv_sec;
125 if (limit > key_gc_delay)
126 limit -= key_gc_delay;
127 else
128 limit = key_gc_delay;
129
130 spin_lock(&key_serial_lock);
131
132 if (RB_EMPTY_ROOT(&key_serial_tree))
133 goto reached_the_end;
134
135 cursor = key_gc_cursor;
136 if (cursor < 0)
137 cursor = 0;
138
139 /* find the first key above the cursor */
140 key = NULL;
141 rb = key_serial_tree.rb_node;
142 while (rb) {
143 xkey = rb_entry(rb, struct key, serial_node);
144 if (cursor < xkey->serial) {
145 key = xkey;
146 rb = rb->rb_left;
147 } else if (cursor > xkey->serial) {
148 rb = rb->rb_right;
149 } else {
150 rb = rb_next(rb);
151 if (!rb)
152 goto reached_the_end;
153 key = rb_entry(rb, struct key, serial_node);
154 break;
155 }
156 }
157
158 if (!key)
159 goto reached_the_end;
160
161 /* trawl through the keys looking for keyrings */
162 for (;;) {
163 if (key->expiry > 0 && key->expiry < new_timer)
164 new_timer = key->expiry;
165
166 if (key->type == &key_type_keyring &&
167 key_gc_keyring(key, limit)) {
168 /* the gc ate our lock */
169 schedule_work(&key_gc_work);
170 goto no_unlock;
171 }
172
173 rb = rb_next(&key->serial_node);
174 if (!rb) {
175 key_gc_cursor = 0;
176 break;
177 }
178 key = rb_entry(rb, struct key, serial_node);
179 }
180
181out:
182 spin_unlock(&key_serial_lock);
183no_unlock:
184 clear_bit(0, &key_gc_executing);
185 if (new_timer < LONG_MAX)
186 key_schedule_gc(new_timer);
187
188 kleave("");
189 return;
190
191reached_the_end:
192 key_gc_cursor = 0;
193 goto out;
194}
diff --git a/security/keys/internal.h b/security/keys/internal.h
index 9fb679c66b8a..24ba0307b7ad 100644
--- a/security/keys/internal.h
+++ b/security/keys/internal.h
@@ -124,11 +124,18 @@ extern struct key *request_key_and_link(struct key_type *type,
124 struct key *dest_keyring, 124 struct key *dest_keyring,
125 unsigned long flags); 125 unsigned long flags);
126 126
127extern key_ref_t lookup_user_key(key_serial_t id, int create, int partial, 127extern key_ref_t lookup_user_key(key_serial_t id, unsigned long flags,
128 key_perm_t perm); 128 key_perm_t perm);
129#define KEY_LOOKUP_CREATE 0x01
130#define KEY_LOOKUP_PARTIAL 0x02
131#define KEY_LOOKUP_FOR_UNLINK 0x04
129 132
130extern long join_session_keyring(const char *name); 133extern long join_session_keyring(const char *name);
131 134
135extern unsigned key_gc_delay;
136extern void keyring_gc(struct key *keyring, time_t limit);
137extern void key_schedule_gc(time_t expiry_at);
138
132/* 139/*
133 * check to see whether permission is granted to use a key in the desired way 140 * check to see whether permission is granted to use a key in the desired way
134 */ 141 */
@@ -194,6 +201,7 @@ extern long keyctl_set_timeout(key_serial_t, unsigned);
194extern long keyctl_assume_authority(key_serial_t); 201extern long keyctl_assume_authority(key_serial_t);
195extern long keyctl_get_security(key_serial_t keyid, char __user *buffer, 202extern long keyctl_get_security(key_serial_t keyid, char __user *buffer,
196 size_t buflen); 203 size_t buflen);
204extern long keyctl_session_to_parent(void);
197 205
198/* 206/*
199 * debugging key validation 207 * debugging key validation
diff --git a/security/keys/key.c b/security/keys/key.c
index 4a1297d1ada4..08531ad0f252 100644
--- a/security/keys/key.c
+++ b/security/keys/key.c
@@ -500,6 +500,7 @@ int key_negate_and_link(struct key *key,
500 set_bit(KEY_FLAG_INSTANTIATED, &key->flags); 500 set_bit(KEY_FLAG_INSTANTIATED, &key->flags);
501 now = current_kernel_time(); 501 now = current_kernel_time();
502 key->expiry = now.tv_sec + timeout; 502 key->expiry = now.tv_sec + timeout;
503 key_schedule_gc(key->expiry);
503 504
504 if (test_and_clear_bit(KEY_FLAG_USER_CONSTRUCT, &key->flags)) 505 if (test_and_clear_bit(KEY_FLAG_USER_CONSTRUCT, &key->flags))
505 awaken = 1; 506 awaken = 1;
@@ -642,10 +643,8 @@ struct key *key_lookup(key_serial_t id)
642 goto error; 643 goto error;
643 644
644 found: 645 found:
645 /* pretend it doesn't exist if it's dead */ 646 /* pretend it doesn't exist if it is awaiting deletion */
646 if (atomic_read(&key->usage) == 0 || 647 if (atomic_read(&key->usage) == 0)
647 test_bit(KEY_FLAG_DEAD, &key->flags) ||
648 key->type == &key_type_dead)
649 goto not_found; 648 goto not_found;
650 649
651 /* this races with key_put(), but that doesn't matter since key_put() 650 /* this races with key_put(), but that doesn't matter since key_put()
@@ -890,6 +889,9 @@ EXPORT_SYMBOL(key_update);
890 */ 889 */
891void key_revoke(struct key *key) 890void key_revoke(struct key *key)
892{ 891{
892 struct timespec now;
893 time_t time;
894
