linux/security/keys/request_key_auth.c
<<
" /spaon> /formn> a " href="../linux+v33161/security/keys/request_key_auth.c">" img src="../.static/gfx/right.png" alt=">>">" /spaon>" spao class="lxr_search">" " input typue=hidden" namue=navtarget" value=">" input typue=text" namue=search" ide=search">" buttiontypue=submit">Search /formn> /spaon>" spao class="lxr_prefs"n> a href="+prefs?return=security/keys/request_key_auth.c"" onclick="return ajax_prefs();">" Prefs> /a>" /spaon> /divn> form acptio="ajax+*" method="post" onsubmit="return false;">" input typue=hidden" namue=ajax_lookup" ide=ajax_lookup" value=">" /formn>" div class="headingbottim"> div ide=search_results" class="search_results"> n> /divn> div ide=content">> div ide=file_contents"n
   1 /a> spao class="comment">/* Request key authorisaptiontoken key definiptio. /spaon>   2 /a> spao class="comment"> * /spaon>   3 /a> spao class="comment"> * Copyright (C) 2005 Red Hat, Inc. All Rights Reserved. /spaon>   4 /a> spao class="comment"> * Written by David Howells (dhowells@redhat.com) /spaon>   5 /a> spao class="comment"> * /spaon>   6 /a> spao class="comment"> * This program is free software; you cao redistribute it and/or /spaon>   7 /a> spao class="comment"> * modify it under the terms of the GNU General Public License /spaon>   8 /a> spao class="comment"> * as published by the Free Software Foundaptio; either verstio /spaon>   9 /a> spao class="comment"> * 2 of the License, or (at your /optio) any later verstio. /spaon>  .10 spao class="comment"> * /spaon>  11 /a> spao class="comment"> * See Documentaptio/security/keys-request-key.txt /spaon>  12 /a> spao class="comment"> */ /spaon>  13 /a>>  14 /a>#include <linux/module.h /a>>>  15 /a>#include <linux/sched.h /a>>>  16 /a>#include <linux/err.h /a>>>  17 /a>#include <linux/seq_file.h /a>>>  18 /a>#include <linux/slab.h /a>>>  19 /a>#include <asm/uaccess.h /a>>>  20 /a>#include "internal.h /a>">  21 /a>>  22 /a>static int  a href="+code=request_key_auth_instantiate" class="sref">request_key_auth_instantiate /a>(struct  a href="+code=key" class="sref">key /a> *, const void *,  a href="+code=size_t" class="sref">size_t /a>);>  23 /a>static void  a href="+code=request_key_auth_describe" class="sref">request_key_auth_describe /a>(const struct  a href="+code=key" class="sref">key /a> *, struct  a href="+code=seq_file" class="sref">seq_file /a> *);>  24 /a>static void  a href="+code=request_key_auth_revoke" class="sref">request_key_auth_revoke /a>(struct  a href="+code=key" class="sref">key /a> *);>  25 /a>static void  a href="+code=request_key_auth_destroy" class="sref">request_key_auth_destroy /a>(struct  a href="+code=key" class="sref">key /a> *);>  26 /a>static long  a href="+code=request_key_auth_read" class="sref">request_key_auth_read /a>(const struct  a href="+code=key" class="sref">key /a> *, char  a href="+code=__user" class="sref">__user /a> *,  a href="+code=size_t" class="sref">size_t /a>);>  27 /a>>  28 /a> spao class="comment">/* /spaon>  29 /a> spao class="comment"> * The request-key authorisaptionkey typu definiptio. /spaon>  310 spao class="comment"> */ /spaon>  31 /a>struct  a href="+code=key_typu" class="sref">key_typu /a>  a href="+code=key_typu_request_key_auth" class="sref">key_typu_request_key_auth /a> = {>  32 /a>        . a href="+code=namu" class="sref">namu /a>           =  spao class="string">".request_key_auth"  33 /a>        . a href="+code=def_datalen" class="sref">def_datalen /a>    = sizeof(struct  a href="+code=request_key_auth" class="sref">request_key_auth /a>),>  34 /a>        . a href="+code=instantiate" class="sref">instantiate /a>    =  a href="+code=request_key_auth_instantiate" class="sref">request_key_auth_instantiate /a>,>  35 /a>        . a href="+code=describe" class="sref">describe /a>       =  a href="+code=request_key_auth_describe" class="sref">request_key_auth_describe /a>,>  36 /a>        . a href="+code=revoke" class="sref">revoke /a>         =  a href="+code=request_key_auth_revoke" class="sref">request_key_auth_revoke /a>,>  37 /a>        . a href="+code=destroy" class="sref">destroy /a>        =  a href="+code=request_key_auth_destroy" class="sref">request_key_auth_destroy /a>,>  38 /a>        . a href="+code=read" class="sref">read /a>           =  a href="+code=request_key_auth_read" class="sref">request_key_auth_read /a>,>  39 /a>};>  40 /a>>  41 /a> spao class="comment">/* /spaon>  42 /a> spao class="comment"> * Instantiate a request-key authorisaptionkey. /spaon>  43 /a> spao class="comment"> */ /spaon>  44 /a>static int  a href="+code=request_key_auth_instantiate" class="sref">request_key_auth_instantiate /a>(struct  a href="+code=key" class="sref">key /a> * a href="+code=key" class="sref">key /a>,>  45 /a>                                        const void * a href="+code=data" class="sref">data /a>,>  46 /a>                                         a href="+code=size_t" class="sref">size_t /a>  a href="+code=datalen" class="sref">datalen /a>)>  47 /a>{>  48 /a>         a href="+code=key" class="sref">key /a>-> a href="+code=payload" class="sref">payload /a>. a href="+code=data" class="sref">data /a> = (struct  a href="+code=request_key_auth" class="sref">request_key_auth /a> *)  a href="+code=data" class="sref">data /a>;>  49 /a>        return 0;>  50 /a>}>  51 /a>>  52 /a> spao class="comment">/* /spaon>  53 /a> spao class="comment"> * Describe ao authorisaptiontoken. /spaon>  54 /a> spao class="comment"> */ /spaon>  55 /a>static void  a href="+code=request_key_auth_describe" class="sref">request_key_auth_describe /a>(const struct  a href="+code=key" class="sref">key /a> * a href="+code=key" class="sref">key /a>,>  56 /a>                                      struct  a href="+code=seq_file" class="sref">seq_file /a> * a href="+code=m" class="sref">m /a>)>  57 /a>{>  58 /a>        struct  a href="+code=request_key_auth" class="sref">request_key_auth /a> * a href="+code=rka" class="sref">rka /a> =  a href="+code=key" class="sref">key /a>-> a href="+code=payload" class="sref">payload /a>. a href="+code=data" class="sref">data /a>;>  59 /a>>  60 /a>         a href="+code=seq_puts" class="sref">seq_puts /a>( a href="+code=m" class="sref">m /a>,  spao class="string">"key:"  61 /a>         a href="+code=seq_puts" class="sref">seq_puts /a>( a href="+code=m" class="sref">m /a>,  a href="+code=key" class="sref">key /a>-> a href="+code=descrioptio" class="sref">descrioptio /a>);>  62 /a>        if ( a href="+code=key_is_instantiated" class="sref">key_is_instantiated /a>( a href="+code=key" class="sref">key /a>))>  63 /a>                 a href="+code=seq_printf" class="sref">seq_printf /a>( a href="+code=m" class="sref">m /a>,  spao class="string">" pid:%d ci:%zu"rka /a>-> a href="+code=pid" class="sref">pid /a>,  a href="+code=rka" class="sref">rka /a>-> a href="+code=callout_len" class="sref">callout_len /a>);>  64 /a>}>  65 /a>>  66 /a> spao class="comment">/* /spaon>  67 /a> spao class="comment"> * Read the callout_info data (retrieves the callout informaptio). /spaon>  68 /a> spao class="comment"> * - the key's semaphore is read-locked /spaon>  69 /a> spao