Home | History | Annotate | Download | only in linux
      1 /* key.h: authentication token and access key management
      2  *
      3  * Copyright (C) 2004 Red Hat, Inc. All Rights Reserved.
      4  * Written by David Howells (dhowells (at) redhat.com)
      5  *
      6  * This program is free software; you can redistribute it and/or
      7  * modify it under the terms of the GNU General Public License
      8  * as published by the Free Software Foundation; either version
      9  * 2 of the License, or (at your option) any later version.
     10  *
     11  *
     12  * See Documentation/keys.txt for information on keys/keyrings.
     13  */
     14 
     15 #ifndef _LINUX_KEY_H
     16 #define _LINUX_KEY_H
     17 
     18 #include <linux/types.h>
     19 #include <linux/list.h>
     20 #include <linux/rbtree.h>
     21 #include <linux/rcupdate.h>
     22 #include <asm/atomic.h>
     23 
     24 #ifdef __KERNEL__
     25 
     26 /* key handle serial number */
     27 typedef int32_t key_serial_t;
     28 
     29 /* key handle permissions mask */
     30 typedef uint32_t key_perm_t;
     31 
     32 struct key;
     33 
     34 #ifdef CONFIG_KEYS
     35 
     36 #undef KEY_DEBUGGING
     37 
     38 #define KEY_POS_VIEW	0x01000000	/* possessor can view a key's attributes */
     39 #define KEY_POS_READ	0x02000000	/* possessor can read key payload / view keyring */
     40 #define KEY_POS_WRITE	0x04000000	/* possessor can update key payload / add link to keyring */
     41 #define KEY_POS_SEARCH	0x08000000	/* possessor can find a key in search / search a keyring */
     42 #define KEY_POS_LINK	0x10000000	/* possessor can create a link to a key/keyring */
     43 #define KEY_POS_SETATTR	0x20000000	/* possessor can set key attributes */
     44 #define KEY_POS_ALL	0x3f000000
     45 
     46 #define KEY_USR_VIEW	0x00010000	/* user permissions... */
     47 #define KEY_USR_READ	0x00020000
     48 #define KEY_USR_WRITE	0x00040000
     49 #define KEY_USR_SEARCH	0x00080000
     50 #define KEY_USR_LINK	0x00100000
     51 #define KEY_USR_SETATTR	0x00200000
     52 #define KEY_USR_ALL	0x003f0000
     53 
     54 #define KEY_GRP_VIEW	0x00000100	/* group permissions... */
     55 #define KEY_GRP_READ	0x00000200
     56 #define KEY_GRP_WRITE	0x00000400
     57 #define KEY_GRP_SEARCH	0x00000800
     58 #define KEY_GRP_LINK	0x00001000
     59 #define KEY_GRP_SETATTR	0x00002000
     60 #define KEY_GRP_ALL	0x00003f00
     61 
     62 #define KEY_OTH_VIEW	0x00000001	/* third party permissions... */
     63 #define KEY_OTH_READ	0x00000002
     64 #define KEY_OTH_WRITE	0x00000004
     65 #define KEY_OTH_SEARCH	0x00000008
     66 #define KEY_OTH_LINK	0x00000010
     67 #define KEY_OTH_SETATTR	0x00000020
     68 #define KEY_OTH_ALL	0x0000003f
     69 
     70 struct seq_file;
     71 struct user_struct;
     72 struct signal_struct;
     73 
     74 struct key_type;
     75 struct key_owner;
     76 struct keyring_list;
     77 struct keyring_name;
     78 
     79 /*****************************************************************************/
     80 /*
     81  * key reference with possession attribute handling
     82  *
     83  * NOTE! key_ref_t is a typedef'd pointer to a type that is not actually
     84  * defined. This is because we abuse the bottom bit of the reference to carry a
     85  * flag to indicate whether the calling process possesses that key in one of
     86  * its keyrings.
     87  *
     88  * the key_ref_t has been made a separate type so that the compiler can reject
     89  * attempts to dereference it without proper conversion.