893 key_check(key); 895 key_check(key);
894 896
895 /* make sure no one's trying to change or use the key when we mark it 897 /* make sure no one's trying to change or use the key when we mark it
@@ -902,6 +904,14 @@ void key_revoke(struct key *key)
902 key->type->revoke) 904 key->type->revoke)
903 key->type->revoke(key); 905 key->type->revoke(key);
904 906
907 /* set the death time to no more than the expiry time */
908 now = current_kernel_time();
909 time = now.tv_sec;
910 if (key->revoked_at == 0 || key->revoked_at > time) {
911 key->revoked_at = time;
912 key_schedule_gc(key->revoked_at);
913 }
914
905 up_write(&key->sem); 915 up_write(&key->sem);
906 916
907} /* end key_revoke() */ 917} /* end key_revoke() */
@@ -958,8 +968,10 @@ void unregister_key_type(struct key_type *ktype)
958 for (_n = rb_first(&key_serial_tree); _n; _n = rb_next(_n)) { 968 for (_n = rb_first(&key_serial_tree); _n; _n = rb_next(_n)) {
959 key = rb_entry(_n, struct key, serial_node); 969 key = rb_entry(_n, struct key, serial_node);
960 970
961 if (key->type == ktype) 971 if (key->type == ktype) {
962 key->type = &key_type_dead; 972 key->type = &key_type_dead;
973 set_bit(KEY_FLAG_DEAD, &key->flags);
974 }
963 } 975 }
964 976
965 spin_unlock(&key_serial_lock); 977 spin_unlock(&key_serial_lock);
@@ -984,6 +996,8 @@ void unregister_key_type(struct key_type *ktype)
984 spin_unlock(&key_serial_lock); 996 spin_unlock(&key_serial_lock);
985 up_write(&key_types_sem); 997 up_write(&key_types_sem);
986 998
999 key_schedule_gc(0);
1000
987} /* end unregister_key_type() */ 1001} /* end unregister_key_type() */
988 1002
989EXPORT_SYMBOL(unregister_key_type); 1003EXPORT_SYMBOL(unregister_key_type);
diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c
index 7f09fb897d2b..74c968524592 100644
--- a/security/keys/keyctl.c
+++ b/security/keys/keyctl.c
@@ -103,7 +103,7 @@ SYSCALL_DEFINE5(add_key, const char __user *, _type,
103 } 103 }
104 104
105 /* find the target keyring (which must be writable) */ 105 /* find the target keyring (which must be writable) */
106 keyring_ref = lookup_user_key(ringid, 1, 0, KEY_WRITE); 106 keyring_ref = lookup_user_key(ringid, KEY_LOOKUP_CREATE, KEY_WRITE);
107 if (IS_ERR(keyring_ref)) { 107 if (IS_ERR(keyring_ref)) {
108 ret = PTR_ERR(keyring_ref); 108 ret = PTR_ERR(keyring_ref);
109 goto error3; 109 goto error3;
@@ -185,7 +185,8 @@ SYSCALL_DEFINE4(request_key, const char __user *, _type,
185 /* get the destination keyring if specified */ 185 /* get the destination keyring if specified */
186 dest_ref = NULL; 186 dest_ref = NULL;
187 if (destringid) { 187 if (destringid) {
188 dest_ref = lookup_user_key(destringid, 1, 0, KEY_WRITE); 188 dest_ref = lookup_user_key(destringid, KEY_LOOKUP_CREATE,
189 KEY_WRITE);
189 if (IS_ERR(dest_ref)) { 190 if (IS_ERR(dest_ref)) {
190 ret = PTR_ERR(dest_ref); 191 ret = PTR_ERR(dest_ref);
191 goto error3; 192 goto error3;
@@ -233,9 +234,11 @@ SYSCALL_DEFINE4(request_key, const char __user *, _type,
233long keyctl_get_keyring_ID(key_serial_t id, int create) 234long keyctl_get_keyring_ID(key_serial_t id, int create)
234{ 235{
235 key_ref_t key_ref; 236 key_ref_t key_ref;
237 unsigned long lflags;
236 long ret; 238 long ret;
237 239
238 key_ref = lookup_user_key(id, create, 0, KEY_SEARCH); 240 lflags = create ? KEY_LOOKUP_CREATE : 0;
241 key_ref = lookup_user_key(id, lflags, KEY_SEARCH);
239 if (IS_ERR(key_ref)) { 242 if (IS_ERR(key_ref)) {
240 ret = PTR_ERR(key_ref); 243 ret = PTR_ERR(key_ref);
241 goto error; 244 goto error;
@@ -309,7 +312,7 @@ long keyctl_update_key(key_serial_t id,
309 } 312 }
310 313
311 /* find the target key (which must be writable) */ 314 /* find the target key (which must be writable) */
312 key_ref = lookup_user_key(id, 0, 0, KEY_WRITE); 315 key_ref = lookup_user_key(id, 0, KEY_WRITE);
313 if (IS_ERR(key_ref)) { 316 if (IS_ERR(key_ref)) {
314 ret = PTR_ERR(key_ref); 317 ret = PTR_ERR(key_ref);
315 goto error2; 318 goto error2;
@@ -337,10 +340,16 @@ long keyctl_revoke_key(key_serial_t id)
337 key_ref_t key_ref; 340 key_ref_t key_ref;
338 long ret; 341 long ret;
339 342
340 key_ref = lookup_user_key(id, 0, 0, KEY_WRITE); 343 key_ref = lookup_user_key(id, 0, KEY_WRITE);
341 if (IS_ERR(key_ref)) { 344 if (IS_ERR(key_ref)) {
342 ret = PTR_ERR(key_ref); 345 ret = PTR_ERR(key_ref);
343 goto error; 346 if (ret != -EACCES)
347 goto error;
348 key_ref = lookup_user_key(id, 0, KEY_SETATTR);
349 if (IS_ERR(key_ref)) {
350 ret = PTR_ERR(key_ref);
351 goto error;
352 }
344 } 353 }
345 354
346 key_revoke(key_ref_to_ptr(key_ref)); 355 key_revoke(key_ref_to_ptr(key_ref));
