]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/blob - security/keys/process_keys.c
projects / mirror_ubuntu-bionic-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
spi-imx: Implements handling of the SPI_READY mode flag.
[mirror_ubuntu-bionic-kernel.git] / security / keys / process_keys.c
1 /* Manage a process's keyrings
2 *
3 * Copyright (C) 2004-2005, 2008 Red Hat, Inc. All Rights Reserved.
4 * Written by David Howells (dhowells@redhat.com)
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 */
11
12 #include <linux/module.h>
13 #include <linux/init.h>
14 #include <linux/sched.h>
15 #include <linux/sched/user.h>
16 #include <linux/keyctl.h>
17 #include <linux/fs.h>
18 #include <linux/err.h>
19 #include <linux/mutex.h>
20 #include <linux/security.h>
21 #include <linux/user_namespace.h>
22 #include <linux/uaccess.h>
23 #include "internal.h"
24
25 /* Session keyring create vs join semaphore */
26 static DEFINE_MUTEX(key_session_mutex);
27
28 /* User keyring creation semaphore */
29 static DEFINE_MUTEX(key_user_keyring_mutex);
30
31 /* The root user's tracking struct */
32 struct key_user root_key_user = {
33 .usage = ATOMIC_INIT(3),
34 .cons_lock = __MUTEX_INITIALIZER(root_key_user.cons_lock),
35 .lock = __SPIN_LOCK_UNLOCKED(root_key_user.lock),
36 .nkeys = ATOMIC_INIT(2),
37 .nikeys = ATOMIC_INIT(2),
38 .uid = GLOBAL_ROOT_UID,
39 };
40
41 /*
42 * Install the user and user session keyrings for the current process's UID.
43 */
44 int install_user_keyrings(void)
45 {
46 struct user_struct *user;
47 const struct cred *cred;
48 struct key *uid_keyring, *session_keyring;
49 key_perm_t user_keyring_perm;
50 char buf[20];
51 int ret;
52 uid_t uid;
53
54 user_keyring_perm = (KEY_POS_ALL & ~KEY_POS_SETATTR) | KEY_USR_ALL;
55 cred = current_cred();
56 user = cred->user;
57 uid = from_kuid(cred->user_ns, user->uid);
58
59 kenter("%p{%u}", user, uid);
60
61 if (user->uid_keyring && user->session_keyring) {
62 kleave(" = 0 [exist]");
63 return 0;
64 }
65
66 mutex_lock(&key_user_keyring_mutex);
67 ret = 0;
68
69 if (!user->uid_keyring) {
70 /* get the UID-specific keyring
71 * - there may be one in existence already as it may have been
72 * pinned by a session, but the user_struct pointing to it
73 * may have been destroyed by setuid */
74 sprintf(buf, "_uid.%u", uid);
75
76 uid_keyring = find_keyring_by_name(buf, true);
77 if (IS_ERR(uid_keyring)) {
78 uid_keyring = keyring_alloc(buf, user->uid, INVALID_GID,
79 cred, user_keyring_perm,
80 KEY_ALLOC_IN_QUOTA,
81 NULL, NULL);
82 if (IS_ERR(uid_keyring)) {
83 ret = PTR_ERR(uid_keyring);
84 goto error;
85 }
86 }
87
88 /* get a default session keyring (which might also exist
89 * already) */
90 sprintf(buf, "_uid_ses.%u", uid);
91
92 session_keyring = find_keyring_by_name(buf, true);
93 if (IS_ERR(session_keyring)) {
94 session_keyring =
95 keyring_alloc(buf, user->uid, INVALID_GID,
96 cred, user_keyring_perm,
97 KEY_ALLOC_IN_QUOTA,
98 NULL, NULL);
99 if (IS_ERR(session_keyring)) {
100 ret = PTR_ERR(session_keyring);
101 goto error_release;
102 }
103
104 /* we install a link from the user session keyring to
105 * the user keyring */
106 ret = key_link(session_keyring, uid_keyring);
107 if (ret < 0)
108 goto error_release_both;
109 }
110
111 /* install the keyrings */
112 user->uid_keyring = uid_keyring;
113 user->session_keyring = session_keyring;
114 }
115
116 mutex_unlock(&key_user_keyring_mutex);
117 kleave(" = 0");
118 return 0;
119
120 error_release_both:
121 key_put(session_keyring);
122 error_release:
123 key_put(uid_keyring);
124 error:
125 mutex_unlock(&key_user_keyring_mutex);
126 kleave(" = %d", ret);
127 return ret;
128 }
129
130 /*
131 * Install a fresh thread keyring directly to new credentials. This keyring is
132 * allowed to overrun the quota.