     90  *
     91  * the three functions are used to assemble and disassemble references
     92  */
     93 typedef struct __key_reference_with_attributes *key_ref_t;
     94 
     95 static inline key_ref_t make_key_ref(const struct key *key,
     96 				     unsigned long possession)
     97 {
     98 	return (key_ref_t) ((unsigned long) key | possession);
     99 }
    100 
    101 static inline struct key *key_ref_to_ptr(const key_ref_t key_ref)
    102 {
    103 	return (struct key *) ((unsigned long) key_ref & ~1UL);
    104 }
    105 
    106 static inline unsigned long is_key_possessed(const key_ref_t key_ref)
    107 {
    108 	return (unsigned long) key_ref & 1UL;
    109 }
    110 
    111 /*****************************************************************************/
    112 /*
    113  * authentication token / access credential / keyring
    114  * - types of key include:
    115  *   - keyrings
    116  *   - disk encryption IDs
    117  *   - Kerberos TGTs and tickets
    118  */
    119 struct key {
    120 	atomic_t		usage;		/* number of references */
    121 	key_serial_t		serial;		/* key serial number */
    122 	struct rb_node		serial_node;
    123 	struct key_type		*type;		/* type of key */
    124 	struct rw_semaphore	sem;		/* change vs change sem */
    125 	struct key_user		*user;		/* owner of this key */
    126 	void			*security;	/* security data for this key */
    127 	time_t			expiry;		/* time at which key expires (or 0) */
    128 	uid_t			uid;
    129 	gid_t			gid;
    130 	key_perm_t		perm;		/* access permissions */
    131 	unsigned short		quotalen;	/* length added to quota */
    132 	unsigned short		datalen;	/* payload data length
    133 						 * - may not match RCU dereferenced payload
    134 						 * - payload should contain own length
    135 						 */
    136 
    137 #ifdef KEY_DEBUGGING
    138 	unsigned		magic;
    139 #define KEY_DEBUG_MAGIC		0x18273645u
    140 #define KEY_DEBUG_MAGIC_X	0xf8e9dacbu
    141 #endif
    142 
    143 	unsigned long		flags;		/* status flags (change with bitops) */
    144 #define KEY_FLAG_INSTANTIATED	0	/* set if key has been instantiated */
    145 #define KEY_FLAG_DEAD		1	/* set if key type has been deleted */
    146 #define KEY_FLAG_REVOKED	2	/* set if key had been revoked */
    147 #define KEY_FLAG_IN_QUOTA	3	/* set if key consumes quota */
    148 #define KEY_FLAG_USER_CONSTRUCT	4	/* set if key is being constructed in userspace */
    149 #define KEY_FLAG_NEGATIVE	5	/* set if key is negative */
    150 
    151 	/* the description string
    152 	 * - this is used to match a key against search criteria
    153 	 * - this should be a printable string
    154 	 * - eg: for krb5 AFS, this might be "afs (at) REDHAT.COM"
    155 	 */
    156 	char			*description;
    157 
    158 	/* type specific data
    159 	 * - this is used by the keyring type to index the name
    160 	 */
    161 	union {
    162 		struct list_head	link;
    163 	} type_data;
    164 
    165 	/* key data
    166 	 * - this is used to hold the data actually used in cryptography or
    167 	 *   whatever
    168 	 */
    169 	union {
    170 		unsigned long		value;
    171 		void			*data;
    172 		struct keyring_list	*subscriptions;
    173 	} payload;
    174 };
    175 
    176 /*****************************************************************************/
    177 /*
    178  * kernel managed key type definition
    179  */
    180 typedef int (*request_key_actor_t)(struct key *key, struct key *authkey,
    181 				   const char *op, void *aux);
    182 
    183 struct key_type {
    184 	/* name of the type */
    185 	const char *name;
    186 
    187 	/* default payload length for quota precalculation (optional)
    188 	 * - this can be used instead of calling key_payload_reserve(), that
    189 	 *   function only needs to be called if the real datalen is different