@@ -363,7 +372,7 @@ long keyctl_keyring_clear(key_serial_t ringid)
363 key_ref_t keyring_ref; 372 key_ref_t keyring_ref;
364 long ret; 373 long ret;
365 374
366 keyring_ref = lookup_user_key(ringid, 1, 0, KEY_WRITE); 375 keyring_ref = lookup_user_key(ringid, KEY_LOOKUP_CREATE, KEY_WRITE);
367 if (IS_ERR(keyring_ref)) { 376 if (IS_ERR(keyring_ref)) {
368 ret = PTR_ERR(keyring_ref); 377 ret = PTR_ERR(keyring_ref);
369 goto error; 378 goto error;
@@ -389,13 +398,13 @@ long keyctl_keyring_link(key_serial_t id, key_serial_t ringid)
389 key_ref_t keyring_ref, key_ref; 398 key_ref_t keyring_ref, key_ref;
390 long ret; 399 long ret;
391 400
392 keyring_ref = lookup_user_key(ringid, 1, 0, KEY_WRITE); 401 keyring_ref = lookup_user_key(ringid, KEY_LOOKUP_CREATE, KEY_WRITE);
393 if (IS_ERR(keyring_ref)) { 402 if (IS_ERR(keyring_ref)) {
394 ret = PTR_ERR(keyring_ref); 403 ret = PTR_ERR(keyring_ref);
395 goto error; 404 goto error;
396 } 405 }
397 406
398 key_ref = lookup_user_key(id, 1, 0, KEY_LINK); 407 key_ref = lookup_user_key(id, KEY_LOOKUP_CREATE, KEY_LINK);
399 if (IS_ERR(key_ref)) { 408 if (IS_ERR(key_ref)) {
400 ret = PTR_ERR(key_ref); 409 ret = PTR_ERR(key_ref);
401 goto error2; 410 goto error2;
@@ -423,13 +432,13 @@ long keyctl_keyring_unlink(key_serial_t id, key_serial_t ringid)
423 key_ref_t keyring_ref, key_ref; 432 key_ref_t keyring_ref, key_ref;
424 long ret; 433 long ret;
425 434
426 keyring_ref = lookup_user_key(ringid, 0, 0, KEY_WRITE); 435 keyring_ref = lookup_user_key(ringid, 0, KEY_WRITE);
427 if (IS_ERR(keyring_ref)) { 436 if (IS_ERR(keyring_ref)) {
428 ret = PTR_ERR(keyring_ref); 437 ret = PTR_ERR(keyring_ref);
429 goto error; 438 goto error;
430 } 439 }
431 440
432 key_ref = lookup_user_key(id, 0, 0, 0); 441 key_ref = lookup_user_key(id, KEY_LOOKUP_FOR_UNLINK, 0);
433 if (IS_ERR(key_ref)) { 442 if (IS_ERR(key_ref)) {
434 ret = PTR_ERR(key_ref); 443 ret = PTR_ERR(key_ref);
435 goto error2; 444 goto error2;
@@ -465,7 +474,7 @@ long keyctl_describe_key(key_serial_t keyid,
465 char *tmpbuf; 474 char *tmpbuf;
466 long ret; 475 long ret;
467 476
468 key_ref = lookup_user_key(keyid, 0, 1, KEY_VIEW); 477 key_ref = lookup_user_key(keyid, KEY_LOOKUP_PARTIAL, KEY_VIEW);
469 if (IS_ERR(key_ref)) { 478 if (IS_ERR(key_ref)) {
470 /* viewing a key under construction is permitted if we have the 479 /* viewing a key under construction is permitted if we have the
471 * authorisation token handy */ 480 * authorisation token handy */
@@ -474,7 +483,8 @@ long keyctl_describe_key(key_serial_t keyid,
474 if (!IS_ERR(instkey)) { 483 if (!IS_ERR(instkey)) {
475 key_put(instkey); 484 key_put(instkey);
476 key_ref = lookup_user_key(keyid, 485 key_ref = lookup_user_key(keyid,
477 0, 1, 0); 486 KEY_LOOKUP_PARTIAL,
487 0);
478 if (!IS_ERR(key_ref)) 488 if (!IS_ERR(key_ref))
479 goto okay; 489 goto okay;
480 } 490 }
@@ -558,7 +568,7 @@ long keyctl_keyring_search(key_serial_t ringid,
558 } 568 }
559 569
560 /* get the keyring at which to begin the search */ 570 /* get the keyring at which to begin the search */
561 keyring_ref = lookup_user_key(ringid, 0, 0, KEY_SEARCH); 571 keyring_ref = lookup_user_key(ringid, 0, KEY_SEARCH);
562 if (IS_ERR(keyring_ref)) { 572 if (IS_ERR(keyring_ref)) {
563 ret = PTR_ERR(keyring_ref); 573 ret = PTR_ERR(keyring_ref);
564 goto error2; 574 goto error2;
@@ -567,7 +577,8 @@ long keyctl_keyring_search(key_serial_t ringid,
567 /* get the destination keyring if specified */ 577 /* get the destination keyring if specified */
568 dest_ref = NULL; 578 dest_ref = NULL;
569 if (destringid) { 579 if (destringid) {
570 dest_ref = lookup_user_key(destringid, 1, 0, KEY_WRITE); 580 dest_ref = lookup_user_key(destringid, KEY_LOOKUP_CREATE,
581 KEY_WRITE);
571 if (IS_ERR(dest_ref)) { 582 if (IS_ERR(dest_ref)) {
572 ret = PTR_ERR(dest_ref); 583 ret = PTR_ERR(dest_ref);
573 goto error3; 584 goto error3;
@@ -637,7 +648,7 @@ long keyctl_read_key(key_serial_t keyid, char __user *buffer, size_t buflen)
637 long ret; 648 long ret;
638 649
639 /* find the key first */ 650 /* find the key first */
640 key_ref = lookup_user_key(keyid, 0, 0, 0); 651 key_ref = lookup_user_key(keyid, 0, 0);
641 if (IS_ERR(key_ref)) { 652 if (IS_ERR(key_ref)) {
642 ret = -ENOKEY; 653 ret = -ENOKEY;
643 goto error; 654 goto error;
@@ -700,7 +711,8 @@ long keyctl_chown_key(key_serial_t id, uid_t uid, gid_t gid)
700 if (uid == (uid_t) -1 && gid == (gid_t) -1) 711 if (uid == (uid_t) -1 && gid == (gid_t) -1)
701 goto error; 712 goto error;
702 713
703 key_ref = lookup_user_key(id, 1, 1, KEY_SETATTR); 714 key_ref = lookup_user_key(id, KEY_LOOKUP_CREATE | KEY_LOOKUP_PARTIAL,