133 */
134 int install_thread_keyring_to_cred(struct cred *new)
135 {
136 struct key *keyring;
137
138 keyring = keyring_alloc("_tid", new->uid, new->gid, new,
139 KEY_POS_ALL | KEY_USR_VIEW,
140 KEY_ALLOC_QUOTA_OVERRUN,
141 NULL, NULL);
142 if (IS_ERR(keyring))
143 return PTR_ERR(keyring);
144
145 new->thread_keyring = keyring;
146 return 0;
147 }
148
149 /*
150 * Install a fresh thread keyring, discarding the old one.
151 */
152 static int install_thread_keyring(void)
153 {
154 struct cred *new;
155 int ret;
156
157 new = prepare_creds();
158 if (!new)
159 return -ENOMEM;
160
161 BUG_ON(new->thread_keyring);
162
163 ret = install_thread_keyring_to_cred(new);
164 if (ret < 0) {
165 abort_creds(new);
166 return ret;
167 }
168
169 return commit_creds(new);
170 }
171
172 /*
173 * Install a process keyring directly to a credentials struct.
174 *
175 * Returns -EEXIST if there was already a process keyring, 0 if one installed,
176 * and other value on any other error
177 */
178 int install_process_keyring_to_cred(struct cred *new)
179 {
180 struct key *keyring;
181
182 if (new->process_keyring)
183 return -EEXIST;
184
185 keyring = keyring_alloc("_pid", new->uid, new->gid, new,
186 KEY_POS_ALL | KEY_USR_VIEW,
187 KEY_ALLOC_QUOTA_OVERRUN,
188 NULL, NULL);
189 if (IS_ERR(keyring))
190 return PTR_ERR(keyring);
191
192 new->process_keyring = keyring;
193 return 0;
194 }
195
196 /*
197 * Make sure a process keyring is installed for the current process. The
198 * existing process keyring is not replaced.
199 *
200 * Returns 0 if there is a process keyring by the end of this function, some
201 * error otherwise.
202 */
203 static int install_process_keyring(void)
204 {
205 struct cred *new;
206 int ret;
207
208 new = prepare_creds();
209 if (!new)
210 return -ENOMEM;
211
212 ret = install_process_keyring_to_cred(new);
213 if (ret < 0) {
214 abort_creds(new);
215 return ret != -EEXIST ? ret : 0;
216 }
217
218 return commit_creds(new);
219 }
220
221 /*
222 * Install a session keyring directly to a credentials struct.
223 */
224 int install_session_keyring_to_cred(struct cred *cred, struct key *keyring)
225 {
226 unsigned long flags;
227 struct key *old;
228
229 might_sleep();
230
231 /* create an empty session keyring */
232 if (!keyring) {
233 flags = KEY_ALLOC_QUOTA_OVERRUN;
234 if (cred->session_keyring)
235 flags = KEY_ALLOC_IN_QUOTA;
236
237 keyring = keyring_alloc("_ses", cred->uid, cred->gid, cred,
238 KEY_POS_ALL | KEY_USR_VIEW | KEY_USR_READ,
239 flags, NULL, NULL);
240 if (IS_ERR(keyring))
241 return PTR_ERR(keyring);
242 } else {
243 __key_get(keyring);
244 }
245
246 /* install the keyring */
247 old = cred->session_keyring;
248 rcu_assign_pointer(cred->session_keyring, keyring);
249
250 if (old)
251 key_put(old);
252
253 return 0;
254 }
255
256 /*
257 * Install a session keyring, discarding the old one. If a keyring is not
258 * supplied, an empty one is invented.
