Lines Matching refs:keyring
76 static int keyring_instantiate(struct key *keyring,
78 static void keyring_revoke(struct key *keyring);
79 static void keyring_destroy(struct key *keyring);
80 static void keyring_describe(const struct key *keyring, struct seq_file *m);
81 static long keyring_read(const struct key *keyring,
107 static void keyring_publish_name(struct key *keyring) in keyring_publish_name() argument
111 if (keyring->description && in keyring_publish_name()
112 keyring->description[0] && in keyring_publish_name()
113 keyring->description[0] != '.') { in keyring_publish_name()
115 list_add_tail(&keyring->name_link, &ns->keyring_name_list); in keyring_publish_name()
140 static int keyring_instantiate(struct key *keyring, in keyring_instantiate() argument
143 assoc_array_init(&keyring->keys); in keyring_instantiate()
145 keyring_publish_name(keyring); in keyring_instantiate()
412 static void keyring_destroy(struct key *keyring) in keyring_destroy() argument
414 if (keyring->description) { in keyring_destroy()
417 if (keyring->name_link.next != NULL && in keyring_destroy()
418 !list_empty(&keyring->name_link)) in keyring_destroy()
419 list_del(&keyring->name_link); in keyring_destroy()
424 if (keyring->restrict_link) { in keyring_destroy()
425 struct key_restriction *keyres = keyring->restrict_link; in keyring_destroy()
431 assoc_array_destroy(&keyring->keys, &keyring_assoc_array_ops); in keyring_destroy()
437 static void keyring_describe(const struct key *keyring, struct seq_file *m) in keyring_describe() argument
439 if (keyring->description) in keyring_describe()
440 seq_puts(m, keyring->description); in keyring_describe()
444 if (key_is_positive(keyring)) { in keyring_describe()
445 if (keyring->keys.nr_leaves_on_tree != 0) in keyring_describe()
446 seq_printf(m, ": %lu", keyring->keys.nr_leaves_on_tree); in keyring_describe()
481 static long keyring_read(const struct key *keyring, in keyring_read() argument
487 kenter("{%d},,%zu", key_serial(keyring), buflen); in keyring_read()
497 ret = assoc_array_iterate(&keyring->keys, in keyring_read()
506 ret = keyring->keys.nr_leaves_on_tree * sizeof(key_serial_t); in keyring_read()
523 struct key *keyring; in keyring_alloc() local
526 keyring = key_alloc(&key_type_keyring, description, in keyring_alloc()
528 if (!IS_ERR(keyring)) { in keyring_alloc()
529 ret = key_instantiate_and_link(keyring, NULL, 0, dest, NULL); in keyring_alloc()
531 key_put(keyring); in keyring_alloc()
532 keyring = ERR_PTR(ret); in keyring_alloc()
536 return keyring; in keyring_alloc()
554 int restrict_link_reject(struct key *keyring, in restrict_link_reject() argument
646 static int search_keyring(struct key *keyring, struct keyring_search_context *ctx) in search_keyring() argument
651 object = assoc_array_find(&keyring->keys, in search_keyring()
656 return assoc_array_iterate(&keyring->keys, ctx->iterator, ctx); in search_keyring()
663 static bool search_nested_keyrings(struct key *keyring, in search_nested_keyrings() argument
667 struct key *keyring; in search_nested_keyrings() member
679 keyring->serial, in search_nested_keyrings()
694 keyring_compare_object(keyring, &ctx->index_key)) { in search_nested_keyrings()
696 switch (ctx->iterator(keyring_key_to_ptr(keyring), ctx)) { in search_nested_keyrings()
710 kdebug("descend to %d", keyring->serial); in search_nested_keyrings()
711 if (keyring->flags & ((1 << KEY_FLAG_INVALIDATED) | in search_nested_keyrings()
718 if (search_keyring(keyring, ctx)) in search_nested_keyrings()
732 ptr = READ_ONCE(keyring->keys.root); in search_nested_keyrings()
801 stack[sp].keyring = keyring; in search_nested_keyrings()
807 keyring = key; in search_nested_keyrings()
848 keyring = stack[sp].keyring; in search_nested_keyrings()
851 kdebug("ascend to %d [%d]", keyring->serial, slot); in search_nested_keyrings()
860 keyring->last_used_at = ctx->now; in search_nested_keyrings()