715 KEY_SETATTR);
704 if (IS_ERR(key_ref)) { 716 if (IS_ERR(key_ref)) {
705 ret = PTR_ERR(key_ref); 717 ret = PTR_ERR(key_ref);
706 goto error; 718 goto error;
@@ -805,7 +817,8 @@ long keyctl_setperm_key(key_serial_t id, key_perm_t perm)
805 if (perm & ~(KEY_POS_ALL | KEY_USR_ALL | KEY_GRP_ALL | KEY_OTH_ALL)) 817 if (perm & ~(KEY_POS_ALL | KEY_USR_ALL | KEY_GRP_ALL | KEY_OTH_ALL))
806 goto error; 818 goto error;
807 819
808 key_ref = lookup_user_key(id, 1, 1, KEY_SETATTR); 820 key_ref = lookup_user_key(id, KEY_LOOKUP_CREATE | KEY_LOOKUP_PARTIAL,
821 KEY_SETATTR);
809 if (IS_ERR(key_ref)) { 822 if (IS_ERR(key_ref)) {
810 ret = PTR_ERR(key_ref); 823 ret = PTR_ERR(key_ref);
811 goto error; 824 goto error;
@@ -847,7 +860,7 @@ static long get_instantiation_keyring(key_serial_t ringid,
847 860
848 /* if a specific keyring is nominated by ID, then use that */ 861 /* if a specific keyring is nominated by ID, then use that */
849 if (ringid > 0) { 862 if (ringid > 0) {
850 dkref = lookup_user_key(ringid, 1, 0, KEY_WRITE); 863 dkref = lookup_user_key(ringid, KEY_LOOKUP_CREATE, KEY_WRITE);
851 if (IS_ERR(dkref)) 864 if (IS_ERR(dkref))
852 return PTR_ERR(dkref); 865 return PTR_ERR(dkref);
853 *_dest_keyring = key_ref_to_ptr(dkref); 866 *_dest_keyring = key_ref_to_ptr(dkref);
@@ -1083,7 +1096,8 @@ long keyctl_set_timeout(key_serial_t id, unsigned timeout)
1083 time_t expiry; 1096 time_t expiry;
1084 long ret; 1097 long ret;
1085 1098
1086 key_ref = lookup_user_key(id, 1, 1, KEY_SETATTR); 1099 key_ref = lookup_user_key(id, KEY_LOOKUP_CREATE | KEY_LOOKUP_PARTIAL,
1100 KEY_SETATTR);
1087 if (IS_ERR(key_ref)) { 1101 if (IS_ERR(key_ref)) {
1088 ret = PTR_ERR(key_ref); 1102 ret = PTR_ERR(key_ref);
1089 goto error; 1103 goto error;
@@ -1101,6 +1115,7 @@ long keyctl_set_timeout(key_serial_t id, unsigned timeout)
1101 } 1115 }
1102 1116
1103 key->expiry = expiry; 1117 key->expiry = expiry;
1118 key_schedule_gc(key->expiry);
1104 1119
1105 up_write(&key->sem); 1120 up_write(&key->sem);
1106 key_put(key); 1121 key_put(key);
@@ -1170,7 +1185,7 @@ long keyctl_get_security(key_serial_t keyid,
1170 char *context; 1185 char *context;
1171 long ret; 1186 long ret;
1172 1187
1173 key_ref = lookup_user_key(keyid, 0, 1, KEY_VIEW); 1188 key_ref = lookup_user_key(keyid, KEY_LOOKUP_PARTIAL, KEY_VIEW);
1174 if (IS_ERR(key_ref)) { 1189 if (IS_ERR(key_ref)) {
1175 if (PTR_ERR(key_ref) != -EACCES) 1190 if (PTR_ERR(key_ref) != -EACCES)
1176 return PTR_ERR(key_ref); 1191 return PTR_ERR(key_ref);
@@ -1182,7 +1197,7 @@ long keyctl_get_security(key_serial_t keyid,
1182 return PTR_ERR(key_ref); 1197 return PTR_ERR(key_ref);
1183 key_put(instkey); 1198 key_put(instkey);
1184 1199
1185 key_ref = lookup_user_key(keyid, 0, 1, 0); 1200 key_ref = lookup_user_key(keyid, KEY_LOOKUP_PARTIAL, 0);
1186 if (IS_ERR(key_ref)) 1201 if (IS_ERR(key_ref))
1187 return PTR_ERR(key_ref); 1202 return PTR_ERR(key_ref);
1188 } 1203 }
@@ -1213,6 +1228,105 @@ long keyctl_get_security(key_serial_t keyid,
1213 return ret; 1228 return ret;
1214} 1229}
1215 1230
1231/*
1232 * attempt to install the calling process's session keyring on the process's
1233 * parent process
1234 * - the keyring must exist and must grant us LINK permission
1235 * - implements keyctl(KEYCTL_SESSION_TO_PARENT)
1236 */
1237long keyctl_session_to_parent(void)
1238{
1239 struct task_struct *me, *parent;
1240 const struct cred *mycred, *pcred;
1241 struct cred *cred, *oldcred;
1242 key_ref_t keyring_r;
1243 int ret;
1244
1245 keyring_r = lookup_user_key(KEY_SPEC_SESSION_KEYRING, 0, KEY_LINK);
1246 if (IS_ERR(keyring_r))
1247 return PTR_ERR(keyring_r);
1248
1249 /* our parent is going to need a new cred struct, a new tgcred struct
1250 * and new security data, so we allocate them here to prevent ENOMEM in
1251 * our parent */
1252 ret = -ENOMEM;
1253 cred = cred_alloc_blank();
1254 if (!cred)
1255 goto error_keyring;
1256
1257 cred->tgcred->session_keyring = key_ref_to_ptr(keyring_r);
1258 keyring_r = NULL;
1259
1260 me = current;
1261 write_lock_irq(&tasklist_lock);
1262
1263 parent = me->real_parent;
1264 ret = -EPERM;
1265
1266 /* the parent mustn't be init and mustn't be a kernel thread */
1267 if (parent->pid <= 1 || !parent->mm)
1268 goto not_permitted;
1269
1270 /* the parent must be single threaded */
1271 if (atomic_read(&parent->signal->count) != 1)
1272 goto not_permitted;
1273
1274 /* the parent and the child must have different session keyrings or
1275 * there's no point */
1276 mycred = current_cred();
1277 pcred = __task_cred(parent);
1278 if (mycred == pcred ||
