blob: e6dd366d43a35b0b70e6d1a40edec79a706a72d8 [file] [log] [blame]
Linus Torvalds1da177e2005-04-16 15:20:36 -07001/* request_key.c: request a key from userspace
2 *
David Howells3e301482005-06-23 22:00:56 -07003 * Copyright (C) 2004-5 Red Hat, Inc. All Rights Reserved.
Linus Torvalds1da177e2005-04-16 15:20:36 -07004 * Written by David Howells (dhowells@redhat.com)
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 */
11
12#include <linux/module.h>
13#include <linux/sched.h>
14#include <linux/kmod.h>
15#include <linux/err.h>
David Howells3e301482005-06-23 22:00:56 -070016#include <linux/keyctl.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -070017#include "internal.h"
18
19struct key_construction {
20 struct list_head link; /* link in construction queue */
21 struct key *key; /* key being constructed */
22};
23
24/* when waiting for someone else's keys, you get added to this */
25DECLARE_WAIT_QUEUE_HEAD(request_key_conswq);
26
27/*****************************************************************************/
28/*
29 * request userspace finish the construction of a key
30 * - execute "/sbin/request-key <op> <key> <uid> <gid> <keyring> <keyring> <keyring> <info>"
Linus Torvalds1da177e2005-04-16 15:20:36 -070031 */
32static int call_request_key(struct key *key,
33 const char *op,
34 const char *callout_info)
35{
36 struct task_struct *tsk = current;
Linus Torvalds1da177e2005-04-16 15:20:36 -070037 key_serial_t prkey, sskey;
David Howells3e301482005-06-23 22:00:56 -070038 struct key *session_keyring, *rkakey;
Linus Torvalds1da177e2005-04-16 15:20:36 -070039 char *argv[10], *envp[3], uid_str[12], gid_str[12];
40 char key_str[12], keyring_str[3][12];
David Howells3e301482005-06-23 22:00:56 -070041 int ret, i;
42
43 kenter("{%d},%s,%s", key->serial, op, callout_info);
44
45 /* generate a new session keyring with an auth key in it */
46 session_keyring = request_key_auth_new(key, &rkakey);
47 if (IS_ERR(session_keyring)) {
48 ret = PTR_ERR(session_keyring);
49 goto error;
50 }
Linus Torvalds1da177e2005-04-16 15:20:36 -070051
52 /* record the UID and GID */
53 sprintf(uid_str, "%d", current->fsuid);
54 sprintf(gid_str, "%d", current->fsgid);
55
56 /* we say which key is under construction */
57 sprintf(key_str, "%d", key->serial);
58
59 /* we specify the process's default keyrings */
60 sprintf(keyring_str[0], "%d",
61 tsk->thread_keyring ? tsk->thread_keyring->serial : 0);
62
63 prkey = 0;
64 if (tsk->signal->process_keyring)
65 prkey = tsk->signal->process_keyring->serial;
66
Linus Torvalds1da177e2005-04-16 15:20:36 -070067 sprintf(keyring_str[1], "%d", prkey);
David Howells3e301482005-06-23 22:00:56 -070068
69 if (tsk->signal->session_keyring) {
70 rcu_read_lock();
71 sskey = rcu_dereference(tsk->signal->session_keyring)->serial;
72 rcu_read_unlock();
73 }
74 else {
75 sskey = tsk->user->session_keyring->serial;
76 }
77
Linus Torvalds1da177e2005-04-16 15:20:36 -070078 sprintf(keyring_str[2], "%d", sskey);
79
80 /* set up a minimal environment */
81 i = 0;
82 envp[i++] = "HOME=/";
83 envp[i++] = "PATH=/sbin:/bin:/usr/sbin:/usr/bin";
84 envp[i] = NULL;
85
86 /* set up the argument list */
87 i = 0;
88 argv[i++] = "/sbin/request-key";
89 argv[i++] = (char *) op;
90 argv[i++] = key_str;
91 argv[i++] = uid_str;
92 argv[i++] = gid_str;
93 argv[i++] = keyring_str[0];
94 argv[i++] = keyring_str[1];
95 argv[i++] = keyring_str[2];
David Howells3e301482005-06-23 22:00:56 -070096 argv[i++] = (char *) callout_info;
Linus Torvalds1da177e2005-04-16 15:20:36 -070097 argv[i] = NULL;
98
99 /* do it */
David Howells3e301482005-06-23 22:00:56 -0700100 ret = call_usermodehelper_keys(argv[0], argv, envp, session_keyring, 1);
101
102 /* dispose of the special keys */
103 key_revoke(rkakey);
104 key_put(rkakey);
105 key_put(session_keyring);
106
107 error:
108 kleave(" = %d", ret);
109 return ret;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700110
111} /* end call_request_key() */
112
113/*****************************************************************************/
114/*
115 * call out to userspace for the key
116 * - called with the construction sem held, but the sem is dropped here
117 * - we ignore program failure and go on key status instead
118 */
119static struct key *__request_key_construction(struct key_type *type,
120 const char *description,
121 const char *callout_info)
122{