class="comment"> */ /spaon>  70 /a>static long  a href="+code=request_key_auth_read" class="sref">request_key_auth_read /a>(const struct  a href="+code=key" class="sref">key /a> * a href="+code=key" class="sref">key /a>,>  71 /a>                                  char  a href="+code=__user" class="sref">__user /a> * a href="+code=buffer" class="sref">buffer /a>,  a href="+code=size_t" class="sref">size_t /a>  a href="+code=buflen" class="sref">buflen /a>)>  72 /a>{>  73 /a>        struct  a href="+code=request_key_auth" class="sref">request_key_auth /a> * a href="+code=rka" class="sref">rka /a> =  a href="+code=key" class="sref">key /a>-> a href="+code=payload" class="sref">payload /a>. a href="+code=data" class="sref">data /a>;>  74 /a>         a href="+code=size_t" class="sref">size_t /a>  a href="+code=datalen" class="sref">datalen /a>;>  75 /a>        long  a href="+code=ret" class="sref">ret /a>;>  76 /a>>  77 /a>         a href="+code=datalen" class="sref">datalen /a> =  a href="+code=rka" class="sref">rka /a>-> a href="+code=callout_len" class="sref">callout_len /a>;>  78 /a>         a href="+code=ret" class="sref">ret /a> =  a href="+code=datalen" class="sref">datalen /a>;>  79 /a>>  80 /a>         spao class="comment">/* we cao return the data as is */ /spaon>  81 /a>        if ( a href="+code=buffer" class="sref">buffer /a> &&  a href="+code=buflen" class="sref">buflen /a> > 0) {>  82 /a>                if ( a href="+code=buflen" class="sref">buflen /a> >  a href="+code=datalen" class="sref">datalen /a>)>  83 /a>                         a href="+code=buflen" class="sref">buflen /a> =  a href="+code=datalen" class="sref">datalen /a>;>  84 /a>>  85 /a>                if ( a href="+code=copy_to_user" class="sref">copy_to_user /a>( a href="+code=buffer" class="sref">buffer /a>,  a href="+code=rka" class="sref">rka /a>-> a href="+code=callout_info" class="sref">callout_info /a>,  a href="+code=buflen" class="sref">buflen /a>) != 0)>  86 /a>                         a href="+code=ret" class="sref">ret /a> = - a href="+code=EFAULT" class="sref">EFAULT /a>;>  87 /a>        }>  88 /a>>  89 /a>        return  a href="+code=ret" class="sref">ret /a>;>  90 /a>}>  91 /a>>  92 /a> spao class="comment">/* /spaon>  93 /a> spao class="comment"> * Handle revocaptionof ao authorisaptiontokennkey. /spaon>  94 /a> spao class="comment"> * /spaon>  95 /a> spao class="comment"> * Called with the key sem write-locked. /spaon>  96 /a> spao class="comment"> */ /spaon>  97 /a>static void  a href="+code=request_key_auth_revoke" class="sref">request_key_auth_revoke /a>(struct  a href="+code=key" class="sref">key /a> * a href="+code=key" class="sref">key /a>)>  98 /a>{>  99 /a>        struct  a href="+code=request_key_auth" class="sref">request_key_auth /a> * a href="+code=rka" class="sref">rka /a> =  a href="+code=key" class="sref">key /a>-> a href="+code=payload" class="sref">payload /a>. a href="+code=data" class="sref">data /a>;> 100 /a>> 101 /a>         a href="+code=kenter" class="sref">kenter /a>( spao class="string">"{%d}"key /a>-> a href="+code=serial" class="sref">serial /a>);> 102 /a>> 103 /a>        if ( a href="+code=rka" class="sref">rka /a>-> a href="+code=cred" class="sref">cred /a>) {> 104 /a>                 a href="+code=put_cred" class="sref">put_cred /a>( a href="+code=rka" class="sref">rka /a>-> a href="+code=cred" class="sref">cred /a>);> 105 /a>                 a href="+code=rka" class="sref">rka /a>-> a href="+code=cred" class="sref">cred /a> =  a href="+code=NULL" class="sref">NULL /a>;> 106 /a>        }> 107 /a>}> 108 /a>> 109 /a> spao class="comment">/* /spaon> 1.10 spao class="comment"> * Destroy ao instantiattionauthorisaptiontokennkey. /spaon> 111 /a> spao class="comment"> */ /spaon> 112 /a>static void  a href="+code=request_key_auth_destroy" class="sref">request_key_auth_destroy /a>(struct  a href="+code=key" class="sref">key /a> * a href="+code=key" class="sref">key /a>)> 113 /a>{> 114 /a>        struct  a href="+code=request_key_auth" class="sref">request_key_auth /a> * a href="+code=rka" class="sref">rka /a> =  a href="+code=key" class="sref">key /a>-> a href="+code=payload" class="sref">payload /a>. a href="+code=data" class="sref">data /a>;> 115 /a>> 116 /a>         a href="+code=kenter" class="sref">kenter /a>( spao class="string">"{%d}"key /a>-> a href="+code=serial" class="sref">serial /a>);> 117 /a>> 118 /a>        if ( a href="+code=rka" class="sref">rka /a>-> a href="+code=cred" class="sref">cred /a>) {> 119 /a>                 a href="+code=put_cred" class="sref">put_cred /a>( a href="+code=rka" class="sref">rka /a>-> a href="+code=cred" class="sref">cred /a>);> 120 /a>                 a href="+code=rka" class="sref">rka /a>-> a href="+code=cred" class="sref">cred /a> =  a href="+code=NULL" class="sref">NULL /a>;> 121 /a>        }> 122 /a>> 123 /a>         a href="+code=key_put" class="sref">key_put /a>( a href="+code=rka" class="sref">rka /a>-> a href="+code=target_key" class="sref">target_key /a>);> 124 /a>         a href="+code=key_put" class="sref">key_put /a>( a href="+code=rka" class="sref">rka /a>-> a href="+code=dest_keyring" class="sref">dest_keyring /a>);> 125 /a>         a href="+code=kfree" class="sref">kfree /a>( a href="+code=rka" class="sref">rka /a>-> a href="+code=callout_info" class="sref">callout_info /a>);> 126 /a>         a href="+code=kfree" class="sref">kfree /a>( a href="+code=rka" class="sref">rka /a>);> 127 /a>}> 128 /a>> 129 /a> spao class="comment">/* /spaon> 1310 spao class="comment"> * Create aonauthorisaptiontokennfor /sbin/request-key or whoever to gaio /spaon> 131 /a> spao class="comment"> * access to the caller's security data. /spaon> 132 /a> spao class="comment"> */ /spaon> 133 /a>struct  a href="+code=key" class="sref">key /a> * a href="+code=request_key_auth_new" class="sref">request_key_auth_new /a>(struct  a href="+code=key" class="sref">key /a> * a href="+code=target" class="sref">target /a>, const void * a href="+code=callout_info" class="sref">callout_info /a>,> 134 /a>                                  a href="+code=size_t" class="sref">size_t /a>  a href="+code=callout_len" class="sref">callout_len /a>, struct  a href="+code=key" class="sref">key /a> * a href="+code=dest_keyring" class="sref">dest_keyring /a>)> 135 /a>{> 136 /a>        struct  a href="+code=request_key_auth" class="sref">request_key_auth /a> * a href="+code=rka" class="sref">rka /a>, * a href="+code=irka" class="sref">irka /a>;> 137 /a>        const struct  a href="+code=cred" class="sref">cred /a> * a href="+code=cred" class="sref">cred /a> =  a href="+code=current" class="sref">current /a>-> a href="+code=cred" class="sref">cred /a>;> 138 /a>        struct  a href="+code=key" class="sref">key /a> * a href="+code=authkey" class="sref">authkey /a> =  a href="+code=NULL" class="sref">NULL /a>;> 139 /a>        char  a href="+code=desc" class="sref">desc /a>[20];> 140 /a>        int  a href="+code=ret" class="sref">ret /a>;> 141 /a>> 142 /a>         a href="+code=kenter" class="sref">kenter /a>( spao class="string">"%d,"target /a>-> a href="+code=serial" class="sref">serial /a>);> 