1279 mycred->tgcred->session_keyring == pcred->tgcred->session_keyring)
1280 goto already_same;
1281
1282 /* the parent must have the same effective ownership and mustn't be
1283 * SUID/SGID */
1284 if (pcred-> uid != mycred->euid ||
1285 pcred->euid != mycred->euid ||
1286 pcred->suid != mycred->euid ||
1287 pcred-> gid != mycred->egid ||
1288 pcred->egid != mycred->egid ||
1289 pcred->sgid != mycred->egid)
1290 goto not_permitted;
1291
1292 /* the keyrings must have the same UID */
1293 if (pcred ->tgcred->session_keyring->uid != mycred->euid ||
1294 mycred->tgcred->session_keyring->uid != mycred->euid)
1295 goto not_permitted;
1296
1297 /* the LSM must permit the replacement of the parent's keyring with the
1298 * keyring from this process */
1299 ret = security_key_session_to_parent(mycred, pcred,
1300 key_ref_to_ptr(keyring_r));
1301 if (ret < 0)
1302 goto not_permitted;
1303
1304 /* if there's an already pending keyring replacement, then we replace
1305 * that */
1306 oldcred = parent->replacement_session_keyring;
1307
1308 /* the replacement session keyring is applied just prior to userspace
1309 * restarting */
1310 parent->replacement_session_keyring = cred;
1311 cred = NULL;
1312 set_ti_thread_flag(task_thread_info(parent), TIF_NOTIFY_RESUME);
1313
1314 write_unlock_irq(&tasklist_lock);
1315 if (oldcred)
1316 put_cred(oldcred);
1317 return 0;
1318
1319already_same:
1320 ret = 0;
1321not_permitted:
1322 put_cred(cred);
1323 return ret;
1324
1325error_keyring:
1326 key_ref_put(keyring_r);
1327 return ret;
1328}
1329
1216/*****************************************************************************/ 1330/*****************************************************************************/
1217/* 1331/*
1218 * the key control system call 1332 * the key control system call
@@ -1298,6 +1412,9 @@ SYSCALL_DEFINE5(keyctl, int, option, unsigned long, arg2, unsigned long, arg3,
1298 (char __user *) arg3, 1412 (char __user *) arg3,
1299 (size_t) arg4); 1413 (size_t) arg4);
1300 1414
1415 case KEYCTL_SESSION_TO_PARENT:
1416 return keyctl_session_to_parent();
1417
1301 default: 1418 default:
1302 return -EOPNOTSUPP; 1419 return -EOPNOTSUPP;
1303 } 1420 }
diff --git a/security/keys/keyring.c b/security/keys/keyring.c
index 3dba81c2eba3..ac977f661a79 100644
--- a/security/keys/keyring.c
+++ b/security/keys/keyring.c
@@ -1000,3 +1000,88 @@ static void keyring_revoke(struct key *keyring)
1000 } 1000 }
1001 1001
1002} /* end keyring_revoke() */ 1002} /* end keyring_revoke() */
1003
1004/*
1005 * Determine whether a key is dead
1006 */
1007static bool key_is_dead(struct key *key, time_t limit)
1008{
1009 return test_bit(KEY_FLAG_DEAD, &key->flags) ||
1010 (key->expiry > 0 && key->expiry <= limit);
1011}
1012
1013/*
1014 * Collect garbage from the contents of a keyring
1015 */
1016void keyring_gc(struct key *keyring, time_t limit)
1017{
1018 struct keyring_list *klist, *new;
1019 struct key *key;
1020 int loop, keep, max;
1021
1022 kenter("%x", key_serial(keyring));
1023
1024 down_write(&keyring->sem);
1025
1026 klist = keyring->payload.subscriptions;
1027 if (!klist)
1028 goto just_return;
1029
1030 /* work out how many subscriptions we're keeping */
1031 keep = 0;
1032 for (loop = klist->nkeys - 1; loop >= 0; loop--)
1033 if (!key_is_dead(klist->keys[loop], limit));
1034 keep++;
1035
1036 if (keep == klist->nkeys)
1037 goto just_return;
1038
1039 /* allocate a new keyring payload */
1040 max = roundup(keep, 4);
1041 new = kmalloc(sizeof(struct keyring_list) + max * sizeof(struct key *),
1042 GFP_KERNEL);
1043 if (!new)
1044 goto just_return;
1045 new->maxkeys = max;
1046 new->nkeys = 0;
1047 new->delkey = 0;
1048
1049 /* install the live keys
1050 * - must take care as expired keys may be updated back to life
1051 */
1052 keep = 0;
1053 for (loop = klist->nkeys - 1; loop >= 0; loop--) {
1054 key = klist->keys[loop];
1055 if (!key_is_dead(key, limit)) {
1056 if (keep >= max)
1057 goto discard_new;
1058 new->keys[keep++] = key_get(key);
1059 }
1060 }
1061 new->nkeys = keep;
1062
1063 /* adjust the quota */
1064 key_payload_reserve(keyring,
1065 sizeof(struct keyring_list) +
1066 KEYQUOTA_LINK_BYTES * keep);
1067
1068 if (keep == 0) {
1069 rcu_assign_pointer(keyring->payload.subscriptions, NULL);
1070 kfree(new);
1071 } else {
1072 rcu_assign_pointer(keyring->payload.subscriptions, new);
1073 }
1074
1075 up_write(&keyring->sem);
1076
1077 call_rcu(&klist->rcu, keyring_clear_rcu_disposal);
1078 kleave(" [yes]");
1079 return;
1080
1081discard_new:
1082 new->nkeys = keep;
1083 keyring_clear_rcu_disposal(&new->rcu);