862 stack[--sp].keyring->last_used_at = ctx->now; in search_nested_keyrings()
905 struct key *keyring; in keyring_search_rcu() local
912 keyring = key_ref_to_ptr(keyring_ref); in keyring_search_rcu()
913 key_check(keyring); in keyring_search_rcu()
915 if (keyring->type != &key_type_keyring) in keyring_search_rcu()
925 if (search_nested_keyrings(keyring, ctx)) in keyring_search_rcu()
940 key_ref_t keyring_search(key_ref_t keyring, in keyring_search() argument
967 key = keyring_search_rcu(keyring, &ctx); in keyring_search()
1027 struct key *keyring; in keyring_restrict() local
1032 keyring = key_ref_to_ptr(keyring_ref); in keyring_restrict()
1033 key_check(keyring); in keyring_restrict()
1035 if (keyring->type != &key_type_keyring) in keyring_restrict()
1059 down_write(&keyring->sem); in keyring_restrict()
1062 if (keyring->restrict_link) { in keyring_restrict()
1064 } else if (keyring_detect_restriction_cycle(keyring, restrict_link)) { in keyring_restrict()
1067 keyring->restrict_link = restrict_link; in keyring_restrict()
1068 notify_key(keyring, NOTIFY_KEY_SETATTR, 0); in keyring_restrict()
1072 up_write(&keyring->sem); in keyring_restrict()
1104 struct key *keyring, *key; in find_key_to_update() local
1107 keyring = key_ref_to_ptr(keyring_ref); in find_key_to_update()
1110 keyring->serial, index_key->type->name, index_key->description); in find_key_to_update()
1112 object = assoc_array_find(&keyring->keys, &keyring_assoc_array_ops, in find_key_to_update()
1147 struct key *keyring; in find_keyring_by_name() local
1157 list_for_each_entry(keyring, &ns->keyring_name_list, name_link) { in find_keyring_by_name()
1158 if (!kuid_has_mapping(ns, keyring->user->uid)) in find_keyring_by_name()
1161 if (test_bit(KEY_FLAG_REVOKED, &keyring->flags)) in find_keyring_by_name()
1164 if (strcmp(keyring->description, name) != 0) in find_keyring_by_name()
1169 &keyring->flags)) in find_keyring_by_name()
1172 if (key_permission(make_key_ref(keyring, 0), in find_keyring_by_name()
1180 if (!refcount_inc_not_zero(&keyring->usage)) in find_keyring_by_name()
1182 keyring->last_used_at = ktime_get_real_seconds(); in find_keyring_by_name()
1186 keyring = ERR_PTR(-ENOKEY); in find_keyring_by_name()
1189 return keyring; in find_keyring_by_name()
1239 int __key_link_lock(struct key *keyring, in __key_link_lock() argument
1241 __acquires(&keyring->sem) in __key_link_lock()
1244 if (keyring->type != &key_type_keyring) in __key_link_lock()
1247 down_write(&keyring->sem); in __key_link_lock()
1295 int __key_link_begin(struct key *keyring, in __key_link_begin() argument
1303 keyring->serial, index_key->type->name, index_key->description); in __key_link_begin()
1311 if (test_bit(KEY_FLAG_REVOKED, &keyring->flags)) in __key_link_begin()
1317 edit = assoc_array_insert(&keyring->keys, in __key_link_begin()
1330 ret = key_payload_reserve(keyring, in __key_link_begin()
1331 keyring->datalen + KEYQUOTA_LINK_BYTES); in __key_link_begin()
1353 int __key_link_check_live_key(struct key *keyring, struct key *key) in __key_link_check_live_key() argument
1358 return keyring_detect_cycle(keyring, key); in __key_link_check_live_key()
1370 void __key_link(struct key *keyring, struct key *key, in __key_link() argument
1377 notify_key(keyring, NOTIFY_KEY_LINKED, key_serial(key)); in __key_link()
1385 void __key_link_end(struct key *keyring, in __key_link_end() argument
1388 __releases(&keyring->sem) in __key_link_end()
1392 kenter("%d,%s,", keyring->serial, index_key->type->name); in __key_link_end()
1396 key_payload_reserve(keyring, in __key_link_end()
1397 keyring->datalen - KEYQUOTA_LINK_BYTES); in __key_link_end()
1401 up_write(&keyring->sem); in __key_link_end()
1410 static int __key_link_check_restriction(struct key *keyring, struct key *key) in __key_link_check_restriction() argument
1412 if (!keyring->restrict_link || !keyring->restrict_link->check) in __key_link_check_restriction()