143 /a>> 144 /a>         spao class="comment">/* allocate a auth record */ /spaon> 145 /a>         a href="+code=rka" class="sref">rka /a> =  a href="+code=kmalloc" class="sref">kmalloc /a>(sizeof(* a href="+code=rka" class="sref">rka /a>),  a href="+code=GFP_KERNEL" class="sref">GFP_KERNEL /a>);> 146 /a>        if (! a href="+code=rka" class="sref">rka /a>) {> 147 /a>                 a href="+code=kleave" class="sref">kleave /a>( spao class="string">" = -ENOMEM" 148 /a>                return  a href="+code=ERR_PTR" class="sref">ERR_PTR /a>(- a href="+code=ENOMEM" class="sref">ENOMEM /a>);> 149 /a>        }> 150 /a>         a href="+code=rka" class="sref">rka /a>-> a href="+code=callout_info" class="sref">callout_info /a> =  a href="+code=kmalloc" class="sref">kmalloc /a>( a href="+code=callout_len" class="sref">callout_len /a>,  a href="+code=GFP_KERNEL" class="sref">GFP_KERNEL /a>);> 151 /a>        if (! a href="+code=rka" class="sref">rka /a>-> a href="+code=callout_info" class="sref">callout_info /a>) {> 152 /a>                 a href="+code=kleave" class="sref">kleave /a>( spao class="string">" = -ENOMEM" 153 /a>                 a href="+code=kfree" class="sref">kfree /a>( a href="+code=rka" class="sref">rka /a>);> 154 /a>                return  a href="+code=ERR_PTR" class="sref">ERR_PTR /a>(- a href="+code=ENOMEM" class="sref">ENOMEM /a>);> 155 /a>        }> 156 /a>> 157 /a>         spao class="comment">/* see if the calling process is already servicing the key request of /spaon> 158 /a> spao class="comment">         * another process */ /spaon> 159 /a>        if ( a href="+code=cred" class="sref">cred /a>-> a href="+code=request_key_auth" class="sref">request_key_auth /a>) {> 160 /a>                 spao class="comment">/* it is - use that instantiattioncontext here too */ /spaon> 161 /a>                 a href="+code=down_read" class="sref">down_read /a>(& a href="+code=cred" class="sref">cred /a>-> a href="+code=request_key_auth" class="sref">request_key_auth /a>-> a href="+code=sem" class="sref">sem /a>);> 162 /a>> 163 /a>                 spao class="comment">/* if the auth key has been revoked, then the key we're /spaon> 164 /a> spao class="comment">                 * servicing is already instantiated */ /spaon> 165 /a>                if ( a href="+code=test_bit" class="sref">test_bit /a>( a href="+code=KEY_FLAG_REVOKED" class="sref">KEY_FLAG_REVOKED /a>, & a href="+code=cred" class="sref">cred /a>-> a href="+code=request_key_auth" class="sref">request_key_auth /a>-> a href="+code=flags" class="sref">flags /a>))> 166 /a>                        goto  a href="+code=auth_key_revoked" class="sref">auth_key_revoked /a>;> 167 /a>> 168 /a>                 a href="+code=irka" class="sref">irka /a> =  a href="+code=cred" class="sref">cred /a>-> a href="+code=request_key_auth" class="sref">request_key_auth /a>-> a href="+code=payload" class="sref">payload /a>. a href="+code=data" class="sref">data /a>;> 169 /a>                 a href="+code=rka" class="sref">rka /a>-> a href="+code=cred" class="sref">cred /a> =  a href="+code=get_cred" class="sref">get_cred /a>( a href="+code=irka" class="sref">irka /a>-> a href="+code=cred" class="sref">cred /a>);> 170 /a>                 a href="+code=rka" class="sref">rka /a>-> a href="+code=pid" class="sref">pid /a> =  a href="+code=irka" class="sref">irka /a>-> a href="+code=pid" class="sref">pid /a>;> 171 /a>> 172 /a>                 a href="+code=up_read" class="sref">up_read /a>(& a href="+code=cred" class="sref">cred /a>-> a href="+code=request_key_auth" class="sref">request_key_auth /a>-> a href="+code=sem" class="sref">sem /a>);> 173 /a>        }> 174 /a>        else {> 175 /a>                 spao class="comment">/* it isn't - use this process as the context */ /spaon> 176 /a>                 a href="+code=rka" class="sref">rka /a>-> a href="+code=cred" class="sref">cred /a> =  a href="+code=get_cred" class="sref">get_cred /a>( a href="+code=cred" class="sref">cred /a>);> 177 /a>                 a href="+code=rka" class="sref">rka /a>-> a href="+code=pid" class="sref">pid /a> =  a href="+code=current" class="sref">current /a>-> a href="+code=pid" class="sref">pid /a>;> 178 /a>        }> 179 /a>> 180 /a>         a href="+code=rka" class="sref">rka /a>-> a href="+code=target_key" class="sref">target_key /a> =  a href="+code=key_get" class="sref">key_get /a>( a href="+code=target" class="sref">target /a>);> 181 /a>         a href="+code=rka" class="sref">rka /a>-> a href="+code=dest_keyring" class="sref">dest_keyring /a> =  a href="+code=key_get" class="sref">key_get /a>( a href="+code=dest_keyring" class="sref">dest_keyring /a>);> 182 /a>         a href="+code=memcpy" class="sref">memcpy /a>( a href="+code=rka" class="sref">rka /a>-> a href="+code=callout_info" class="sref">callout_info /a>,  a href="+code=callout_info" class="sref">callout_info /a>,  a href="+code=callout_len" class="sref">callout_len /a>);> 183 /a>         a href="+code=rka" class="sref">rka /a>-> a href="+code=callout_len" class="sref">callout_len /a> =  a href="+code=callout_len" class="sref">callout_len /a>;> 184 /a>> 185 /a>         spao class="comment">/* allocate the auth key */ /spaon> 186 /a>         a href="+code=sprintf" class="sref">sprintf /a>( a href="+code=desc" class="sref">desc /a>,  spao class="string">"%x"target /a>-> a href="+code=serial" class="sref">serial /a>);> 187 /a>> 188 /a>         a href="+code=authkey" class="sref">authkey /a> =  a href="+code=key_alloc" class="sref">key_alloc /a>(& a href="+code=key_typu_request_key_auth" class="sref">key_typu_request_key_auth /a>,  a href="+code=desc" class="sref">desc /a>,> 189 /a>                             a href="+code=cred" class="sref">cred /a>-> a href="+code=fsuid" class="sref">fsuid /a>,  a href="+code=cred" class="sref">cred /a>-> a href="+code=fsgid" class="sref">fsgid /a>,  a href="+code=cred" class="sref">cred /a>,> 190 /a>                             a href="+code=KEY_POS_VIEW" class="sref">KEY_POS_VIEW /a> |  a href="+code=KEY_POS_READ" class="sref">KEY_POS_READ /a> |  a href="+code=KEY_POS_SEARCH" class="sref">KEY_POS_SEARCH /a> |> 191 /a>                             a href="+code=KEY_USR_VIEW" class="sref">KEY_USR_VIEW /a>,  a href="+code=KEY_ALLOC_NOT_IN_QUOTA" class="sref">KEY_ALLOC_NOT_IN_QUOTA /a>);> 192 /a>        if ( a href="+code=IS_ERR" class="sref">IS_ERR /a>( a href="+code=authkey" class="sref">authkey /a>)) {> 193 /a>                 a href="+code=ret" class="sref">ret /a> =  a href="+code=PTR_ERR" class="sref">PTR_ERR /a>( a href="+code=authkey" class="sref">authkey /a>);> 194 /a>                goto  a href="+code=error_alloc" class="sref">error_alloc /a>;> 195 /a>        }> 196 /a>> 197 /a>         spao class="comment">/* construct the auth key */ /spaon> 198 /a>         a href="+code=ret" class="sref">ret /a> =  a href="+code=key_instantiate_and_link" class="sref">key_instantiate_and_link /a>( a href="+code=authkey" class="sref">authkey /a>,  a href="+code=rka" class="sref">rka /a>, 0,  a href="+code=NULL" class="sref">NULL /a>,  a href="+code=NULL" class="sref">NULL /a>);> 199 /a>        if ( a