1084just_return:
1085 up_write(&keyring->sem);
1086 kleave(" [no]");
1087}
diff --git a/security/keys/proc.c b/security/keys/proc.c
index 769f9bdfd2b3..9d01021ca0c8 100644
--- a/security/keys/proc.c
+++ b/security/keys/proc.c
@@ -91,59 +91,94 @@ __initcall(key_proc_init);
91 */ 91 */
92#ifdef CONFIG_KEYS_DEBUG_PROC_KEYS 92#ifdef CONFIG_KEYS_DEBUG_PROC_KEYS
93 93
94static struct rb_node *__key_serial_next(struct rb_node *n) 94static struct rb_node *key_serial_next(struct rb_node *n)
95{ 95{
96 struct user_namespace *user_ns = current_user_ns();
97
98 n = rb_next(n);
96 while (n) { 99 while (n) {
97 struct key *key = rb_entry(n, struct key, serial_node); 100 struct key *key = rb_entry(n, struct key, serial_node);
98 if (key->user->user_ns == current_user_ns()) 101 if (key->user->user_ns == user_ns)
99 break; 102 break;
100 n = rb_next(n); 103 n = rb_next(n);
101 } 104 }
102 return n; 105 return n;
103} 106}
104 107
105static struct rb_node *key_serial_next(struct rb_node *n) 108static int proc_keys_open(struct inode *inode, struct file *file)
106{ 109{
107 return __key_serial_next(rb_next(n)); 110 return seq_open(file, &proc_keys_ops);
108} 111}
109 112
110static struct rb_node *key_serial_first(struct rb_root *r) 113static struct key *find_ge_key(key_serial_t id)
111{ 114{
112 struct rb_node *n = rb_first(r); 115 struct user_namespace *user_ns = current_user_ns();
113 return __key_serial_next(n); 116 struct rb_node *n = key_serial_tree.rb_node;
114} 117 struct key *minkey = NULL;
115 118
116static int proc_keys_open(struct inode *inode, struct file *file) 119 while (n) {
117{ 120 struct key *key = rb_entry(n, struct key, serial_node);
118 return seq_open(file, &proc_keys_ops); 121 if (id < key->serial) {
122 if (!minkey || minkey->serial > key->serial)
123 minkey = key;
124 n = n->rb_left;
125 } else if (id > key->serial) {
126 n = n->rb_right;
127 } else {
128 minkey = key;
129 break;
130 }
131 key = NULL;
132 }
119 133
134 if (!minkey)
135 return NULL;
136
137 for (;;) {
138 if (minkey->user->user_ns == user_ns)
139 return minkey;
140 n = rb_next(&minkey->serial_node);
141 if (!n)
142 return NULL;
143 minkey = rb_entry(n, struct key, serial_node);
144 }
120} 145}
121 146
122static void *proc_keys_start(struct seq_file *p, loff_t *_pos) 147static void *proc_keys_start(struct seq_file *p, loff_t *_pos)
148 __acquires(key_serial_lock)
123{ 149{
124 struct rb_node *_p; 150 key_serial_t pos = *_pos;
125 loff_t pos = *_pos; 151 struct key *key;
126 152
127 spin_lock(&key_serial_lock); 153 spin_lock(&key_serial_lock);
128 154
129 _p = key_serial_first(&key_serial_tree); 155 if (*_pos > INT_MAX)
130 while (pos > 0 && _p) { 156 return NULL;
131 pos--; 157 key = find_ge_key(pos);
132 _p = key_serial_next(_p); 158 if (!key)
133 } 159 return NULL;
134 160 *_pos = key->serial;
135 return _p; 161 return &key->serial_node;
162}
136 163
164static inline key_serial_t key_node_serial(struct rb_node *n)
165{
166 struct key *key = rb_entry(n, struct key, serial_node);
167 return key->serial;
137} 168}
138 169
139static void *proc_keys_next(struct seq_file *p, void *v, loff_t *_pos) 170static void *proc_keys_next(struct seq_file *p, void *v, loff_t *_pos)
140{ 171{
141 (*_pos)++; 172 struct rb_node *n;
142 return key_serial_next((struct rb_node *) v);
143 173
174 n = key_serial_next(v);
175 if (n)
176 *_pos = key_node_serial(n);
177 return n;
144} 178}
145 179
146static void proc_keys_stop(struct seq_file *p, void *v) 180static void proc_keys_stop(struct seq_file *p, void *v)
181 __releases(key_serial_lock)
147{ 182{
148 spin_unlock(&key_serial_lock); 183 spin_unlock(&key_serial_lock);
149} 184}
@@ -174,11 +209,9 @@ static int proc_keys_show(struct seq_file *m, void *v)
174 /* come up with a suitable timeout value */ 209 /* come up with a suitable timeout value */
175 if (key->expiry == 0) { 210 if (key->expiry == 0) {
176 memcpy(xbuf, "perm", 5); 211 memcpy(xbuf, "perm", 5);
177 } 212 } else if (now.tv_sec >= key->expiry) {
178 else if (now.tv_sec >= key->expiry) {
179 memcpy(xbuf, "expd", 5); 213 memcpy(xbuf, "expd", 5);
180 } 214 } else {
181 else {
182 timo = key->expiry - now.tv_sec; 215 timo = key->expiry - now.tv_sec;
183 216
184 if (timo < 60) 217 if (timo < 60)
@@ -218,9 +251,7 @@ static int proc_keys_show(struct seq_file *m, void *v)
218 seq_putc(m, '\n'); 251 seq_putc(m, '\n');
219 252
220 rcu_read_unlock(); 253 rcu_read_unlock();
221
222 return 0; 254 return 0;
223
224} 255}
225 256
226#endif /* CONFIG_KEYS_DEBUG_PROC_KEYS */ 257#endif /* CONFIG_KEYS_DEBUG_PROC_KEYS */
