]>
Commit | Line | Data |
---|---|---|
76181c13 | 1 | /* Request a key from userspace |
1da177e4 | 2 | * |
76181c13 | 3 | * Copyright (C) 2004-2007 Red Hat, Inc. All Rights Reserved. |
1da177e4 LT |
4 | * Written by David Howells (dhowells@redhat.com) |
5 | * | |
6 | * This program is free software; you can redistribute it and/or | |
7 | * modify it under the terms of the GNU General Public License | |
8 | * as published by the Free Software Foundation; either version | |
9 | * 2 of the License, or (at your option) any later version. | |
f1a9badc DH |
10 | * |
11 | * See Documentation/keys-request-key.txt | |
1da177e4 LT |
12 | */ |
13 | ||
14 | #include <linux/module.h> | |
15 | #include <linux/sched.h> | |
16 | #include <linux/kmod.h> | |
17 | #include <linux/err.h> | |
3e30148c | 18 | #include <linux/keyctl.h> |
fdb89bce | 19 | #include <linux/slab.h> |
1da177e4 LT |
20 | #include "internal.h" |
21 | ||
e9e349b0 DH |
22 | #define key_negative_timeout 60 /* default timeout on a negative key's existence */ |
23 | ||
76181c13 DH |
24 | /* |
25 | * wait_on_bit() sleep function for uninterruptible waiting | |
26 | */ | |
27 | static int key_wait_bit(void *flags) | |
28 | { | |
29 | schedule(); | |
30 | return 0; | |
31 | } | |
32 | ||
33 | /* | |
34 | * wait_on_bit() sleep function for interruptible waiting | |
35 | */ | |
36 | static int key_wait_bit_intr(void *flags) | |
37 | { | |
38 | schedule(); | |
39 | return signal_pending(current) ? -ERESTARTSYS : 0; | |
40 | } | |
41 | ||
42 | /* | |
43 | * call to complete the construction of a key | |
44 | */ | |
45 | void complete_request_key(struct key_construction *cons, int error) | |
46 | { | |
47 | kenter("{%d,%d},%d", cons->key->serial, cons->authkey->serial, error); | |
1da177e4 | 48 | |
76181c13 DH |
49 | if (error < 0) |
50 | key_negate_and_link(cons->key, key_negative_timeout, NULL, | |
51 | cons->authkey); | |
52 | else | |
53 | key_revoke(cons->authkey); | |
54 | ||
55 | key_put(cons->key); | |
56 | key_put(cons->authkey); | |
57 | kfree(cons); | |
58 | } | |
59 | EXPORT_SYMBOL(complete_request_key); | |
1da177e4 | 60 | |
1da177e4 LT |
61 | /* |
62 | * request userspace finish the construction of a key | |
b5f545c8 | 63 | * - execute "/sbin/request-key <op> <key> <uid> <gid> <keyring> <keyring> <keyring>" |
1da177e4 | 64 | */ |
76181c13 | 65 | static int call_sbin_request_key(struct key_construction *cons, |
4e54f085 DH |
66 | const char *op, |
67 | void *aux) | |
1da177e4 | 68 | { |
86a264ab | 69 | const struct cred *cred = current_cred(); |
1da177e4 | 70 | key_serial_t prkey, sskey; |
76181c13 | 71 | struct key *key = cons->key, *authkey = cons->authkey, *keyring; |
b5f545c8 | 72 | char *argv[9], *envp[3], uid_str[12], gid_str[12]; |
1da177e4 | 73 | char key_str[12], keyring_str[3][12]; |
b5f545c8 | 74 | char desc[20]; |
3e30148c DH |
75 | int ret, i; |
76 | ||
b5f545c8 | 77 | kenter("{%d},{%d},%s", key->serial, authkey->serial, op); |
3e30148c | 78 | |
8bbf4976 DH |
79 | ret = install_user_keyrings(); |
80 | if (ret < 0) | |
81 | goto error_alloc; | |
82 | ||
b5f545c8 DH |
83 | /* allocate a new session keyring */ |
84 | sprintf(desc, "_req.%u", key->serial); | |
85 | ||
d84f4f99 DH |
86 | cred = get_current_cred(); |
87 | keyring = keyring_alloc(desc, cred->fsuid, cred->fsgid, cred, | |
7e047ef5 | 88 | KEY_ALLOC_QUOTA_OVERRUN, NULL); |
d84f4f99 | 89 | put_cred(cred); |
b5f545c8 DH |
90 | if (IS_ERR(keyring)) { |
91 | ret = PTR_ERR(keyring); | |
