1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* Manage a process's keyrings 3 * 4 * Copyright (C) 2004-2005, 2008 Red Hat, Inc. All Rights Reserved. 5 * Written by David Howells (dhowells@redhat.com) 6 */ 7 8 #include <linux/init.h> 9 #include <linux/sched.h> 10 #include <linux/sched/user.h> 11 #include <linux/keyctl.h> 12 #include <linux/fs.h> 13 #include <linux/err.h> 14 #include <linux/mutex.h> 15 #include <linux/security.h> 16 #include <linux/user_namespace.h> 17 #include <linux/uaccess.h> 18 #include <keys/request_key_auth-type.h> 19 #include "internal.h" 20 21 /* Session keyring create vs join semaphore */ 22 static DEFINE_MUTEX(key_session_mutex); 23 24 /* User keyring creation semaphore */ 25 static DEFINE_MUTEX(key_user_keyring_mutex); 26 27 /* The root user's tracking struct */ 28 struct key_user root_key_user = { 29 .usage = REFCOUNT_INIT(3), 30 .cons_lock = __MUTEX_INITIALIZER(root_key_user.cons_lock), 31 .lock = __SPIN_LOCK_UNLOCKED(root_key_user.lock), 32 .nkeys = ATOMIC_INIT(2), 33 .nikeys = ATOMIC_INIT(2), 34 .uid = GLOBAL_ROOT_UID, 35 }; 36 37 /* 38 * Install the user and user session keyrings for the current process's UID. 39 */ 40 int install_user_keyrings(void) 41 { 42 struct user_struct *user; 43 const struct cred *cred; 44 struct key *uid_keyring, *session_keyring; 45 key_perm_t user_keyring_perm; 46 char buf[20]; 47 int ret; 48 uid_t uid; 49 50 user_keyring_perm = (KEY_POS_ALL & ~KEY_POS_SETATTR) | KEY_USR_ALL; 51 cred = current_cred(); 52 user = cred->user; 53 uid = from_kuid(cred->user_ns, user->uid); 54 55 kenter("%p{%u}", user, uid); 56 57 if (READ_ONCE(user->uid_keyring) && READ_ONCE(user->session_keyring)) { 58 kleave(" = 0 [exist]"); 59 return 0; 60 } 61 62 mutex_lock(&key_user_keyring_mutex); 63 ret = 0; 64 65 if (!user->uid_keyring) { 66 /* get the UID-specific keyring 67 * - there may be one in existence already as it may have been 68 * pinned by a session, but the user_struct pointing to it 69 * may have been destroyed by setuid */ 70 sprintf(buf, "_uid.%u", uid); 71 72 uid_keyring = find_keyring_by_name(buf, true); 73 if (IS_ERR(uid_keyring)) { 74 uid_keyring = keyring_alloc(buf, user->uid, INVALID_GID, 75 cred, user_keyring_perm, 76 KEY_ALLOC_UID_KEYRING | 77 KEY_ALLOC_IN_QUOTA, 78 NULL, NULL); 79 if (IS_ERR(uid_keyring)) { 80 ret = PTR_ERR(uid_keyring); 81 goto error; 82 } 83 } 84 85 /* get a default session keyring (which might also exist 86 * already) */ 87 sprintf(buf, "_uid_ses.%u", uid); 88 89 session_keyring = find_keyring_by_name(buf, true); 90 if (IS_ERR(session_keyring)) { 91 session_keyring = 92 keyring_alloc(buf, user->uid, INVALID_GID, 93 cred, user_keyring_perm, 94 KEY_ALLOC_UID_KEYRING | 95 KEY_ALLOC_IN_QUOTA, 96 NULL, NULL); 97 if (IS_ERR(session_keyring)) { 98 ret = PTR_ERR(session_keyring); 99 goto error_release; 100 } 101 102 /* we install a link from the user session keyring to 103 * the user keyring */ 104 ret = key_link(session_keyring, uid_keyring); 105 if (ret < 0) 106 goto error_release_both; 107 } 108 109 /* install the keyrings */ 110 /* paired with READ_ONCE() */ 111 smp_store_release(&user->uid_keyring, uid_keyring); 112 /* paired with READ_ONCE() */ 113 smp_store_release(&user->session_keyring, session_keyring); 114 } 115 116 mutex_unlock(&key_user_keyring_mutex); 117 kleave(" = 0"); 118 return 0; 119 120 error_release_both: 121 key_put(session_keyring); 122 error_release: 123 key_put(uid_keyring); 124 error: 125 mutex_unlock(&key_user_keyring_mutex); 126 kleave(" = %d", ret); 127 return ret; 128 } 129 130 /* 131 * Install a thread keyring to the given credentials struct if it didn't have 132 * one already. This is allowed to overrun the quota. 