1414 return keyring->restrict_link->check(keyring, key->type, &key->payload, in __key_link_check_restriction()
1415 keyring->restrict_link->key); in __key_link_check_restriction()
1438 int key_link(struct key *keyring, struct key *key) in key_link() argument
1443 kenter("{%d,%d}", keyring->serial, refcount_read(&keyring->usage)); in key_link()
1445 key_check(keyring); in key_link()
1448 ret = __key_link_lock(keyring, &key->index_key); in key_link()
1452 ret = __key_link_begin(keyring, &key->index_key, &edit); in key_link()
1456 kdebug("begun {%d,%d}", keyring->serial, refcount_read(&keyring->usage)); in key_link()
1457 ret = __key_link_check_restriction(keyring, key); in key_link()
1459 ret = __key_link_check_live_key(keyring, key); in key_link()
1461 __key_link(keyring, key, &edit); in key_link()
1464 __key_link_end(keyring, &key->index_key, edit); in key_link()
1466 kleave(" = %d {%d,%d}", ret, keyring->serial, refcount_read(&keyring->usage)); in key_link()
1474 static int __key_unlink_lock(struct key *keyring) in __key_unlink_lock() argument
1475 __acquires(&keyring->sem) in __key_unlink_lock()
1477 if (keyring->type != &key_type_keyring) in __key_unlink_lock()
1480 down_write(&keyring->sem); in __key_unlink_lock()
1487 static int __key_unlink_begin(struct key *keyring, struct key *key, in __key_unlink_begin() argument
1494 edit = assoc_array_delete(&keyring->keys, &keyring_assoc_array_ops, in __key_unlink_begin()
1509 static void __key_unlink(struct key *keyring, struct key *key, in __key_unlink() argument
1513 notify_key(keyring, NOTIFY_KEY_UNLINKED, key_serial(key)); in __key_unlink()
1515 key_payload_reserve(keyring, keyring->datalen - KEYQUOTA_LINK_BYTES); in __key_unlink()
1521 static void __key_unlink_end(struct key *keyring, in __key_unlink_end() argument
1524 __releases(&keyring->sem) in __key_unlink_end()
1528 up_write(&keyring->sem); in __key_unlink_end()
1548 int key_unlink(struct key *keyring, struct key *key) in key_unlink() argument
1553 key_check(keyring); in key_unlink()
1556 ret = __key_unlink_lock(keyring); in key_unlink()
1560 ret = __key_unlink_begin(keyring, key, &edit); in key_unlink()
1562 __key_unlink(keyring, key, &edit); in key_unlink()
1563 __key_unlink_end(keyring, key, edit); in key_unlink()
1650 int keyring_clear(struct key *keyring) in keyring_clear() argument
1655 if (keyring->type != &key_type_keyring) in keyring_clear()
1658 down_write(&keyring->sem); in keyring_clear()
1660 edit = assoc_array_clear(&keyring->keys, &keyring_assoc_array_ops); in keyring_clear()
1666 notify_key(keyring, NOTIFY_KEY_CLEARED, 0); in keyring_clear()
1667 key_payload_reserve(keyring, 0); in keyring_clear()
1671 up_write(&keyring->sem); in keyring_clear()
1681 static void keyring_revoke(struct key *keyring) in keyring_revoke() argument
1685 edit = assoc_array_clear(&keyring->keys, &keyring_assoc_array_ops); in keyring_revoke()
1689 key_payload_reserve(keyring, 0); in keyring_revoke()
1719 void keyring_gc(struct key *keyring, time64_t limit) in keyring_gc() argument
1723 kenter("%x{%s}", keyring->serial, keyring->description ?: ""); in keyring_gc()
1725 if (keyring->flags & ((1 << KEY_FLAG_INVALIDATED) | in keyring_gc()
1731 result = assoc_array_iterate(&keyring->keys, in keyring_gc()
1742 down_write(&keyring->sem); in keyring_gc()
1743 assoc_array_gc(&keyring->keys, &keyring_assoc_array_ops, in keyring_gc()
1745 up_write(&keyring->sem); in keyring_gc()
1764 void keyring_restriction_gc(struct key *keyring, struct key_type *dead_type) in keyring_restriction_gc() argument
1768 kenter("%x{%s}", keyring->serial, keyring->description ?: ""); in keyring_restriction_gc()
1777 if (!dead_type || !keyring->restrict_link || in keyring_restriction_gc()
1778 keyring->restrict_link->keytype != dead_type) { in keyring_restriction_gc()
1784 down_write(&keyring->sem); in keyring_restriction_gc()
1786 keyres = keyring->restrict_link; in keyring_restriction_gc()
1794 up_write(&keyring->sem); in keyring_restriction_gc()