92 | goto error_alloc; | |
3e30148c | 93 | } |
1da177e4 | 94 | |
b5f545c8 DH |
95 | /* attach the auth key to the session keyring */ |
96 | ret = __key_link(keyring, authkey); | |
97 | if (ret < 0) | |
98 | goto error_link; | |
99 | ||
1da177e4 | 100 | /* record the UID and GID */ |
86a264ab DH |
101 | sprintf(uid_str, "%d", cred->fsuid); |
102 | sprintf(gid_str, "%d", cred->fsgid); | |
1da177e4 LT |
103 | |
104 | /* we say which key is under construction */ | |
105 | sprintf(key_str, "%d", key->serial); | |
106 | ||
107 | /* we specify the process's default keyrings */ | |
108 | sprintf(keyring_str[0], "%d", | |
d84f4f99 | 109 | cred->thread_keyring ? cred->thread_keyring->serial : 0); |
1da177e4 LT |
110 | |
111 | prkey = 0; | |
bb952bb9 DH |
112 | if (cred->tgcred->process_keyring) |
113 | prkey = cred->tgcred->process_keyring->serial; | |
1da177e4 | 114 | |
bb952bb9 DH |
115 | if (cred->tgcred->session_keyring) |
116 | sskey = rcu_dereference(cred->tgcred->session_keyring)->serial; | |
117 | else | |
86a264ab | 118 | sskey = cred->user->session_keyring->serial; |
1da177e4 | 119 | |
1da177e4 LT |
120 | sprintf(keyring_str[2], "%d", sskey); |
121 | ||
122 | /* set up a minimal environment */ | |
123 | i = 0; | |
124 | envp[i++] = "HOME=/"; | |
125 | envp[i++] = "PATH=/sbin:/bin:/usr/sbin:/usr/bin"; | |
126 | envp[i] = NULL; | |
127 | ||
128 | /* set up the argument list */ | |
129 | i = 0; | |
130 | argv[i++] = "/sbin/request-key"; | |
131 | argv[i++] = (char *) op; | |
132 | argv[i++] = key_str; | |
133 | argv[i++] = uid_str; | |
134 | argv[i++] = gid_str; | |
135 | argv[i++] = keyring_str[0]; | |
136 | argv[i++] = keyring_str[1]; | |
137 | argv[i++] = keyring_str[2]; | |
1da177e4 LT |
138 | argv[i] = NULL; |
139 | ||
140 | /* do it */ | |
86313c48 JF |
141 | ret = call_usermodehelper_keys(argv[0], argv, envp, keyring, |
142 | UMH_WAIT_PROC); | |
76181c13 DH |
143 | kdebug("usermode -> 0x%x", ret); |
144 | if (ret >= 0) { | |
145 | /* ret is the exit/wait code */ | |
146 | if (test_bit(KEY_FLAG_USER_CONSTRUCT, &key->flags) || | |
147 | key_validate(key) < 0) | |
148 | ret = -ENOKEY; | |
149 | else | |
150 | /* ignore any errors from userspace if the key was | |
151 | * instantiated */ | |
152 | ret = 0; | |
153 | } | |
3e30148c | 154 | |
b5f545c8 DH |
155 | error_link: |
156 | key_put(keyring); | |
3e30148c | 157 | |
b5f545c8 | 158 | error_alloc: |
76181c13 | 159 | complete_request_key(cons, ret); |
d84f4f99 | 160 | kleave(" = %d", ret); |
3e30148c | 161 | return ret; |
76181c13 | 162 | } |
1da177e4 | 163 | |
1da177e4 | 164 | /* |
76181c13 | 165 | * call out to userspace for key construction |
1da177e4 LT |
166 | * - we ignore program failure and go on key status instead |
167 | */ | |
4a38e122 | 168 | static int construct_key(struct key *key, const void *callout_info, |
8bbf4976 DH |
169 | size_t callout_len, void *aux, |
170 | struct key *dest_keyring) | |
1da177e4 | 171 | { |
76181c13 | 172 | struct key_construction *cons; |
b5f545c8 | 173 | request_key_actor_t actor; |
76181c13 DH |
174 | struct key *authkey; |
175 | int ret; | |
1da177e4 | 176 | |
4a38e122 | 177 | kenter("%d,%p,%zu,%p", key->serial, callout_info, callout_len, aux); |
3e30148c | 178 | |
76181c13 DH |
179 | cons = kmalloc(sizeof(*cons), GFP_KERNEL); |
180 | if (!cons) | |
181 | return -ENOMEM; | |
1da177e4 | 182 | |
b5f545c8 | 183 | /* allocate an authorisation key */ |
8bbf4976 DH |
184 | authkey = request_key_auth_new(key, callout_info, callout_len, |