    190 	 */
    191 	size_t def_datalen;
    192 
    193 	/* instantiate a key of this type
    194 	 * - this method should call key_payload_reserve() to determine if the
    195 	 *   user's quota will hold the payload
    196 	 */
    197 	int (*instantiate)(struct key *key, const void *data, size_t datalen);
    198 
    199 	/* update a key of this type (optional)
    200 	 * - this method should call key_payload_reserve() to recalculate the
    201 	 *   quota consumption
    202 	 * - the key must be locked against read when modifying
    203 	 */
    204 	int (*update)(struct key *key, const void *data, size_t datalen);
    205 
    206 	/* match a key against a description */
    207 	int (*match)(const struct key *key, const void *desc);
    208 
    209 	/* clear some of the data from a key on revokation (optional)
    210 	 * - the key's semaphore will be write-locked by the caller
    211 	 */
    212 	void (*revoke)(struct key *key);
    213 
    214 	/* clear the data from a key (optional) */
    215 	void (*destroy)(struct key *key);
    216 
    217 	/* describe a key */
    218 	void (*describe)(const struct key *key, struct seq_file *p);
    219 
    220 	/* read a key's data (optional)
    221 	 * - permission checks will be done by the caller
    222 	 * - the key's semaphore will be readlocked by the caller
    223 	 * - should return the amount of data that could be read, no matter how
    224 	 *   much is copied into the buffer
    225 	 * - shouldn't do the copy if the buffer is NULL
    226 	 */
    227 	long (*read)(const struct key *key, char __user *buffer, size_t buflen);
    228 
    229 	/* handle request_key() for this type instead of invoking
    230 	 * /sbin/request-key (optional)
    231 	 * - key is the key to instantiate
    232 	 * - authkey is the authority to assume when instantiating this key
    233 	 * - op is the operation to be done, usually "create"
    234 	 * - the call must not return until the instantiation process has run
    235 	 *   its course
    236 	 */
    237 	request_key_actor_t request_key;
    238 
    239 	/* internal fields */
    240 	struct list_head	link;		/* link in types list */
    241 };
    242 
    243 extern struct key_type key_type_keyring;
    244 
    245 extern int register_key_type(struct key_type *ktype);
    246 extern void unregister_key_type(struct key_type *ktype);
    247 
    248 extern struct key *key_alloc(struct key_type *type,
    249 			     const char *desc,
    250 			     uid_t uid, gid_t gid,
    251 			     struct task_struct *ctx,
    252 			     key_perm_t perm,
    253 			     unsigned long flags);
    254 
    255 
    256 #define KEY_ALLOC_IN_QUOTA	0x0000	/* add to quota, reject if would overrun */
    257 #define KEY_ALLOC_QUOTA_OVERRUN	0x0001	/* add to quota, permit even if overrun */
    258 #define KEY_ALLOC_NOT_IN_QUOTA	0x0002	/* not in quota */
    259 
    260 extern int key_payload_reserve(struct key *key, size_t datalen);
    261 extern int key_instantiate_and_link(struct key *key,
    262 				    const void *data,
    263 				    size_t datalen,
    264 				    struct key *keyring,
    265 				    struct key *instkey);
    266 extern int key_negate_and_link(struct key *key,
    267 			       unsigned timeout,
    268 			       struct key *keyring,
    269 			       struct key *instkey);
    270 extern void key_revoke(struct key *key);
    271 extern void key_put(struct key *key);
    272 
    273 static inline struct key *key_get(struct key *key)
    274 {
    275 	if (key)
    276 		atomic_inc(&key->usage);
    277 	return key;
    278 }
    279 
    280 static inline void key_ref_put(key_ref_t key_ref)
    281 {
    282 	key_put(key_ref_to_ptr(key_ref));
    283 }
    284 
    285 extern struct key *request_key(struct key_type *type,
    286 			       const char *description,
    287 			       const char *callout_info);