123 struct key_construction cons;
124 struct timespec now;
125 struct key *key;
David Howells76d8aea2005-06-23 22:00:49 -0700126 int ret, negated;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700127
David Howells3e301482005-06-23 22:00:56 -0700128 kenter("%s,%s,%s", type->name, description, callout_info);
129
Linus Torvalds1da177e2005-04-16 15:20:36 -0700130 /* create a key and add it to the queue */
131 key = key_alloc(type, description,
David Howells664cceb2005-09-28 17:03:15 +0100132 current->fsuid, current->fsgid, KEY_POS_ALL, 0);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700133 if (IS_ERR(key))
134 goto alloc_failed;
135
David Howells76d8aea2005-06-23 22:00:49 -0700136 set_bit(KEY_FLAG_USER_CONSTRUCT, &key->flags);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700137
138 cons.key = key;
139 list_add_tail(&cons.link, &key->user->consq);
140
141 /* we drop the construction sem here on behalf of the caller */
142 up_write(&key_construction_sem);
143
144 /* make the call */
145 ret = call_request_key(key, "create", callout_info);
146 if (ret < 0)
147 goto request_failed;
148
149 /* if the key wasn't instantiated, then we want to give an error */
150 ret = -ENOKEY;
David Howells76d8aea2005-06-23 22:00:49 -0700151 if (!test_bit(KEY_FLAG_INSTANTIATED, &key->flags))
Linus Torvalds1da177e2005-04-16 15:20:36 -0700152 goto request_failed;
153
154 down_write(&key_construction_sem);
155 list_del(&cons.link);
156 up_write(&key_construction_sem);
157
158 /* also give an error if the key was negatively instantiated */
159 check_not_negative:
David Howells76d8aea2005-06-23 22:00:49 -0700160 if (test_bit(KEY_FLAG_NEGATIVE, &key->flags)) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700161 key_put(key);
162 key = ERR_PTR(-ENOKEY);
163 }
164
165 out:
David Howells3e301482005-06-23 22:00:56 -0700166 kleave(" = %p", key);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700167 return key;
168
169 request_failed:
170 /* it wasn't instantiated
171 * - remove from construction queue
172 * - mark the key as dead
173 */
David Howells76d8aea2005-06-23 22:00:49 -0700174 negated = 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700175 down_write(&key_construction_sem);
176
177 list_del(&cons.link);
178
Linus Torvalds1da177e2005-04-16 15:20:36 -0700179 /* check it didn't get instantiated between the check and the down */
David Howells76d8aea2005-06-23 22:00:49 -0700180 if (!test_bit(KEY_FLAG_INSTANTIATED, &key->flags)) {
181 set_bit(KEY_FLAG_NEGATIVE, &key->flags);
182 set_bit(KEY_FLAG_INSTANTIATED, &key->flags);
183 negated = 1;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700184 }
185
David Howells76d8aea2005-06-23 22:00:49 -0700186 clear_bit(KEY_FLAG_USER_CONSTRUCT, &key->flags);
187
Linus Torvalds1da177e2005-04-16 15:20:36 -0700188 up_write(&key_construction_sem);
189
David Howells76d8aea2005-06-23 22:00:49 -0700190 if (!negated)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700191 goto check_not_negative; /* surprisingly, the key got
192 * instantiated */
193
194 /* set the timeout and store in the session keyring if we can */
195 now = current_kernel_time();
196 key->expiry = now.tv_sec + key_negative_timeout;
197
198 if (current->signal->session_keyring) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700199 struct key *keyring;
200
David Howells8589b4e2005-06-23 22:00:53 -0700201 rcu_read_lock();
202 keyring = rcu_dereference(current->signal->session_keyring);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700203 atomic_inc(&keyring->usage);
David Howells8589b4e2005-06-23 22:00:53 -0700204 rcu_read_unlock();
Linus Torvalds1da177e2005-04-16 15:20:36 -0700205
206 key_link(keyring, key);
207 key_put(keyring);
208 }
209
210 key_put(key);
211
212 /* notify anyone who was waiting */
213 wake_up_all(&request_key_conswq);
214
215 key = ERR_PTR(ret);
216 goto out;
217
218 alloc_failed:
219 up_write(&key_construction_sem);
220 goto out;
221
222} /* end __request_key_construction() */
223
224/*****************************************************************************/
225/*
226 * call out to userspace to request the key
227 * - we check the construction queue first to see if an appropriate key is
228 * already being constructed by userspace
229 */
230static struct key *request_key_construction(struct key_type *type,
231 const char *description,