259 */
260 static int install_session_keyring(struct key *keyring)
261 {
262 struct cred *new;
263 int ret;
264
265 new = prepare_creds();
266 if (!new)
267 return -ENOMEM;
268
269 ret = install_session_keyring_to_cred(new, keyring);
270 if (ret < 0) {
271 abort_creds(new);
272 return ret;
273 }
274
275 return commit_creds(new);
276 }
277
278 /*
279 * Handle the fsuid changing.
280 */
281 void key_fsuid_changed(struct task_struct *tsk)
282 {
283 /* update the ownership of the thread keyring */
284 BUG_ON(!tsk->cred);
285 if (tsk->cred->thread_keyring) {
286 down_write(&tsk->cred->thread_keyring->sem);
287 tsk->cred->thread_keyring->uid = tsk->cred->fsuid;
288 up_write(&tsk->cred->thread_keyring->sem);
289 }
290 }
291
292 /*
293 * Handle the fsgid changing.
294 */
295 void key_fsgid_changed(struct task_struct *tsk)
296 {
297 /* update the ownership of the thread keyring */
298 BUG_ON(!tsk->cred);
299 if (tsk->cred->thread_keyring) {
300 down_write(&tsk->cred->thread_keyring->sem);
301 tsk->cred->thread_keyring->gid = tsk->cred->fsgid;
302 up_write(&tsk->cred->thread_keyring->sem);
303 }
304 }
305
306 /*
307 * Search the process keyrings attached to the supplied cred for the first
308 * matching key.
309 *
310 * The search criteria are the type and the match function. The description is
311 * given to the match function as a parameter, but doesn't otherwise influence
312 * the search. Typically the match function will compare the description
313 * parameter to the key's description.
314 *
315 * This can only search keyrings that grant Search permission to the supplied
316 * credentials. Keyrings linked to searched keyrings will also be searched if
317 * they grant Search permission too. Keys can only be found if they grant
318 * Search permission to the credentials.
319 *
320 * Returns a pointer to the key with the key usage count incremented if
321 * successful, -EAGAIN if we didn't find any matching key or -ENOKEY if we only
322 * matched negative keys.
323 *
324 * In the case of a successful return, the possession attribute is set on the
325 * returned key reference.
326 */
327 key_ref_t search_my_process_keyrings(struct keyring_search_context *ctx)
328 {
329 key_ref_t key_ref, ret, err;
330
331 /* we want to return -EAGAIN or -ENOKEY if any of the keyrings were
332 * searchable, but we failed to find a key or we found a negative key;
333 * otherwise we want to return a sample error (probably -EACCES) if
334 * none of the keyrings were searchable
335 *
336 * in terms of priority: success > -ENOKEY > -EAGAIN > other error
337 */
338 key_ref = NULL;
339 ret = NULL;
340 err = ERR_PTR(-EAGAIN);
341
342 /* search the thread keyring first */
343 if (ctx->cred->thread_keyring) {
344 key_ref = keyring_search_aux(
345 make_key_ref(ctx->cred->thread_keyring, 1), ctx);
346 if (!IS_ERR(key_ref))
347 goto found;
348
349 switch (PTR_ERR(key_ref)) {
350 case -EAGAIN: /* no key */
351 case -ENOKEY: /* negative key */
352 ret = key_ref;
353 break;
354 default:
355 err = key_ref;
356 break;
357 }
358 }
359
360 /* search the process keyring second */
361 if (ctx->cred->process_keyring) {
362 key_ref = keyring_search_aux(
363 make_key_ref(ctx->cred->process_keyring, 1), ctx);
364 if (!IS_ERR(key_ref))
365 goto found;
366
367 switch (PTR_ERR(key_ref)) {
368 case -EAGAIN: /* no key */
369 if (ret)
370 break;
