aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2011-03-07 15:05:59 +0000
committerJames Morris <jmorris@namei.org>2011-03-08 11:17:15 +1100
commitb9fffa3877a3ebbe0a5ad5a247358e2f7df15b24 (patch)
tree0f58a92c2616b3663f88935290d32a4c90d57025
parent633e804e89464d3875e59de1959a53f9041d3094 (diff)
KEYS: Add a key type op to permit the key description to be vetted
Add a key type operation to permit the key type to vet the description of a new key that key_alloc() is about to allocate. The operation may reject the description if it wishes with an error of its choosing. If it does this, the key will not be allocated. Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r--Documentation/keys.txt7
-rw-r--r--include/linux/key-type.h3
-rw-r--r--net/rxrpc/ar-key.c19
-rw-r--r--security/keys/key.c8
4 files changed, 37 insertions, 0 deletions
diff --git a/Documentation/keys.txt b/Documentation/keys.txt
index e4dbbdb1bd9..cf68d1fed95 100644
--- a/Documentation/keys.txt
+++ b/Documentation/keys.txt
@@ -1062,6 +1062,13 @@ The structure has a number of fields, some of which are mandatory:
viable.
+ (*) int (*vet_description)(const char *description);
+
+ This optional method is called to vet a key description. If the key type
+ doesn't approve of the key description, it may return an error, otherwise
+ it should return 0.
+
+
(*) int (*instantiate)(struct key *key, const void *data, size_t datalen);
This method is called to attach a payload to a key during construction.
diff --git a/include/linux/key-type.h b/include/linux/key-type.h
index 65833d4d599..fc8525e838b 100644
--- a/include/linux/key-type.h
+++ b/include/linux/key-type.h
@@ -41,6 +41,9 @@ struct key_type {
*/
size_t def_datalen;
+ /* vet a description */
+ int (*vet_description)(const char *description);
+
/* instantiate a key of this type
* - this method should call key_payload_reserve() to determine if the
* user's quota will hold the payload
diff --git a/net/rxrpc/ar-key.c b/net/rxrpc/ar-key.c
index d763793d39d..43ea7de2fc8 100644
--- a/net/rxrpc/ar-key.c
+++ b/net/rxrpc/ar-key.c
@@ -25,6 +25,7 @@
#include <keys/user-type.h>
#include "ar-internal.h"
+static int rxrpc_vet_description_s(const char *);
static int rxrpc_instantiate(struct key *, const void *, size_t);
static int rxrpc_instantiate_s(struct key *, const void *, size_t);
static void rxrpc_destroy(struct key *);
@@ -52,6 +53,7 @@ EXPORT_SYMBOL(key_type_rxrpc);
*/
struct key_type key_type_rxrpc_s = {
.name = "rxrpc_s",
+ .vet_description = rxrpc_vet_description_s,
.instantiate = rxrpc_instantiate_s,
.match = user_match,
.destroy = rxrpc_destroy_s,
@@ -59,6 +61,23 @@ struct key_type key_type_rxrpc_s = {
};
/*
+ * Vet the description for an RxRPC server key
+ */
+static int rxrpc_vet_description_s(const char *desc)
+{
+ unsigned long num;
+ char *p;
+
+ num = simple_strtoul(desc, &p, 10);
+ if (*p != ':' || num > 65535)
+ return -EINVAL;
+ num = simple_strtoul(p + 1, &p, 10);
+ if (*p || num < 1 || num > 255)
+ return -EINVAL;
+ return 0;
+}
+
+/*
* parse an RxKAD type XDR format token
* - the caller guarantees we have at least 4 words
*/
diff --git a/security/keys/key.c b/security/keys/key.c
index 1c2d43dc510..8e315ef2e88 100644
--- a/security/keys/key.c
+++ b/security/keys/key.c
@@ -249,6 +249,14 @@ struct key *key_alloc(struct key_type *type, const char *desc,
if (!desc || !*desc)
goto error;
+ if (type->vet_description) {
+ ret = type->vet_description(desc);
+ if (ret < 0) {
+ key = ERR_PTR(ret);
+ goto error;
+ }
+ }
+
desclen = strlen(desc) + 1;
quotalen = desclen + type->def_datalen;