232 struct key_user *user,
233 const char *callout_info)
234{
235 struct key_construction *pcons;
236 struct key *key, *ckey;
237
238 DECLARE_WAITQUEUE(myself, current);
239
David Howells3e301482005-06-23 22:00:56 -0700240 kenter("%s,%s,{%d},%s",
241 type->name, description, user->uid, callout_info);
242
Linus Torvalds1da177e2005-04-16 15:20:36 -0700243 /* see if there's such a key under construction already */
244 down_write(&key_construction_sem);
245
246 list_for_each_entry(pcons, &user->consq, link) {
247 ckey = pcons->key;
248
249 if (ckey->type != type)
250 continue;
251
252 if (type->match(ckey, description))
253 goto found_key_under_construction;
254 }
255
256 /* see about getting userspace to construct the key */
257 key = __request_key_construction(type, description, callout_info);
258 error:
David Howells3e301482005-06-23 22:00:56 -0700259 kleave(" = %p", key);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700260 return key;
261
262 /* someone else has the same key under construction
263 * - we want to keep an eye on their key
264 */
265 found_key_under_construction:
266 atomic_inc(&ckey->usage);
267 up_write(&key_construction_sem);
268
269 /* wait for the key to be completed one way or another */
270 add_wait_queue(&request_key_conswq, &myself);
271
272 for (;;) {
David Howells3e301482005-06-23 22:00:56 -0700273 set_current_state(TASK_INTERRUPTIBLE);
David Howells76d8aea2005-06-23 22:00:49 -0700274 if (!test_bit(KEY_FLAG_USER_CONSTRUCT, &ckey->flags))
Linus Torvalds1da177e2005-04-16 15:20:36 -0700275 break;
David Howells3e301482005-06-23 22:00:56 -0700276 if (signal_pending(current))
277 break;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700278 schedule();
279 }
280
281 set_current_state(TASK_RUNNING);
282 remove_wait_queue(&request_key_conswq, &myself);
283
284 /* we'll need to search this process's keyrings to see if the key is
285 * now there since we can't automatically assume it's also available
286 * there */
287 key_put(ckey);
288 ckey = NULL;
289
290 key = NULL; /* request a retry */
291 goto error;
292
293} /* end request_key_construction() */
294
295/*****************************************************************************/
296/*
David Howells3e301482005-06-23 22:00:56 -0700297 * link a freshly minted key to an appropriate destination keyring
298 */
299static void request_key_link(struct key *key, struct key *dest_keyring)
300{
301 struct task_struct *tsk = current;
302 struct key *drop = NULL;
303
304 kenter("{%d},%p", key->serial, dest_keyring);
305
306 /* find the appropriate keyring */
307 if (!dest_keyring) {
308 switch (tsk->jit_keyring) {
309 case KEY_REQKEY_DEFL_DEFAULT:
310 case KEY_REQKEY_DEFL_THREAD_KEYRING:
311 dest_keyring = tsk->thread_keyring;
312 if (dest_keyring)
313 break;
314
315 case KEY_REQKEY_DEFL_PROCESS_KEYRING:
316 dest_keyring = tsk->signal->process_keyring;
317 if (dest_keyring)
318 break;
319
320 case KEY_REQKEY_DEFL_SESSION_KEYRING:
321 rcu_read_lock();
322 dest_keyring = key_get(
323 rcu_dereference(tsk->signal->session_keyring));
324 rcu_read_unlock();
325 drop = dest_keyring;
326
327 if (dest_keyring)
328 break;
329
330 case KEY_REQKEY_DEFL_USER_SESSION_KEYRING:
331 dest_keyring = current->user->session_keyring;
332 break;
333
334 case KEY_REQKEY_DEFL_USER_KEYRING:
335 dest_keyring = current->user->uid_keyring;
336 break;
337
338 case KEY_REQKEY_DEFL_GROUP_KEYRING:
339 default:
340 BUG();
341 }
342 }
343
344 /* and attach the key to it */
345 key_link(dest_keyring, key);
346
347 key_put(drop);
348
349 kleave("");
350
351} /* end request_key_link() */
352
353/*****************************************************************************/
354/*
Linus Torvalds1da177e2005-04-16 15:20:36 -0700355 * request a key
356 * - search the process's keyrings
357 * - check the list of keys being created or updated
David Howells3e301482005-06-23 22:00:56 -0700358 * - call out to userspace for a key if supplementary info was provided
359 * - cache the key in an appropriate keyring
Linus Torvalds1da177e2005-04-16 15:20:36 -0700360 */
David Howells3e301482005-06-23 22:00:56 -0700361struct key *request_key_and_link(struct key_type *type,
362 const char *description,
363 const char *callout_info,
364 struct key *dest_keyring)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700365{
366 struct key_user *user;
367 struct key *key;