133 * 134 * Return: 0 if a thread keyring is now present; -errno on failure. 135 */ 136 int install_thread_keyring_to_cred(struct cred *new) 137 { 138 struct key *keyring; 139 140 if (new->thread_keyring) 141 return 0; 142 143 keyring = keyring_alloc("_tid", new->uid, new->gid, new, 144 KEY_POS_ALL | KEY_USR_VIEW, 145 KEY_ALLOC_QUOTA_OVERRUN, 146 NULL, NULL); 147 if (IS_ERR(keyring)) 148 return PTR_ERR(keyring); 149 150 new->thread_keyring = keyring; 151 return 0; 152 } 153 154 /* 155 * Install a thread keyring to the current task if it didn't have one already. 156 * 157 * Return: 0 if a thread keyring is now present; -errno on failure. 158 */ 159 static int install_thread_keyring(void) 160 { 161 struct cred *new; 162 int ret; 163 164 new = prepare_creds(); 165 if (!new) 166 return -ENOMEM; 167 168 ret = install_thread_keyring_to_cred(new); 169 if (ret < 0) { 170 abort_creds(new); 171 return ret; 172 } 173 174 return commit_creds(new); 175 } 176 177 /* 178 * Install a process keyring to the given credentials struct if it didn't have 179 * one already. This is allowed to overrun the quota. 180 * 181 * Return: 0 if a process keyring is now present; -errno on failure. 182 */ 183 int install_process_keyring_to_cred(struct cred *new) 184 { 185 struct key *keyring; 186 187 if (new->process_keyring) 188 return 0; 189 190 keyring = keyring_alloc("_pid", new->uid, new->gid, new, 191 KEY_POS_ALL | KEY_USR_VIEW, 192 KEY_ALLOC_QUOTA_OVERRUN, 193 NULL, NULL); 194 if (IS_ERR(keyring)) 195 return PTR_ERR(keyring); 196 197 new->process_keyring = keyring; 198 return 0; 199 } 200 201 /* 202 * Install a process keyring to the current task if it didn't have one already. 203 * 204 * Return: 0 if a process keyring is now present; -errno on failure. 205 */ 206 static int install_process_keyring(void) 207 { 208 struct cred *new; 209 int ret; 210 211 new = prepare_creds(); 212 if (!new) 213 return -ENOMEM; 214 215 ret = install_process_keyring_to_cred(new); 216 if (ret < 0) { 217 abort_creds(new); 218 return ret; 219 } 220 221 return commit_creds(new); 222 } 223 224 /* 225 * Install the given keyring as the session keyring of the given credentials 226 * struct, replacing the existing one if any. If the given keyring is NULL, 227 * then install a new anonymous session keyring. 228 * @cred can not be in use by any task yet. 229 * 230 * Return: 0 on success; -errno on failure. 231 */ 232 int install_session_keyring_to_cred(struct cred *cred, struct key *keyring) 233 { 234 unsigned long flags; 235 struct key *old; 236 237 might_sleep(); 238 239 /* create an empty session keyring */ 240 if (!keyring) { 241 flags = KEY_ALLOC_QUOTA_OVERRUN; 242 if (cred->session_keyring) 243 flags = KEY_ALLOC_IN_QUOTA; 244 245 keyring = keyring_alloc("_ses", cred->uid, cred->gid, cred, 246 KEY_POS_ALL | KEY_USR_VIEW | KEY_USR_READ, 247 flags, NULL, NULL); 248 if (IS_ERR(keyring)) 249 return PTR_ERR(keyring); 250 } else { 251 __key_get(keyring); 252 } 253 254 /* install the keyring */ 255 old = cred->session_keyring; 256 cred->session_keyring = keyring; 257 258 if (old) 259 key_put(old); 260 261 return 0; 262 } 263 264 /* 265 * Install the given keyring as the session keyring of the current task, 266 * replacing the existing one if any. If the given keyring is NULL, then 267 * install a new anonymous session keyring. 268 * 269 * Return: 0 on success; -errno on failure. 270 */ 271 static int install_session_keyring(struct key *keyring) 272 { 273 struct cred *new; 274 int ret; 275 276 new = prepare_creds(); 277 if (!new) 278 return -ENOMEM; 279 280 ret = install_session_keyring_to_cred(new, keyring); 281 if (ret < 0) { 282 abort_creds(new); 283 return ret; 284 } 285 286 return commit_creds(new); 287 } 288 289 /* 290 * Handle the fsuid changing. 