371 case -ENOKEY: /* negative key */
372 ret = key_ref;
373 break;
374 default:
375 err = key_ref;
376 break;
377 }
378 }
379
380 /* search the session keyring */
381 if (ctx->cred->session_keyring) {
382 rcu_read_lock();
383 key_ref = keyring_search_aux(
384 make_key_ref(rcu_dereference(ctx->cred->session_keyring), 1),
385 ctx);
386 rcu_read_unlock();
387
388 if (!IS_ERR(key_ref))
389 goto found;
390
391 switch (PTR_ERR(key_ref)) {
392 case -EAGAIN: /* no key */
393 if (ret)
394 break;
395 case -ENOKEY: /* negative key */
396 ret = key_ref;
397 break;
398 default:
399 err = key_ref;
400 break;
401 }
402 }
403 /* or search the user-session keyring */
404 else if (ctx->cred->user->session_keyring) {
405 key_ref = keyring_search_aux(
406 make_key_ref(ctx->cred->user->session_keyring, 1),
407 ctx);
408 if (!IS_ERR(key_ref))
409 goto found;
410
411 switch (PTR_ERR(key_ref)) {
412 case -EAGAIN: /* no key */
413 if (ret)
414 break;
415 case -ENOKEY: /* negative key */
416 ret = key_ref;
417 break;
418 default:
419 err = key_ref;
420 break;
421 }
422 }
423
424 /* no key - decide on the error we're going to go for */
425 key_ref = ret ? ret : err;
426
427 found:
428 return key_ref;
429 }
430
431 /*
432 * Search the process keyrings attached to the supplied cred for the first
433 * matching key in the manner of search_my_process_keyrings(), but also search
434 * the keys attached to the assumed authorisation key using its credentials if
435 * one is available.
436 *
437 * Return same as search_my_process_keyrings().
438 */
439 key_ref_t search_process_keyrings(struct keyring_search_context *ctx)
440 {
441 struct request_key_auth *rka;
442 key_ref_t key_ref, ret = ERR_PTR(-EACCES), err;
443
444 might_sleep();
445
446 key_ref = search_my_process_keyrings(ctx);
447 if (!IS_ERR(key_ref))
448 goto found;
449 err = key_ref;
450
451 /* if this process has an instantiation authorisation key, then we also
452 * search the keyrings of the process mentioned there
453 * - we don't permit access to request_key auth keys via this method
454 */
455 if (ctx->cred->request_key_auth &&
456 ctx->cred == current_cred() &&
457 ctx->index_key.type != &key_type_request_key_auth
458 ) {
459 const struct cred *cred = ctx->cred;
460
461 /* defend against the auth key being revoked */
462 down_read(&cred->request_key_auth->sem);
463
464 if (key_validate(ctx->cred->request_key_auth) == 0) {
465 rka = ctx->cred->request_key_auth->payload.data[0];
466
467 ctx->cred = rka->cred;
468 key_ref = search_process_keyrings(ctx);
469 ctx->cred = cred;
470
471 up_read(&cred->request_key_auth->sem);
472
473 if (!IS_ERR(key_ref))
474 goto found;
475
476 ret = key_ref;
477 } else {
478 up_read(&cred->request_key_auth->sem);
479 }
480 }
481
482 /* no key - decide on the error we're going to go for */
483 if (err == ERR_PTR(-ENOKEY) || ret == ERR_PTR(-ENOKEY))
484 key_ref = ERR_PTR(-ENOKEY);
485 else if (err == ERR_PTR(-EACCES))
486 key_ref = ret;
487 else
488 key_ref = err;
489
490 found:
491 return key_ref;
492 }
493
494 /*
495 * See if the key we're looking at is the target key.
496 */
497 bool lookup_user_key_possessed(const struct key *key,
498 const struct key_match_data *match_data)
499 {
500 return key == match_data->raw_data;
501 }
502
503 /*
504 * Look up a key ID given us by userspace with a given permissions mask to get
505 * the key it refers to.