185 | dest_keyring); | |
b5f545c8 | 186 | if (IS_ERR(authkey)) { |
76181c13 | 187 | kfree(cons); |
b5f545c8 DH |
188 | ret = PTR_ERR(authkey); |
189 | authkey = NULL; | |
76181c13 DH |
190 | } else { |
191 | cons->authkey = key_get(authkey); | |
192 | cons->key = key_get(key); | |
193 | ||
194 | /* make the call */ | |
195 | actor = call_sbin_request_key; | |
196 | if (key->type->request_key) | |
197 | actor = key->type->request_key; | |
198 | ||
199 | ret = actor(cons, "create", aux); | |
200 | ||
201 | /* check that the actor called complete_request_key() prior to | |
202 | * returning an error */ | |
203 | WARN_ON(ret < 0 && | |
204 | !test_bit(KEY_FLAG_REVOKED, &authkey->flags)); | |
205 | key_put(authkey); | |
1da177e4 LT |
206 | } |
207 | ||
76181c13 DH |
208 | kleave(" = %d", ret); |
209 | return ret; | |
210 | } | |
1da177e4 | 211 | |
3e30148c | 212 | /* |
8bbf4976 DH |
213 | * get the appropriate destination keyring for the request |
214 | * - we return whatever keyring we select with an extra reference upon it which | |
215 | * the caller must release | |
3e30148c | 216 | */ |
8bbf4976 | 217 | static void construct_get_dest_keyring(struct key **_dest_keyring) |
3e30148c | 218 | { |
8bbf4976 | 219 | struct request_key_auth *rka; |
bb952bb9 | 220 | const struct cred *cred = current_cred(); |
8bbf4976 | 221 | struct key *dest_keyring = *_dest_keyring, *authkey; |
3e30148c | 222 | |
8bbf4976 | 223 | kenter("%p", dest_keyring); |
3e30148c DH |
224 | |
225 | /* find the appropriate keyring */ | |
8bbf4976 DH |
226 | if (dest_keyring) { |
227 | /* the caller supplied one */ | |
228 | key_get(dest_keyring); | |
229 | } else { | |
230 | /* use a default keyring; falling through the cases until we | |
231 | * find one that we actually have */ | |
bb952bb9 | 232 | switch (cred->jit_keyring) { |
3e30148c | 233 | case KEY_REQKEY_DEFL_DEFAULT: |
8bbf4976 | 234 | case KEY_REQKEY_DEFL_REQUESTOR_KEYRING: |
bb952bb9 DH |
235 | if (cred->request_key_auth) { |
236 | authkey = cred->request_key_auth; | |
8bbf4976 DH |
237 | down_read(&authkey->sem); |
238 | rka = authkey->payload.data; | |
239 | if (!test_bit(KEY_FLAG_REVOKED, | |
240 | &authkey->flags)) | |
241 | dest_keyring = | |
242 | key_get(rka->dest_keyring); | |
243 | up_read(&authkey->sem); | |
244 | if (dest_keyring) | |
245 | break; | |
246 | } | |
247 | ||
3e30148c | 248 | case KEY_REQKEY_DEFL_THREAD_KEYRING: |
bb952bb9 | 249 | dest_keyring = key_get(cred->thread_keyring); |
3e30148c DH |
250 | if (dest_keyring) |
251 | break; | |
252 | ||
253 | case KEY_REQKEY_DEFL_PROCESS_KEYRING: | |
bb952bb9 | 254 | dest_keyring = key_get(cred->tgcred->process_keyring); |
3e30148c DH |
255 | if (dest_keyring) |
256 | break; | |
257 | ||
258 | case KEY_REQKEY_DEFL_SESSION_KEYRING: | |
259 | rcu_read_lock(); | |
260 | dest_keyring = key_get( | |
bb952bb9 | 261 | rcu_dereference(cred->tgcred->session_keyring)); |
3e30148c | 262 | rcu_read_unlock(); |
3e30148c DH |
263 | |
264 | if (dest_keyring) | |
265 | break; | |
266 | ||
267 | case KEY_REQKEY_DEFL_USER_SESSION_KEYRING: | |
b6dff3ec | 268 | dest_keyring = |
bb952bb9 | 269 | key_get(cred->user->session_keyring); |
3e30148c DH |
270 | break; |
271 | ||
272 | case KEY_REQKEY_DEFL_USER_KEYRING: | |
bb952bb9 | 273 | dest_keyring = key_get(cred->user->uid_keyring); |
3e30148c DH |
274 | break; |
275 | ||
276 | case KEY_REQKEY_DEFL_GROUP_KEYRING: | |
277 | default: | |
278 | BUG(); | |
279 | } | |
280 | } | |