@@ -246,6 +277,7 @@ static struct rb_node *key_user_first(struct rb_root *r)
246 struct rb_node *n = rb_first(r); 277 struct rb_node *n = rb_first(r);
247 return __key_user_next(n); 278 return __key_user_next(n);
248} 279}
280
249/*****************************************************************************/ 281/*****************************************************************************/
250/* 282/*
251 * implement "/proc/key-users" to provides a list of the key users 283 * implement "/proc/key-users" to provides a list of the key users
@@ -253,10 +285,10 @@ static struct rb_node *key_user_first(struct rb_root *r)
253static int proc_key_users_open(struct inode *inode, struct file *file) 285static int proc_key_users_open(struct inode *inode, struct file *file)
254{ 286{
255 return seq_open(file, &proc_key_users_ops); 287 return seq_open(file, &proc_key_users_ops);
256
257} 288}
258 289
259static void *proc_key_users_start(struct seq_file *p, loff_t *_pos) 290static void *proc_key_users_start(struct seq_file *p, loff_t *_pos)
291 __acquires(key_user_lock)
260{ 292{
261 struct rb_node *_p; 293 struct rb_node *_p;
262 loff_t pos = *_pos; 294 loff_t pos = *_pos;
@@ -270,17 +302,16 @@ static void *proc_key_users_start(struct seq_file *p, loff_t *_pos)
270 } 302 }
271 303
272 return _p; 304 return _p;
273
274} 305}
275 306
276static void *proc_key_users_next(struct seq_file *p, void *v, loff_t *_pos) 307static void *proc_key_users_next(struct seq_file *p, void *v, loff_t *_pos)
277{ 308{
278 (*_pos)++; 309 (*_pos)++;
279 return key_user_next((struct rb_node *) v); 310 return key_user_next((struct rb_node *) v);
280
281} 311}
282 312
283static void proc_key_users_stop(struct seq_file *p, void *v) 313static void proc_key_users_stop(struct seq_file *p, void *v)
314 __releases(key_user_lock)
284{ 315{
285 spin_unlock(&key_user_lock); 316 spin_unlock(&key_user_lock);
286} 317}
diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c
index 276d27882ce8..5c23afb31ece 100644
--- a/security/keys/process_keys.c
+++ b/security/keys/process_keys.c
@@ -17,6 +17,7 @@
17#include <linux/fs.h> 17#include <linux/fs.h>
18#include <linux/err.h> 18#include <linux/err.h>
19#include <linux/mutex.h> 19#include <linux/mutex.h>
20#include <linux/security.h>
20#include <linux/user_namespace.h> 21#include <linux/user_namespace.h>
21#include <asm/uaccess.h> 22#include <asm/uaccess.h>
22#include "internal.h" 23#include "internal.h"
@@ -487,7 +488,7 @@ static int lookup_user_key_possessed(const struct key *key, const void *target)
487 * - don't create special keyrings unless so requested 488 * - don't create special keyrings unless so requested
488 * - partially constructed keys aren't found unless requested 489 * - partially constructed keys aren't found unless requested
489 */ 490 */
490key_ref_t lookup_user_key(key_serial_t id, int create, int partial, 491key_ref_t lookup_user_key(key_serial_t id, unsigned long lflags,
491 key_perm_t perm) 492 key_perm_t perm)
492{ 493{
493 struct request_key_auth *rka; 494 struct request_key_auth *rka;
@@ -503,7 +504,7 @@ try_again:
503 switch (id) { 504 switch (id) {
504 case KEY_SPEC_THREAD_KEYRING: 505 case KEY_SPEC_THREAD_KEYRING:
505 if (!cred->thread_keyring) { 506 if (!cred->thread_keyring) {
506 if (!create) 507 if (!(lflags & KEY_LOOKUP_CREATE))
507 goto error; 508 goto error;
508 509
509 ret = install_thread_keyring(); 510 ret = install_thread_keyring();
@@ -521,7 +522,7 @@ try_again:
521 522
522 case KEY_SPEC_PROCESS_KEYRING: 523 case KEY_SPEC_PROCESS_KEYRING:
523 if (!cred->tgcred->process_keyring) { 524 if (!cred->tgcred->process_keyring) {
524 if (!create) 525 if (!(lflags & KEY_LOOKUP_CREATE))
525 goto error; 526 goto error;
526 527
527 ret = install_process_keyring(); 528 ret = install_process_keyring();
@@ -642,7 +643,14 @@ try_again:
642 break; 643 break;
643 } 644 }
644 645
645 if (!partial) { 646 /* unlink does not use the nominated key in any way, so can skip all
647 * the permission checks as it is only concerned with the keyring */
648 if (lflags & KEY_LOOKUP_FOR_UNLINK) {
649 ret = 0;
650 goto error;
651 }
652
653 if (!(lflags & KEY_LOOKUP_PARTIAL)) {
646 ret = wait_for_key_construction(key, true); 654 ret = wait_for_key_construction(key, true);
647 switch (ret) { 655 switch (ret) {
648 case -ERESTARTSYS: 656 case -ERESTARTSYS:
@@ -660,7 +668,8 @@ try_again:
660 } 668 }
661 669
662 ret = -EIO; 670 ret = -EIO;
663 if (!partial && !test_bit(KEY_FLAG_INSTANTIATED, &key->flags)) 671 if (!(lflags & KEY_LOOKUP_PARTIAL) &&
672 !test_bit(KEY_FLAG_INSTANTIATED, &key->flags))
664 goto invalid_key; 673 goto invalid_key;