506 *
507 * Flags can be passed to request that special keyrings be created if referred
508 * to directly, to permit partially constructed keys to be found and to skip
509 * validity and permission checks on the found key.
510 *
511 * Returns a pointer to the key with an incremented usage count if successful;
512 * -EINVAL if the key ID is invalid; -ENOKEY if the key ID does not correspond
513 * to a key or the best found key was a negative key; -EKEYREVOKED or
514 * -EKEYEXPIRED if the best found key was revoked or expired; -EACCES if the
515 * found key doesn't grant the requested permit or the LSM denied access to it;
516 * or -ENOMEM if a special keyring couldn't be created.
517 *
518 * In the case of a successful return, the possession attribute is set on the
519 * returned key reference.
520 */
521 key_ref_t lookup_user_key(key_serial_t id, unsigned long lflags,
522 key_perm_t perm)
523 {
524 struct keyring_search_context ctx = {
525 .match_data.cmp = lookup_user_key_possessed,
526 .match_data.lookup_type = KEYRING_SEARCH_LOOKUP_DIRECT,
527 .flags = KEYRING_SEARCH_NO_STATE_CHECK,
528 };
529 struct request_key_auth *rka;
530 struct key *key;
531 key_ref_t key_ref, skey_ref;
532 int ret;
533
534 try_again:
535 ctx.cred = get_current_cred();
536 key_ref = ERR_PTR(-ENOKEY);
537
538 switch (id) {
539 case KEY_SPEC_THREAD_KEYRING:
540 if (!ctx.cred->thread_keyring) {
541 if (!(lflags & KEY_LOOKUP_CREATE))
542 goto error;
543
544 ret = install_thread_keyring();
545 if (ret < 0) {
546 key_ref = ERR_PTR(ret);
547 goto error;
548 }
549 goto reget_creds;
550 }
551
552 key = ctx.cred->thread_keyring;
553 __key_get(key);
554 key_ref = make_key_ref(key, 1);
555 break;
556
557 case KEY_SPEC_PROCESS_KEYRING:
558 if (!ctx.cred->process_keyring) {
559 if (!(lflags & KEY_LOOKUP_CREATE))
560 goto error;
561
562 ret = install_process_keyring();
563 if (ret < 0) {
564 key_ref = ERR_PTR(ret);
565 goto error;
566 }
567 goto reget_creds;
568 }
569
570 key = ctx.cred->process_keyring;
571 __key_get(key);
572 key_ref = make_key_ref(key, 1);
573 break;
574
575 case KEY_SPEC_SESSION_KEYRING:
576 if (!ctx.cred->session_keyring) {
577 /* always install a session keyring upon access if one
578 * doesn't exist yet */
579 ret = install_user_keyrings();
580 if (ret < 0)
581 goto error;
582 if (lflags & KEY_LOOKUP_CREATE)
583 ret = join_session_keyring(NULL);
584 else
585 ret = install_session_keyring(
586 ctx.cred->user->session_keyring);
587
588 if (ret < 0)
589 goto error;
590 goto reget_creds;
591 } else if (ctx.cred->session_keyring ==
592 ctx.cred->user->session_keyring &&
593 lflags & KEY_LOOKUP_CREATE) {
594 ret = join_session_keyring(NULL);
595 if (ret < 0)
596 goto error;
597 goto reget_creds;
598 }
599
600 rcu_read_lock();
601 key = rcu_dereference(ctx.cred->session_keyring);
602 __key_get(key);
603 rcu_read_unlock();
604 key_ref = make_key_ref(key, 1);
605 break;
606
607 case KEY_SPEC_USER_KEYRING:
608 if (!ctx.cred->user->uid_keyring) {
609 ret = install_user_keyrings();
610 if (ret < 0)
611 goto error;
612 }
613
614 key = ctx.cred->user->uid_keyring;
615 __key_get(key);
616 key_ref = make_key_ref(key, 1);
617 break;
618
619 case KEY_SPEC_USER_SESSION_KEYRING:
620 if (!ctx.cred->user->session_keyring) {
621 ret = install_user_keyrings();
622 if (ret < 0)
623 goto error;
624 }
625
626 key = ctx.cred->user->session_keyring;
627 __key_get(key);
628 key_ref = make_key_ref(key, 1);
629 break;
630
631 case KEY_SPEC_GROUP_KEYRING:
632 /* group keyrings are not yet supported */
633 key_ref = ERR_PTR(-EINVAL);
634 goto error;
635
636 case KEY_SPEC_REQKEY_AUTH_KEY:
637 key = ctx.cred->request_key_auth;
638 if (!key)
639 goto error;
640
641 __key_get(key);
642 key_ref = make_key_ref(key, 1);
643 break;
644
645 case KEY_SPEC_REQUESTOR_KEYRING:
646 if (!ctx.cred->request_key_auth)
647 goto error;
648
649 down_read(&ctx.cred->request_key_auth->sem);
650 if (test_bit(KEY_FLAG_REVOKED,
651 &ctx.cred->request_key_auth->flags)) {
652 key_ref = ERR_PTR(-EKEYREVOKED);
653 key = NULL;
654 } else {
655 rka = ctx.cred->request_key_auth->payload.data[0];
656 key = rka->dest_keyring;
657 __key_get(key);
658 }
659 up_read(&ctx.cred->request_key_auth->sem);
660 if (!key)
661 goto error;
662 key_ref = make_key_ref(key, 1);
663 break;
664
665 default:
666 key_ref = ERR_PTR(-EINVAL);
667 if (id < 1)
668 goto error;
669
670 key = key_lookup(id);
671 if (IS_ERR(key)) {
672 key_ref = ERR_CAST(key);
673 goto error;
674 }
675
676 key_ref = make_key_ref(key, 0);
677
678 /* check to see if we possess the key */
679 ctx.index_key.type = key->type;
680 ctx.index_key.description = key->description;
681 ctx.index_key.desc_len = strlen(key->description);
682 ctx.match_data.raw_data = key;
683 kdebug("check possessed");
684 skey_ref = search_process_keyrings(&ctx);
685 kdebug("possessed=%p", skey_ref);
686
687 if (!IS_ERR(skey_ref)) {
688 key_put(key);
689 key_ref = skey_ref;
690 }
691
692 break;
693 }
694
695 /* unlink does not use the nominated key in any way, so can skip all
696 * the permission checks as it is only concerned with the keyring */
697 if (lflags & KEY_LOOKUP_FOR_UNLINK) {
698 ret = 0;
699 goto error;
700 }
701
702 if (!(lflags & KEY_LOOKUP_PARTIAL)) {
703 ret = wait_for_key_construction(key, true);
704 switch (ret) {
705 case -ERESTARTSYS:
706 goto invalid_key;
707 default:
708 if (perm)
709 goto invalid_key;
710 case 0:
711 break;
712 }
713 } else if (perm) {
714 ret = key_validate(key);
715 if (ret < 0)
716 goto invalid_key;
717 }
718
719 ret = -EIO;
720 if (!(lflags & KEY_LOOKUP_PARTIAL) &&
721 !test_bit(KEY_FLAG_INSTANTIATED, &key->flags))
722 goto invalid_key;
723
724 /* check the permissions */
725 ret = key_task_permission(key_ref, ctx.cred, perm);
726 if (ret < 0)
727 goto invalid_key;
728
729 key->last_used_at = current_kernel_time().tv_sec;
730
731 error:
732 put_cred(ctx.cred);
733 return key_ref;
734
735 invalid_key:
736 key_ref_put(key_ref);
737 key_ref = ERR_PTR(ret);
738 goto error;
739
740 /* if we attempted to install a keyring, then it may have caused new
741 * creds to be installed */
742 reget_creds:
743 put_cred(ctx.cred);
744 goto try_again;
745 }
746
747 /*
748 * Join the named keyring as the session keyring if possible else attempt to
749 * create a new one of that name and join that.
750 *
751 * If the name is NULL, an empty anonymous keyring will be installed as the
752 * session keyring.