281 | ||
8bbf4976 DH |
282 | *_dest_keyring = dest_keyring; |
283 | kleave(" [dk %d]", key_serial(dest_keyring)); | |
284 | return; | |
76181c13 | 285 | } |
3e30148c | 286 | |
76181c13 DH |
287 | /* |
288 | * allocate a new key in under-construction state and attempt to link it in to | |
289 | * the requested place | |
290 | * - may return a key that's already under construction instead | |
291 | */ | |
292 | static int construct_alloc_key(struct key_type *type, | |
293 | const char *description, | |
294 | struct key *dest_keyring, | |
295 | unsigned long flags, | |
296 | struct key_user *user, | |
297 | struct key **_key) | |
298 | { | |
d84f4f99 | 299 | const struct cred *cred = current_cred(); |
76181c13 DH |
300 | struct key *key; |
301 | key_ref_t key_ref; | |
302 | ||
303 | kenter("%s,%s,,,", type->name, description); | |
304 | ||
305 | mutex_lock(&user->cons_lock); | |
306 | ||
d84f4f99 DH |
307 | key = key_alloc(type, description, cred->fsuid, cred->fsgid, cred, |
308 | KEY_POS_ALL, flags); | |
76181c13 DH |
309 | if (IS_ERR(key)) |
310 | goto alloc_failed; | |
311 | ||
312 | set_bit(KEY_FLAG_USER_CONSTRUCT, &key->flags); | |
313 | ||
34574dd1 DH |
314 | if (dest_keyring) |
315 | down_write(&dest_keyring->sem); | |
76181c13 DH |
316 | |
317 | /* attach the key to the destination keyring under lock, but we do need | |
318 | * to do another check just in case someone beat us to it whilst we | |
319 | * waited for locks */ | |
320 | mutex_lock(&key_construction_mutex); | |
321 | ||
d84f4f99 | 322 | key_ref = search_process_keyrings(type, description, type->match, cred); |
76181c13 DH |
323 | if (!IS_ERR(key_ref)) |
324 | goto key_already_present; | |
325 | ||
34574dd1 DH |
326 | if (dest_keyring) |
327 | __key_link(dest_keyring, key); | |
76181c13 DH |
328 | |
329 | mutex_unlock(&key_construction_mutex); | |
34574dd1 DH |
330 | if (dest_keyring) |
331 | up_write(&dest_keyring->sem); | |
76181c13 DH |
332 | mutex_unlock(&user->cons_lock); |
333 | *_key = key; | |
334 | kleave(" = 0 [%d]", key_serial(key)); | |
335 | return 0; | |
336 | ||
337 | key_already_present: | |
338 | mutex_unlock(&key_construction_mutex); | |
339 | if (dest_keyring) | |
340 | up_write(&dest_keyring->sem); | |
341 | mutex_unlock(&user->cons_lock); | |
342 | key_put(key); | |
343 | *_key = key = key_ref_to_ptr(key_ref); | |
344 | kleave(" = -EINPROGRESS [%d]", key_serial(key)); | |
345 | return -EINPROGRESS; | |
346 | ||
347 | alloc_failed: | |
348 | mutex_unlock(&user->cons_lock); | |
349 | *_key = NULL; | |
350 | kleave(" = %ld", PTR_ERR(key)); | |
351 | return PTR_ERR(key); | |
352 | } | |
353 | ||
354 | /* | |
355 | * commence key construction | |
356 | */ | |
357 | static struct key *construct_key_and_link(struct key_type *type, | |
358 | const char *description, | |
359 | const char *callout_info, | |
4a38e122 | 360 | size_t callout_len, |
76181c13 DH |
361 | void *aux, |
362 | struct key *dest_keyring, | |
363 | unsigned long flags) | |
364 | { | |
365 | struct key_user *user; | |
366 | struct key *key; | |
367 | int ret; | |
368 | ||
d84f4f99 DH |
369 | kenter(""); |
370 | ||
1d1e9756 | 371 | user = key_user_lookup(current_fsuid(), current_user_ns()); |
76181c13 DH |
372 | if (!user) |
373 | return ERR_PTR(-ENOMEM); | |
374 | ||
8bbf4976 DH |
375 | construct_get_dest_keyring(&dest_keyring); |
376 | ||
76181c13 DH |
377 | ret = construct_alloc_key(type, description, dest_keyring, flags, user, |
378 | &key); | |
379 | key_user_put(user); | |