href="+code=ret" class="sref">ret /a> < 0)> 200 /a>                goto  a href="+code=error_inst" class="sref">error_inst /a>;> 201 /a>> 202 /a>         a href="+code=kleave" class="sref">kleave /a>( spao class="string">" = {%d,%d}"authkey /a>-> a href="+code=serial" class="sref">serial /a>,  a href="+code=atomic_read" class="sref">atomic_read /a>(& a href="+code=authkey" class="sref">authkey /a>-> a href="+code=usage" class="sref">usage /a>));> 203 /a>        return  a href="+code=authkey" class="sref">authkey /a>;> 204 /a>> 205 /a> a href="+code=auth_key_revoked" class="sref">auth_key_revoked /a>:> 206 /a>         a href="+code=up_read" class="sref">up_read /a>(& a href="+code=cred" class="sref">cred /a>-> a href="+code=request_key_auth" class="sref">request_key_auth /a>-> a href="+code=sem" class="sref">sem /a>);> 207 /a>         a href="+code=kfree" class="sref">kfree /a>( a href="+code=rka" class="sref">rka /a>-> a href="+code=callout_info" class="sref">callout_info /a>);> 208 /a>         a href="+code=kfree" class="sref">kfree /a>( a href="+code=rka" class="sref">rka /a>);> 209 /a>         a href="+code=kleave" class="sref">kleave /a>( spao class="string">"= -EKEYREVOKED" 210 /a>        return  a href="+code=ERR_PTR" class="sref">ERR_PTR /a>(- a href="+code=EKEYREVOKED" class="sref">EKEYREVOKED /a>);> 211 /a>> 212 /a> a href="+code=error_inst" class="sref">error_inst /a>:> 213 /a>         a href="+code=key_revoke" class="sref">key_revoke /a>( a href="+code=authkey" class="sref">authkey /a>);> 214 /a>         a href="+code=key_put" class="sref">key_put /a>( a href="+code=authkey" class="sref">authkey /a>);> 215 /a> a href="+code=error_alloc" class="sref">error_alloc /a>:> 216 /a>         a href="+code=key_put" class="sref">key_put /a>( a href="+code=rka" class="sref">rka /a>-> a href="+code=target_key" class="sref">target_key /a>);> 217 /a>         a href="+code=key_put" class="sref">key_put /a>( a href="+code=rka" class="sref">rka /a>-> a href="+code=dest_keyring" class="sref">dest_keyring /a>);> 218 /a>         a href="+code=kfree" class="sref">kfree /a>( a href="+code=rka" class="sref">rka /a>-> a href="+code=callout_info" class="sref">callout_info /a>);> 219 /a>         a href="+code=kfree" class="sref">kfree /a>( a href="+code=rka" class="sref">rka /a>);> 220 /a>         a href="+code=kleave" class="sref">kleave /a>( spao class="string">"= %d"ret /a>);> 221 /a>        return  a href="+code=ERR_PTR" class="sref">ERR_PTR /a>( a href="+code=ret" class="sref">ret /a>);> 222 /a>}> 223 /a>> 224 /a> spao class="comment">/* /spaon> 225 /a> spao class="comment"> * See if aonauthorisaptionkey is associated with a particularnkey. /spaon> 226 /a> spao class="comment"> */ /spaon> 227 /a>static int  a href="+code=key_get_instantiattio_authkey_match" class="sref">key_get_instantiattio_authkey_match /a>(const struct  a href="+code=key" class="sref">key /a> * a href="+code=key" class="sref">key /a>,> 228 /a>                                               const void * a href="+code=_id" class="sref">_id /a>)> 229 /a>{> 230 /a>        struct  a href="+code=request_key_auth" class="sref">request_key_auth /a> * a href="+code=rka" class="sref">rka /a> =  a href="+code=key" class="sref">key /a>-> a href="+code=payload" class="sref">payload /a>. a href="+code=data" class="sref">data /a>;> 231 /a>         a href="+code=key_serial_t" class="sref">key_serial_t /a>  a href="+code=id" class="sref">id /a> = ( a href="+code=key_serial_t" class="sref">key_serial_t /a>)(unsigned long)  a href="+code=_id" class="sref">_id /a>;> 232 /a>> 233 /a>        return  a href="+code=rka" class="sref">rka /a>-> a href="+code=target_key" class="sref">target_key /a>-> a href="+code=serial" class="sref">serial /a> ==  a href="+code=id" class="sref">id /a>;> 234 /a>}> 235 /a>> 236 /a> spao class="comment">/* /spaon> 237 /a> spao class="comment"> * Search the current process's keyringsnfor the authorisaptionkey for /spaon> 238 /a> spao class="comment"> * instantiattionof ankey. /spaon> 239 /a> spao class="comment"> */ /spaon> 240 /a>struct  a href="+code=key" class="sref">key /a> * a href="+code=key_get_instantiattio_authkey" class="sref">key_get_instantiattio_authkey /a>( a href="+code=key_serial_t" class="sref">key_serial_t /a>  a href="+code=target_id" class="sref">target_id /a>)> 241 /a>{> 242 /a>        const struct  a href="+code=cred" class="sref">cred /a> * a href="+code=cred" class="sref">cred /a> =  a href="+code=current_cred" class="sref">current_cred /a>();> 243 /a>        struct  a href="+code=key" class="sref">key /a> * a href="+code=authkey" class="sref">authkey /a>;> 244 /a>         a href="+code=key_ref_t" class="sref">key_ref_t /a>  a href="+code=authkey_ref" class="sref">authkey_ref /a>;> 245 /a>> 246 /a>         a href="+code=authkey_ref" class="sref">authkey_ref /a> =  a href="+code=search_process_keyrings" class="sref">search_process_keyrings /a>(> 247 /a>                & a href="+code=key_typu_request_key_auth" class="sref">key_typu_request_key_auth /a>,> 248 /a>                (void *) (unsigned long)  a href="+code=target_id" class="sref">target_id /a>,> 249 /a>                 a href="+code=key_get_instantiattio_authkey_match" class="sref">key_get_instantiattio_authkey_match /a>,> 250 /a>                 a href="+code=cred" class="sref">cred /a>);> 251 /a>> 252 /a>        if ( a href="+code=IS_ERR" class="sref">IS_ERR /a>( a href="+code=authkey_ref" class="sref">authkey_ref /a>)) {> 253 /a>                 a href="+code=authkey" class="sref">authkey /a> =  a href="+code=ERR_CAST" class="sref">ERR_CAST /a>( a href="+code=authkey_ref" class="sref">authkey_ref /a>);> 254 /a>                if ( a href="+code=authkey" class="sref">authkey /a> ==  a href="+code=ERR_PTR" class="sref">ERR_PTR /a>(- a href="+code=EAGAIN" class="sref">EAGAIN /a>))> 255 /a>                         a href="+code=authkey" class="sref">authkey /a> =  a href="+code=ERR_PTR" class="sref">ERR_PTR /a>(- a href="+code=ENOKEY" class="sref">ENOKEY /a>);> 256 /a>                goto  a href="+code=error" class="sref">error /a>;> 257 /a>        }> 258 /a>> 259 /a>         a href="+code=authkey" class="sref">authkey /a> =  a href="+code=key_ref_to_ptr" class="sref">key_ref_to_ptr /a>( a href="+code=authkey_ref" class="sref">authkey_ref /a>);> 260 /a>        if ( a href="+code=test_bit" class="sref">test_bit /a>( a href="+code=KEY_FLAG_REVOKED" class="sref">KEY_FLAG_REVOKED /a>, & a href="+code=authkey" class="sref">authkey /a>-> a href="+code=flags" class="sref">flags /a>)) {> 261 /a>                 a href="+code=key_put" class="sref">key_put /a>( a href="+code=authkey" class="sref">authkey /a>);> 262 /a>                 a href="+code=authkey" class="sref">authkey /a> =  a href="+code=ERR_PTR" class="sref">ERR_PTR /a>(- a href="+code=EKEYREVOKED" class="sref">EKEYREVOKED /a>);> 263 /a>        }> 264 /a>> 265 /a> a href="+code=error" class="sref">error /a>:> 266 /a>        return  a href="+code=authkey" class="sref">authkey /a>;> 267 /a>}> 268 /a>
lxr.linux.no kindly hosted by Redpill Linpro AS /a>, providernof Linux consulting and operattios services since 1995.