753 *
754 * Named session keyrings are joined with a semaphore held to prevent the
755 * keyrings from going away whilst the attempt is made to going them and also
756 * to prevent a race in creating compatible session keyrings.
757 */
758 long join_session_keyring(const char *name)
759 {
760 const struct cred *old;
761 struct cred *new;
762 struct key *keyring;
763 long ret, serial;
764
765 new = prepare_creds();
766 if (!new)
767 return -ENOMEM;
768 old = current_cred();
769
770 /* if no name is provided, install an anonymous keyring */
771 if (!name) {
772 ret = install_session_keyring_to_cred(new, NULL);
773 if (ret < 0)
774 goto error;
775
776 serial = new->session_keyring->serial;
777 ret = commit_creds(new);
778 if (ret == 0)
779 ret = serial;
780 goto okay;
781 }
782
783 /* allow the user to join or create a named keyring */
784 mutex_lock(&key_session_mutex);
785
786 /* look for an existing keyring of this name */
787 keyring = find_keyring_by_name(name, false);
788 if (PTR_ERR(keyring) == -ENOKEY) {
789 /* not found - try and create a new one */
790 keyring = keyring_alloc(
791 name, old->uid, old->gid, old,
792 KEY_POS_ALL | KEY_USR_VIEW | KEY_USR_READ | KEY_USR_LINK,
793 KEY_ALLOC_IN_QUOTA, NULL, NULL);
794 if (IS_ERR(keyring)) {
795 ret = PTR_ERR(keyring);
796 goto error2;
797 }
798 } else if (IS_ERR(keyring)) {
799 ret = PTR_ERR(keyring);
800 goto error2;
801 } else if (keyring == new->session_keyring) {
802 key_put(keyring);
803 ret = 0;
804 goto error2;
805 }
806
807 /* we've got a keyring - now to install it */
808 ret = install_session_keyring_to_cred(new, keyring);
809 if (ret < 0)
810 goto error2;
811
812 commit_creds(new);
813 mutex_unlock(&key_session_mutex);
814
815 ret = keyring->serial;
816 key_put(keyring);
817 okay:
818 return ret;
819
820 error2:
821 mutex_unlock(&key_session_mutex);
822 error:
823 abort_creds(new);
824 return ret;
825 }
826
827 /*
828 * Replace a process's session keyring on behalf of one of its children when
829 * the target process is about to resume userspace execution.
830 */
831 void key_change_session_keyring(struct callback_head *twork)
832 {
833 const struct cred *old = current_cred();
834 struct cred *new = container_of(twork, struct cred, rcu);
835
836 if (unlikely(current->flags & PF_EXITING)) {
837 put_cred(new);
838 return;
839 }
840
841 new-> uid = old-> uid;
842 new-> euid = old-> euid;
843 new-> suid = old-> suid;
844 new->fsuid = old->fsuid;
845 new-> gid = old-> gid;
846 new-> egid = old-> egid;
847 new-> sgid = old-> sgid;
848 new->fsgid = old->fsgid;
849 new->user = get_uid(old->user);
850 new->user_ns = get_user_ns(old->user_ns);
851 new->group_info = get_group_info(old->group_info);
852
853 new->securebits = old->securebits;
854 new->cap_inheritable = old->cap_inheritable;
855 new->cap_permitted = old->cap_permitted;
856 new->cap_effective = old->cap_effective;
857 new->cap_ambient = old->cap_ambient;
858 new->cap_bset = old->cap_bset;
859
860 new->jit_keyring = old->jit_keyring;
861 new->thread_keyring = key_get(old->thread_keyring);
862 new->process_keyring = key_get(old->process_keyring);
863
864 security_transfer_creds(new, old);
865
866 commit_creds(new);
867 }
868
869 /*
870 * Make sure that root's user and user-session keyrings exist.
871 */
872 static int __init init_root_keyring(void)
873 {
874 return install_user_keyrings();
875 }
876
877 late_initcall(init_root_keyring);
ubuntu-bionic-kernel mirror