380 | ||
381 | if (ret == 0) { | |
8bbf4976 DH |
382 | ret = construct_key(key, callout_info, callout_len, aux, |
383 | dest_keyring); | |
d84f4f99 DH |
384 | if (ret < 0) { |
385 | kdebug("cons failed"); | |
76181c13 | 386 | goto construction_failed; |
d84f4f99 | 387 | } |
76181c13 DH |
388 | } |
389 | ||
8bbf4976 | 390 | key_put(dest_keyring); |
d84f4f99 | 391 | kleave(" = key %d", key_serial(key)); |
76181c13 DH |
392 | return key; |
393 | ||
394 | construction_failed: | |
395 | key_negate_and_link(key, key_negative_timeout, NULL, NULL); | |
396 | key_put(key); | |
8bbf4976 | 397 | key_put(dest_keyring); |
d84f4f99 | 398 | kleave(" = %d", ret); |
76181c13 DH |
399 | return ERR_PTR(ret); |
400 | } | |
3e30148c | 401 | |
1da177e4 LT |
402 | /* |
403 | * request a key | |
404 | * - search the process's keyrings | |
405 | * - check the list of keys being created or updated | |
3e30148c DH |
406 | * - call out to userspace for a key if supplementary info was provided |
407 | * - cache the key in an appropriate keyring | |
1da177e4 | 408 | */ |
3e30148c DH |
409 | struct key *request_key_and_link(struct key_type *type, |
410 | const char *description, | |
4a38e122 DH |
411 | const void *callout_info, |
412 | size_t callout_len, | |
4e54f085 | 413 | void *aux, |
7e047ef5 DH |
414 | struct key *dest_keyring, |
415 | unsigned long flags) | |
1da177e4 | 416 | { |
d84f4f99 | 417 | const struct cred *cred = current_cred(); |
1da177e4 | 418 | struct key *key; |
664cceb0 | 419 | key_ref_t key_ref; |
1da177e4 | 420 | |
4a38e122 DH |
421 | kenter("%s,%s,%p,%zu,%p,%p,%lx", |
422 | type->name, description, callout_info, callout_len, aux, | |
4e54f085 | 423 | dest_keyring, flags); |
3e30148c | 424 | |
1da177e4 | 425 | /* search all the process keyrings for a key */ |
664cceb0 | 426 | key_ref = search_process_keyrings(type, description, type->match, |
d84f4f99 | 427 | cred); |
1da177e4 | 428 | |
664cceb0 DH |
429 | if (!IS_ERR(key_ref)) { |
430 | key = key_ref_to_ptr(key_ref); | |
76181c13 | 431 | } else if (PTR_ERR(key_ref) != -EAGAIN) { |
e231c2ee | 432 | key = ERR_CAST(key_ref); |
76181c13 | 433 | } else { |
1da177e4 LT |
434 | /* the search failed, but the keyrings were searchable, so we |
435 | * should consult userspace if we can */ | |
436 | key = ERR_PTR(-ENOKEY); | |
437 | if (!callout_info) | |
438 | goto error; | |
439 | ||
76181c13 | 440 | key = construct_key_and_link(type, description, callout_info, |
4a38e122 DH |
441 | callout_len, aux, dest_keyring, |
442 | flags); | |
1da177e4 LT |
443 | } |
444 | ||
3e30148c DH |
445 | error: |
446 | kleave(" = %p", key); | |
1da177e4 | 447 | return key; |
76181c13 | 448 | } |
1da177e4 | 449 | |
76181c13 DH |
450 | /* |
451 | * wait for construction of a key to complete | |
452 | */ | |
453 | int wait_for_key_construction(struct key *key, bool intr) | |
454 | { | |
455 | int ret; | |
3e30148c | 456 | |
76181c13 DH |
457 | ret = wait_on_bit(&key->flags, KEY_FLAG_USER_CONSTRUCT, |
458 | intr ? key_wait_bit_intr : key_wait_bit, | |
459 | intr ? TASK_INTERRUPTIBLE : TASK_UNINTERRUPTIBLE); | |
460 | if (ret < 0) | |
461 | return ret; | |
462 | return key_validate(key); | |
463 | } | |
464 | EXPORT_SYMBOL(wait_for_key_construction); | |
3e30148c | 465 | |
3e30148c DH |
466 | /* |
467 | * request a key | |
468 | * - search the process's keyrings | |
469 | * - check the list of keys being created or updated | |
470 | * - call out to userspace for a key if supplementary info was provided | |