David Howells664cceb2005-09-28 17:03:15 +0100368 key_ref_t key_ref;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700369
David Howells3e301482005-06-23 22:00:56 -0700370 kenter("%s,%s,%s,%p",
371 type->name, description, callout_info, dest_keyring);
372
Linus Torvalds1da177e2005-04-16 15:20:36 -0700373 /* search all the process keyrings for a key */
David Howells664cceb2005-09-28 17:03:15 +0100374 key_ref = search_process_keyrings(type, description, type->match,
375 current);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700376
David Howells664cceb2005-09-28 17:03:15 +0100377 kdebug("search 1: %p", key_ref);
378
379 if (!IS_ERR(key_ref)) {
380 key = key_ref_to_ptr(key_ref);
381 }
382 else if (PTR_ERR(key_ref) != -EAGAIN) {
383 key = ERR_PTR(PTR_ERR(key_ref));
384 }
385 else {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700386 /* the search failed, but the keyrings were searchable, so we
387 * should consult userspace if we can */
388 key = ERR_PTR(-ENOKEY);
389 if (!callout_info)
390 goto error;
391
392 /* - get hold of the user's construction queue */
393 user = key_user_lookup(current->fsuid);
David Howells3e301482005-06-23 22:00:56 -0700394 if (!user)
395 goto nomem;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700396
David Howells664cceb2005-09-28 17:03:15 +0100397 for (;;) {
David Howells3e301482005-06-23 22:00:56 -0700398 if (signal_pending(current))
399 goto interrupted;
400
Linus Torvalds1da177e2005-04-16 15:20:36 -0700401 /* ask userspace (returns NULL if it waited on a key
402 * being constructed) */
403 key = request_key_construction(type, description,
404 user, callout_info);
405 if (key)
406 break;
407
408 /* someone else made the key we want, so we need to
409 * search again as it might now be available to us */
David Howells664cceb2005-09-28 17:03:15 +0100410 key_ref = search_process_keyrings(type, description,
411 type->match,
412 current);
David Howells3e301482005-06-23 22:00:56 -0700413
David Howells664cceb2005-09-28 17:03:15 +0100414 kdebug("search 2: %p", key_ref);
415
416 if (!IS_ERR(key_ref)) {
417 key = key_ref_to_ptr(key_ref);
418 break;
419 }
420
421 if (PTR_ERR(key_ref) != -EAGAIN) {
422 key = ERR_PTR(PTR_ERR(key_ref));
423 break;
424 }
425 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700426
427 key_user_put(user);
David Howells3e301482005-06-23 22:00:56 -0700428
429 /* link the new key into the appropriate keyring */
David Howells1260f802005-08-04 11:50:01 +0100430 if (!IS_ERR(key))
David Howells3e301482005-06-23 22:00:56 -0700431 request_key_link(key, dest_keyring);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700432 }
433
David Howells3e301482005-06-23 22:00:56 -0700434error:
435 kleave(" = %p", key);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700436 return key;
437
David Howells3e301482005-06-23 22:00:56 -0700438nomem:
439 key = ERR_PTR(-ENOMEM);
440 goto error;
441
442interrupted:
443 key_user_put(user);
444 key = ERR_PTR(-EINTR);
445 goto error;
446
447} /* end request_key_and_link() */
448
449/*****************************************************************************/
450/*
451 * request a key
452 * - search the process's keyrings
453 * - check the list of keys being created or updated
454 * - call out to userspace for a key if supplementary info was provided
455 */
456struct key *request_key(struct key_type *type,
457 const char *description,
458 const char *callout_info)
459{
460 return request_key_and_link(type, description, callout_info, NULL);
461
Linus Torvalds1da177e2005-04-16 15:20:36 -0700462} /* end request_key() */
463
464EXPORT_SYMBOL(request_key);
465
466/*****************************************************************************/
467/*
468 * validate a key
469 */
470int key_validate(struct key *key)
471{
472 struct timespec now;
473 int ret = 0;
474
475 if (key) {
476 /* check it's still accessible */
477 ret = -EKEYREVOKED;
David Howells76d8aea2005-06-23 22:00:49 -0700478 if (test_bit(KEY_FLAG_REVOKED, &key->flags) ||
479 test_bit(KEY_FLAG_DEAD, &key->flags))
Linus Torvalds1da177e2005-04-16 15:20:36 -0700480 goto error;
481
482 /* check it hasn't expired */
483 ret = 0;
484 if (key->expiry) {
485 now = current_kernel_time();
486 if (now.tv_sec >= key->expiry)
487 ret = -EKEYEXPIRED;
488 }
489 }
490
491 error:
492 return ret;
493
494} /* end key_validate() */
495
496EXPORT_SYMBOL(key_validate);