291 */ 292 void key_fsuid_changed(struct task_struct *tsk) 293 { 294 /* update the ownership of the thread keyring */ 295 BUG_ON(!tsk->cred); 296 if (tsk->cred->thread_keyring) { 297 down_write(&tsk->cred->thread_keyring->sem); 298 tsk->cred->thread_keyring->uid = tsk->cred->fsuid; 299 up_write(&tsk->cred->thread_keyring->sem); 300 } 301 } 302 303 /* 304 * Handle the fsgid changing. 305 */ 306 void key_fsgid_changed(struct task_struct *tsk) 307 { 308 /* update the ownership of the thread keyring */ 309 BUG_ON(!tsk->cred); 310 if (tsk->cred->thread_keyring) { 311 down_write(&tsk->cred->thread_keyring->sem); 312 tsk->cred->thread_keyring->gid = tsk->cred->fsgid; 313 up_write(&tsk->cred->thread_keyring->sem); 314 } 315 } 316 317 /* 318 * Search the process keyrings attached to the supplied cred for the first 319 * matching key. 320 * 321 * The search criteria are the type and the match function. The description is 322 * given to the match function as a parameter, but doesn't otherwise influence 323 * the search. Typically the match function will compare the description 324 * parameter to the key's description. 325 * 326 * This can only search keyrings that grant Search permission to the supplied 327 * credentials. Keyrings linked to searched keyrings will also be searched if 328 * they grant Search permission too. Keys can only be found if they grant 329 * Search permission to the credentials. 330 * 331 * Returns a pointer to the key with the key usage count incremented if 332 * successful, -EAGAIN if we didn't find any matching key or -ENOKEY if we only 333 * matched negative keys. 334 * 335 * In the case of a successful return, the possession attribute is set on the 336 * returned key reference. 337 */ 338 key_ref_t search_my_process_keyrings(struct keyring_search_context *ctx) 339 { 340 key_ref_t key_ref, ret, err; 341 const struct cred *cred = ctx->cred; 342 343 /* we want to return -EAGAIN or -ENOKEY if any of the keyrings were 344 * searchable, but we failed to find a key or we found a negative key; 345 * otherwise we want to return a sample error (probably -EACCES) if 346 * none of the keyrings were searchable 347 * 348 * in terms of priority: success > -ENOKEY > -EAGAIN > other error 349 */ 350 key_ref = NULL; 351 ret = NULL; 352 err = ERR_PTR(-EAGAIN); 353 354 /* search the thread keyring first */ 355 if (cred->thread_keyring) { 356 key_ref = keyring_search_aux( 357 make_key_ref(cred->thread_keyring, 1), ctx); 358 if (!IS_ERR(key_ref)) 359 goto found; 360 361 switch (PTR_ERR(key_ref)) { 362 case -EAGAIN: /* no key */ 363 case -ENOKEY: /* negative key */ 364 ret = key_ref; 365 break; 366 default: 367 err = key_ref; 368 break; 369 } 370 } 371 372 /* search the process keyring second */ 373 if (cred->process_keyring) { 374 key_ref = keyring_search_aux( 375 make_key_ref(cred->process_keyring, 1), ctx); 376 if (!IS_ERR(key_ref)) 377 goto found; 378 379 switch (PTR_ERR(key_ref)) { 380 case -EAGAIN: /* no key */ 381 if (ret) 382 break; 383 /* fall through */ 384 case -ENOKEY: /* negative key */ 385 ret = key_ref; 386 break; 387 default: 388 err = key_ref; 389 break; 390 } 391 } 392 393 /* search the session keyring */ 394 if (cred->session_keyring) { 395 key_ref = keyring_search_aux( 396 make_key_ref(cred->session_keyring, 1), ctx); 397 398 if (!IS_ERR(key_ref)) 399 goto found; 400 401 switch (PTR_ERR(key_ref)) { 402 case -EAGAIN: /* no key */ 403 if (ret) 404 break; 405 /* fall through */ 406 case -ENOKEY: /* negative key */ 407 ret = key_ref; 408 break; 409 default: 410 err = key_ref; 411 break; 412 } 413 } 414 /* or search the user-session keyring */ 415 else if (READ_ONCE(cred->user->session_keyring)) { 416 key_ref = keyring_search_aux( 417 make_key_ref(READ_ONCE(cred->user->session_keyring), 1), 418 ctx); 419 if (!IS_ERR(key_ref)) 420 goto found; 421 422 switch (PTR_ERR(key_ref)) { 423 case -EAGAIN: /* no key */ 424 if (ret) 425 break; 426 /* fall through */ 427 case -ENOKEY: /* negative key */ 428 ret = key_ref; 429 break; 430 default: 431 err = key_ref; 432 break; 433 } 434 } 435 436 /* no key - decide on the error we're going to go for */ 437 key_ref = ret ? ret : err; 438 439 found: 440 return key_ref; 441 } 442 443 /* 444 * Search the process keyrings attached to the supplied cred for the first 445 * matching key in the manner of search_my_process_keyrings(), but also search 446 * the keys attached to the assumed authorisation key using its credentials if 447 * one is available. 448 * 449 * Return same as search_my_process_keyrings(). 450 */ 451 key_ref_t search_process_keyrings(struct keyring_search_context *ctx) 452 { 453 struct request_key_auth *rka; 454 key_ref_t key_ref, ret = ERR_PTR(-EACCES), err; 455 456 might_sleep(); 457 458 key_ref = search_my_process_keyrings(ctx); 459 if (!IS_ERR(key_ref)) 460 goto found; 461 err = key_ref; 462 463 /* if this process has an instantiation authorisation key, then we also 464 * search the keyrings of the process mentioned there 465 * - we don't permit access to request_key auth keys via this method 466 */ 467 if (ctx->cred->request_key_auth && 468 ctx->cred == current_cred() && 469 ctx->index_key.type != &key_type_request_key_auth 470 ) { 471 const struct cred *cred = ctx->cred; 472 473 /* defend against the auth key being revoked */ 474 down_read(&cred->request_key_auth->sem); 475 476 if (key_validate(ctx->cred->request_key_auth) == 0) { 477 rka = ctx->cred->request_key_auth->payload.data[0]; 478 479 ctx->cred = rka->cred; 480 key_ref = search_process_keyrings(ctx); 481 ctx->cred = cred; 482 483 up_read(&cred->request_key_auth->sem); 484 485 if (!IS_ERR(key_ref)) 486 goto found; 487 488 ret = key_ref; 489 } else { 490 up_read(&cred->request_key_auth->sem); 491 } 492 } 493 494 /* no key - decide on the error we're going to go for */ 495 if (err == ERR_PTR(-ENOKEY) || ret == ERR_PTR(-ENOKEY)) 496 key_ref = ERR_PTR(-ENOKEY); 497 else if (err == ERR_PTR(-EACCES)) 498 key_ref = ret; 499 else 500 key_ref = err; 501 502 found: 503 return key_ref; 504 } 505 506 /* 507 * See if the key we're looking at is the target key. 508 */ 509 bool lookup_user_key_possessed(const struct key *key, 510 const struct key_match_data *match_data) 511 { 512 return key == match_data->raw_data; 513 } 514 515 /* 516 * Look up a key ID given us by userspace with a given permissions mask to get 517 * the key it refers to. 518 * 519 * Flags can be passed to request that special keyrings be created if referred 520 * to directly, to permit partially constructed keys to be found and to skip 521 * validity and permission checks on the found key. 522 * 523 * Returns a pointer to the key with an incremented usage count if successful; 524 * -EINVAL if the key ID is invalid; -ENOKEY if the key ID does not correspond 525 * to a key or the best found key was a negative key; -EKEYREVOKED or 526 * -EKEYEXPIRED if the best found key was revoked or expired; -EACCES if the 527 * found key doesn't grant the requested permit or the LSM denied access to it; 528 * or -ENOMEM if a special keyring couldn't be created. 529 * 530 * In the case of a successful return, the possession attribute is set on the 531 * returned key reference. 