    288 
    289 extern struct key *request_key_with_auxdata(struct key_type *type,
    290 					    const char *description,
    291 					    const char *callout_info,
    292 					    void *aux);
    293 
    294 extern int key_validate(struct key *key);
    295 
    296 extern key_ref_t key_create_or_update(key_ref_t keyring,
    297 				      const char *type,
    298 				      const char *description,
    299 				      const void *payload,
    300 				      size_t plen,
    301 				      unsigned long flags);
    302 
    303 extern int key_update(key_ref_t key,
    304 		      const void *payload,
    305 		      size_t plen);
    306 
    307 extern int key_link(struct key *keyring,
    308 		    struct key *key);
    309 
    310 extern int key_unlink(struct key *keyring,
    311 		      struct key *key);
    312 
    313 extern struct key *keyring_alloc(const char *description, uid_t uid, gid_t gid,
    314 				 struct task_struct *ctx,
    315 				 unsigned long flags,
    316 				 struct key *dest);
    317 
    318 extern int keyring_clear(struct key *keyring);
    319 
    320 extern key_ref_t keyring_search(key_ref_t keyring,
    321 				struct key_type *type,
    322 				const char *description);
    323 
    324 extern int keyring_add_key(struct key *keyring,
    325 			   struct key *key);
    326 
    327 extern struct key *key_lookup(key_serial_t id);
    328 
    329 extern void keyring_replace_payload(struct key *key, void *replacement);
    330 
    331 #define key_serial(key) ((key) ? (key)->serial : 0)
    332 
    333 /*
    334  * the userspace interface
    335  */
    336 extern struct key root_user_keyring, root_session_keyring;
    337 extern int alloc_uid_keyring(struct user_struct *user,
    338 			     struct task_struct *ctx);
    339 extern void switch_uid_keyring(struct user_struct *new_user);
    340 extern int copy_keys(unsigned long clone_flags, struct task_struct *tsk);
    341 extern int copy_thread_group_keys(struct task_struct *tsk);
    342 extern void exit_keys(struct task_struct *tsk);
    343 extern void exit_thread_group_keys(struct signal_struct *tg);
    344 extern int suid_keys(struct task_struct *tsk);
    345 extern int exec_keys(struct task_struct *tsk);
    346 extern void key_fsuid_changed(struct task_struct *tsk);
    347 extern void key_fsgid_changed(struct task_struct *tsk);
    348 extern void key_init(void);
    349 
    350 #define __install_session_keyring(tsk, keyring)			\
    351 ({								\
    352 	struct key *old_session = tsk->signal->session_keyring;	\
    353 	tsk->signal->session_keyring = keyring;			\
    354 	old_session;						\
    355 })
    356 
    357 #else /* CONFIG_KEYS */
    358 
    359 #define key_validate(k)			0
    360 #define key_serial(k)			0
    361 #define key_get(k) 			({ NULL; })
    362 #define key_put(k)			do { } while(0)
    363 #define key_ref_put(k)			do { } while(0)
    364 #define make_key_ref(k)			({ NULL; })
    365 #define key_ref_to_ptr(k)		({ NULL; })
    366 #define is_key_possessed(k)		0
    367 #define alloc_uid_keyring(u,c)		0
    368 #define switch_uid_keyring(u)		do { } while(0)
    369 #define __install_session_keyring(t, k)	({ NULL; })
    370 #define copy_keys(f,t)			0
    371 #define copy_thread_group_keys(t)	0
    372 #define exit_keys(t)			do { } while(0)
    373 #define exit_thread_group_keys(tg)	do { } while(0)
    374 #define suid_keys(t)			do { } while(0)
    375 #define exec_keys(t)			do { } while(0)
    376 #define key_fsuid_changed(t)		do { } while(0)
    377 #define key_fsgid_changed(t)		do { } while(0)
    378 #define key_init()			do { } while(0)
    379 
    380 /* Initial keyrings */
    381 extern struct key root_user_keyring;
    382 extern struct key root_session_keyring;
    383 
    384 #endif /* CONFIG_KEYS */
    385 #endif /* __KERNEL__ */
    386 #endif /* _LINUX_KEY_H */
    387