From b9fffa3877a3ebbe0a5ad5a247358e2f7df15b24 Mon Sep 17 00:00:00 2001 From: David Howells Date: Mon, 7 Mar 2011 15:05:59 +0000 Subject: KEYS: Add a key type op to permit the key description to be vetted Add a key type operation to permit the key type to vet the description of a new key that key_alloc() is about to allocate. The operation may reject the description if it wishes with an error of its choosing. If it does this, the key will not be allocated. Signed-off-by: David Howells Reviewed-by: Mimi Zohar Signed-off-by: James Morris --- Documentation/keys.txt | 7 +++++++ include/linux/key-type.h | 3 +++ net/rxrpc/ar-key.c | 19 +++++++++++++++++++ security/keys/key.c | 8 ++++++++ 4 files changed, 37 insertions(+) diff --git a/Documentation/keys.txt b/Documentation/keys.txt index e4dbbdb1bd9..cf68d1fed95 100644 --- a/Documentation/keys.txt +++ b/Documentation/keys.txt @@ -1062,6 +1062,13 @@ The structure has a number of fields, some of which are mandatory: viable. + (*) int (*vet_description)(const char *description); + + This optional method is called to vet a key description. If the key type + doesn't approve of the key description, it may return an error, otherwise + it should return 0. + + (*) int (*instantiate)(struct key *key, const void *data, size_t datalen); This method is called to attach a payload to a key during construction. diff --git a/include/linux/key-type.h b/include/linux/key-type.h index 65833d4d599..fc8525e838b 100644 --- a/include/linux/key-type.h +++ b/include/linux/key-type.h @@ -41,6 +41,9 @@ struct key_type { */ size_t def_datalen; + /* vet a description */ + int (*vet_description)(const char *description); + /* instantiate a key of this type * - this method should call key_payload_reserve() to determine if the * user's quota will hold the payload diff --git a/net/rxrpc/ar-key.c b/net/rxrpc/ar-key.c index d763793d39d..43ea7de2fc8 100644 --- a/net/rxrpc/ar-key.c +++ b/net/rxrpc/ar-key.c @@ -25,6 +25,7 @@ #include #include "ar-internal.h" +static int rxrpc_vet_description_s(const char *); static int rxrpc_instantiate(struct key *, const void *, size_t); static int rxrpc_instantiate_s(struct key *, const void *, size_t); static void rxrpc_destroy(struct key *); @@ -52,12 +53,30 @@ EXPORT_SYMBOL(key_type_rxrpc); */ struct key_type key_type_rxrpc_s = { .name = "rxrpc_s", + .vet_description = rxrpc_vet_description_s, .instantiate = rxrpc_instantiate_s, .match = user_match, .destroy = rxrpc_destroy_s, .describe = rxrpc_describe, }; +/* + * Vet the description for an RxRPC server key + */ +static int rxrpc_vet_description_s(const char *desc) +{ + unsigned long num; + char *p; + + num = simple_strtoul(desc, &p, 10); + if (*p != ':' || num > 65535) + return -EINVAL; + num = simple_strtoul(p + 1, &p, 10); + if (*p || num < 1 || num > 255) + return -EINVAL; + return 0; +} + /* * parse an RxKAD type XDR format token * - the caller guarantees we have at least 4 words diff --git a/security/keys/key.c b/security/keys/key.c index 1c2d43dc510..8e315ef2e88 100644 --- a/security/keys/key.c +++ b/security/keys/key.c @@ -249,6 +249,14 @@ struct key *key_alloc(struct key_type *type, const char *desc, if (!desc || !*desc) goto error; + if (type->vet_description) { + ret = type->vet_description(desc); + if (ret < 0) { + key = ERR_PTR(ret); + goto error; + } + } + desclen = strlen(desc) + 1; quotalen = desclen + type->def_datalen; -- cgit v1.2.3-18-g5258