76181c13 | 471 | * - waits uninterruptible for creation to complete |
3e30148c DH |
472 | */ |
473 | struct key *request_key(struct key_type *type, | |
474 | const char *description, | |
475 | const char *callout_info) | |
476 | { | |
76181c13 | 477 | struct key *key; |
4a38e122 | 478 | size_t callout_len = 0; |
76181c13 DH |
479 | int ret; |
480 | ||
4a38e122 DH |
481 | if (callout_info) |
482 | callout_len = strlen(callout_info); | |
483 | key = request_key_and_link(type, description, callout_info, callout_len, | |
484 | NULL, NULL, KEY_ALLOC_IN_QUOTA); | |
76181c13 DH |
485 | if (!IS_ERR(key)) { |
486 | ret = wait_for_key_construction(key, false); | |
487 | if (ret < 0) { | |
488 | key_put(key); | |
489 | return ERR_PTR(ret); | |
490 | } | |
491 | } | |
492 | return key; | |
493 | } | |
1da177e4 | 494 | EXPORT_SYMBOL(request_key); |
4e54f085 | 495 | |
4e54f085 DH |
496 | /* |
497 | * request a key with auxiliary data for the upcaller | |
498 | * - search the process's keyrings | |
499 | * - check the list of keys being created or updated | |
500 | * - call out to userspace for a key if supplementary info was provided | |
76181c13 | 501 | * - waits uninterruptible for creation to complete |
4e54f085 DH |
502 | */ |
503 | struct key *request_key_with_auxdata(struct key_type *type, | |
504 | const char *description, | |
4a38e122 DH |
505 | const void *callout_info, |
506 | size_t callout_len, | |
4e54f085 DH |
507 | void *aux) |
508 | { | |
76181c13 DH |
509 | struct key *key; |
510 | int ret; | |
511 | ||
4a38e122 DH |
512 | key = request_key_and_link(type, description, callout_info, callout_len, |
513 | aux, NULL, KEY_ALLOC_IN_QUOTA); | |
76181c13 DH |
514 | if (!IS_ERR(key)) { |
515 | ret = wait_for_key_construction(key, false); | |
516 | if (ret < 0) { | |
517 | key_put(key); | |
518 | return ERR_PTR(ret); | |
519 | } | |
520 | } | |
521 | return key; | |
522 | } | |
523 | EXPORT_SYMBOL(request_key_with_auxdata); | |
4e54f085 | 524 | |
76181c13 DH |
525 | /* |
526 | * request a key (allow async construction) | |
527 | * - search the process's keyrings | |
528 | * - check the list of keys being created or updated | |
529 | * - call out to userspace for a key if supplementary info was provided | |
530 | */ | |
531 | struct key *request_key_async(struct key_type *type, | |
532 | const char *description, | |
4a38e122 DH |
533 | const void *callout_info, |
534 | size_t callout_len) | |
76181c13 | 535 | { |
4a38e122 DH |
536 | return request_key_and_link(type, description, callout_info, |
537 | callout_len, NULL, NULL, | |
538 | KEY_ALLOC_IN_QUOTA); | |
76181c13 DH |
539 | } |
540 | EXPORT_SYMBOL(request_key_async); | |
4e54f085 | 541 | |
76181c13 DH |
542 | /* |
543 | * request a key with auxiliary data for the upcaller (allow async construction) | |
544 | * - search the process's keyrings | |
545 | * - check the list of keys being created or updated | |
546 | * - call out to userspace for a key if supplementary info was provided | |
547 | */ | |
548 | struct key *request_key_async_with_auxdata(struct key_type *type, | |
549 | const char *description, | |
4a38e122 DH |
550 | const void *callout_info, |
551 | size_t callout_len, | |
76181c13 DH |
552 | void *aux) |
553 | { | |
4a38e122 DH |
554 | return request_key_and_link(type, description, callout_info, |
555 | callout_len, aux, NULL, KEY_ALLOC_IN_QUOTA); | |
76181c13 DH |
556 | } |
557 | EXPORT_SYMBOL(request_key_async_with_auxdata); |