665 674
666 /* check the permissions */ 675 /* check the permissions */
@@ -702,7 +711,7 @@ long join_session_keyring(const char *name)
702 /* only permit this if there's a single thread in the thread group - 711 /* only permit this if there's a single thread in the thread group -
703 * this avoids us having to adjust the creds on all threads and risking 712 * this avoids us having to adjust the creds on all threads and risking
704 * ENOMEM */ 713 * ENOMEM */
705 if (!is_single_threaded(current)) 714 if (!current_is_single_threaded())
706 return -EMLINK; 715 return -EMLINK;
707 716
708 new = prepare_creds(); 717 new = prepare_creds();
@@ -760,3 +769,51 @@ error:
760 abort_creds(new); 769 abort_creds(new);
761 return ret; 770 return ret;
762} 771}
772
773/*
774 * Replace a process's session keyring when that process resumes userspace on
775 * behalf of one of its children
776 */
777void key_replace_session_keyring(void)
778{
779 const struct cred *old;
780 struct cred *new;
781
782 if (!current->replacement_session_keyring)
783 return;
784
785 write_lock_irq(&tasklist_lock);
786 new = current->replacement_session_keyring;
787 current->replacement_session_keyring = NULL;
788 write_unlock_irq(&tasklist_lock);
789
790 if (!new)
791 return;
792
793 old = current_cred();
794 new-> uid = old-> uid;
795 new-> euid = old-> euid;
796 new-> suid = old-> suid;
797 new->fsuid = old->fsuid;
798 new-> gid = old-> gid;
799 new-> egid = old-> egid;
800 new-> sgid = old-> sgid;
801 new->fsgid = old->fsgid;
802 new->user = get_uid(old->user);
803 new->group_info = get_group_info(old->group_info);
804
805 new->securebits = old->securebits;
806 new->cap_inheritable = old->cap_inheritable;
807 new->cap_permitted = old->cap_permitted;
808 new->cap_effective = old->cap_effective;
809 new->cap_bset = old->cap_bset;
810
811 new->jit_keyring = old->jit_keyring;
812 new->thread_keyring = key_get(old->thread_keyring);
813 new->tgcred->tgid = old->tgcred->tgid;
814 new->tgcred->process_keyring = key_get(old->tgcred->process_keyring);
815
816 security_transfer_creds(new, old);
817
818 commit_creds(new);
819}
diff --git a/security/keys/sysctl.c b/security/keys/sysctl.c
index b611d493c2d8..5e05dc09e2db 100644
--- a/security/keys/sysctl.c
+++ b/security/keys/sysctl.c
@@ -13,6 +13,8 @@
13#include <linux/sysctl.h> 13#include <linux/sysctl.h>
14#include "internal.h" 14#include "internal.h"
15 15
16static const int zero, one = 1, max = INT_MAX;
17
16ctl_table key_sysctls[] = { 18ctl_table key_sysctls[] = {
17 { 19 {
18 .ctl_name = CTL_UNNUMBERED, 20 .ctl_name = CTL_UNNUMBERED,
@@ -20,7 +22,9 @@ ctl_table key_sysctls[] = {
20 .data = &key_quota_maxkeys, 22 .data = &key_quota_maxkeys,
21 .maxlen = sizeof(unsigned), 23 .maxlen = sizeof(unsigned),
22 .mode = 0644, 24 .mode = 0644,
23 .proc_handler = &proc_dointvec, 25 .proc_handler = &proc_dointvec_minmax,
26 .extra1 = (void *) &one,
27 .extra2 = (void *) &max,
24 }, 28 },
25 { 29 {
26 .ctl_name = CTL_UNNUMBERED, 30 .ctl_name = CTL_UNNUMBERED,
@@ -28,7 +32,9 @@ ctl_table key_sysctls[] = {
28 .data = &key_quota_maxbytes, 32 .data = &key_quota_maxbytes,
29 .maxlen = sizeof(unsigned), 33 .maxlen = sizeof(unsigned),
30 .mode = 0644, 34 .mode = 0644,
31 .proc_handler = &proc_dointvec, 35 .proc_handler = &proc_dointvec_minmax,
36 .extra1 = (void *) &one,
37 .extra2 = (void *) &max,
32 }, 38 },
33 { 39 {
34 .ctl_name = CTL_UNNUMBERED, 40 .ctl_name = CTL_UNNUMBERED,
@@ -36,7 +42,9 @@ ctl_table key_sysctls[] = {
36 .data = &key_quota_root_maxkeys, 42 .data = &key_quota_root_maxkeys,
37 .maxlen = sizeof(unsigned), 43 .maxlen = sizeof(unsigned),
38 .mode = 0644, 44 .mode = 0644,
39 .proc_handler = &proc_dointvec, 45 .proc_handler = &proc_dointvec_minmax,
46 .extra1 = (void *) &one,
47 .extra2 = (void *) &max,
40 }, 48 },
41 { 49 {
42 .ctl_name = CTL_UNNUMBERED, 50 .ctl_name = CTL_UNNUMBERED,
@@ -44,7 +52,19 @@ ctl_table key_sysctls[] = {
44 .data = &key_quota_root_maxbytes, 52 .data = &key_quota_root_maxbytes,
45 .maxlen = sizeof(unsigned), 53 .maxlen = sizeof(unsigned),
46 .mode = 0644, 54 .mode = 0644,
47 .proc_handler = &proc_dointvec, 55 .proc_handler = &proc_dointvec_minmax,
56 .extra1 = (void *) &one,
57 .extra2 = (void *) &max,
58 },
59 {
60 .ctl_name = CTL_UNNUMBERED,
61 .procname = "gc_delay",
62 .data = &key_gc_delay,
63 .maxlen = sizeof(unsigned),
64 .mode = 0644,
65 .proc_handler = &proc_dointvec_minmax,
66 .extra1 = (void *) &zero,
67 .extra2 = (void *) &max,
48 }, 68 },
49 { .ctl_name = 0 } 69 { .ctl_name = 0 }
50}; 70};
generated by cgit v1.2.2 (git 2.25.0) at 2025-01-22 22:00:52 -0500