532 */ 533 key_ref_t lookup_user_key(key_serial_t id, unsigned long lflags, 534 key_perm_t perm) 535 { 536 struct keyring_search_context ctx = { 537 .match_data.cmp = lookup_user_key_possessed, 538 .match_data.lookup_type = KEYRING_SEARCH_LOOKUP_DIRECT, 539 .flags = KEYRING_SEARCH_NO_STATE_CHECK, 540 }; 541 struct request_key_auth *rka; 542 struct key *key; 543 key_ref_t key_ref, skey_ref; 544 int ret; 545 546 try_again: 547 ctx.cred = get_current_cred(); 548 key_ref = ERR_PTR(-ENOKEY); 549 550 switch (id) { 551 case KEY_SPEC_THREAD_KEYRING: 552 if (!ctx.cred->thread_keyring) { 553 if (!(lflags & KEY_LOOKUP_CREATE)) 554 goto error; 555 556 ret = install_thread_keyring(); 557 if (ret < 0) { 558 key_ref = ERR_PTR(ret); 559 goto error; 560 } 561 goto reget_creds; 562 } 563 564 key = ctx.cred->thread_keyring; 565 __key_get(key); 566 key_ref = make_key_ref(key, 1); 567 break; 568 569 case KEY_SPEC_PROCESS_KEYRING: 570 if (!ctx.cred->process_keyring) { 571 if (!(lflags & KEY_LOOKUP_CREATE)) 572 goto error; 573 574 ret = install_process_keyring(); 575 if (ret < 0) { 576 key_ref = ERR_PTR(ret); 577 goto error; 578 } 579 goto reget_creds; 580 } 581 582 key = ctx.cred->process_keyring; 583 __key_get(key); 584 key_ref = make_key_ref(key, 1); 585 break; 586 587 case KEY_SPEC_SESSION_KEYRING: 588 if (!ctx.cred->session_keyring) { 589 /* always install a session keyring upon access if one 590 * doesn't exist yet */ 591 ret = install_user_keyrings(); 592 if (ret < 0) 593 goto error; 594 if (lflags & KEY_LOOKUP_CREATE) 595 ret = join_session_keyring(NULL); 596 else 597 ret = install_session_keyring( 598 ctx.cred->user->session_keyring); 599 600 if (ret < 0) 601 goto error; 602 goto reget_creds; 603 } else if (ctx.cred->session_keyring == 604 READ_ONCE(ctx.cred->user->session_keyring) && 605 lflags & KEY_LOOKUP_CREATE) { 606 ret = join_session_keyring(NULL); 607 if (ret < 0) 608 goto error; 609 goto reget_creds; 610 } 611 612 key = ctx.cred->session_keyring; 613 __key_get(key); 614 key_ref = make_key_ref(key, 1); 615 break; 616 617 case KEY_SPEC_USER_KEYRING: 618 if (!READ_ONCE(ctx.cred->user->uid_keyring)) { 619 ret = install_user_keyrings(); 620 if (ret < 0) 621 goto error; 622 } 623 624 key = ctx.cred->user->uid_keyring; 625 __key_get(key); 626 key_ref = make_key_ref(key, 1); 627 break; 628 629 case KEY_SPEC_USER_SESSION_KEYRING: 630 if (!READ_ONCE(ctx.cred->user->session_keyring)) { 631 ret = install_user_keyrings(); 632 if (ret < 0) 633 goto error; 634 } 635 636 key = ctx.cred->user->session_keyring; 637 __key_get(key); 638 key_ref = make_key_ref(key, 1); 639 break; 640 641 case KEY_SPEC_GROUP_KEYRING: 642 /* group keyrings are not yet supported */ 643 key_ref = ERR_PTR(-EINVAL); 644 goto error; 645 646 case KEY_SPEC_REQKEY_AUTH_KEY: 647 key = ctx.cred->request_key_auth; 648 if (!key) 649 goto error; 650 651 __key_get(key); 652 key_ref = make_key_ref(key, 1); 653 break; 654 655 case KEY_SPEC_REQUESTOR_KEYRING: 656 if (!ctx.cred->request_key_auth) 657 goto error; 658 659 down_read(&ctx.cred->request_key_auth->sem); 660 if (test_bit(KEY_FLAG_REVOKED, 661 &ctx.cred->request_key_auth->flags)) { 662 key_ref = ERR_PTR(-EKEYREVOKED); 663 key = NULL; 664 } else { 665 rka = ctx.cred->request_key_auth->payload.data[0]; 666 key = rka->dest_keyring; 667 __key_get(key); 668 } 669 up_read(&ctx.cred->request_key_auth->sem); 670 if (!key) 671 goto error; 672 key_ref = make_key_ref(key, 1); 673 break; 674 675 default: 676 key_ref = ERR_PTR(-EINVAL); 677 if (id < 1) 678 goto error; 679 680 key = key_lookup(id); 681 if (IS_ERR(key)) { 682 key_ref = ERR_CAST(key); 683 goto error; 684 } 685 686 key_ref = make_key_ref(key, 0); 687 688 /* check to see if we possess the key */ 689 ctx.index_key.type = key->type; 690 ctx.index_key.description = key->description; 691 ctx.index_key.desc_len = strlen(key->description); 692 ctx.match_data.raw_data = key; 693 kdebug("check possessed"); 694 skey_ref = search_process_keyrings(&ctx); 695 kdebug("possessed=%p", skey_ref); 696 697 if (!IS_ERR(skey_ref)) { 698 key_put(key); 699 key_ref = skey_ref; 700 } 701 702 break; 703 } 704 705 /* unlink does not use the nominated key in any way, so can skip all 706 * the permission checks as it is only concerned with the keyring */ 707 if (lflags & KEY_LOOKUP_FOR_UNLINK) { 708 ret = 0; 709 goto error; 710 } 711 712 if (!(lflags & KEY_LOOKUP_PARTIAL)) { 713 ret = wait_for_key_construction(key, true); 714 switch (ret) { 715 case -ERESTARTSYS: 716 goto invalid_key; 717 default: 718 if (perm) 719 goto invalid_key; 720 case 0: 721 break; 722 } 723 } else if (perm) { 724 ret = key_validate(key); 725 if (ret < 0) 726 goto invalid_key; 727 } 728 729 ret = -EIO; 730 if (!(lflags & KEY_LOOKUP_PARTIAL) && 731 key_read_state(key) == KEY_IS_UNINSTANTIATED) 732 goto invalid_key; 733 734 /* check the permissions */ 735 ret = key_task_permission(key_ref, ctx.cred, perm); 736 if (ret < 0) 737 goto invalid_key; 738 739 key->last_used_at = ktime_get_real_seconds(); 740 741 error: 742 put_cred(ctx.cred); 743 return key_ref; 744 745 invalid_key: 746 key_ref_put(key_ref); 747 key_ref = ERR_PTR(ret); 748 goto error; 749 750 /* if we attempted to install a keyring, then it may have caused new 751 * creds to be installed */ 752 reget_creds: 753 put_cred(ctx.cred); 754 goto try_again; 755 } 756 EXPORT_SYMBOL(lookup_user_key); 757 758 /* 759 * Join the named keyring as the session keyring if possible else attempt to 760 * create a new one of that name and join that. 761 * 762 * If the name is NULL, an empty anonymous keyring will be installed as the 763 * session keyring. 764 * 765 * Named session keyrings are joined with a semaphore held to prevent the 766 * keyrings from going away whilst the attempt is made to going them and also 767 * to prevent a race in creating compatible session keyrings. 768 */ 769 long join_session_keyring(const char *name) 770 { 771 const struct cred *old; 772 struct cred *new; 773 struct key *keyring; 774 long ret, serial; 775 776 new = prepare_creds(); 777 if (!new) 778 return -ENOMEM; 779 old = current_cred(); 780 781 /* if no name is provided, install an anonymous keyring */ 782 if (!name) { 783 ret = install_session_keyring_to_cred(new, NULL); 784 if (ret < 0) 785 goto error; 786 787 serial = new->session_keyring->serial; 788 ret = commit_creds(new); 789 if (ret == 0) 790 ret = serial; 791 goto okay; 792 } 793 794 /* allow the user to join or create a named keyring */ 795 mutex_lock(&key_session_mutex); 796 797 /* look for an existing keyring of this name */ 798 keyring = find_keyring_by_name(name, false); 799 if (PTR_ERR(keyring) == -ENOKEY) { 800 /* not found - try and create a new one */ 801 keyring = keyring_alloc( 802 name, old->uid, old->gid, old, 803 KEY_POS_ALL | KEY_USR_VIEW | KEY_USR_READ | KEY_USR_LINK, 804 KEY_ALLOC_IN_QUOTA, NULL, NULL); 805 if (IS_ERR(keyring)) { 806 ret = PTR_ERR(keyring); 807 goto error2; 808 } 809 } else if (IS_ERR(keyring)) { 810 ret = PTR_ERR(keyring); 811 goto error2; 812 } else if (keyring == new->session_keyring) { 813 ret = 0; 814 goto error3; 815 } 816 817 /* we've got a keyring - now to install it */ 818 ret = install_session_keyring_to_cred(new, keyring); 819 if (ret < 0) 820 goto error3; 821 822 commit_creds(new); 823 mutex_unlock(&key_session_mutex); 824 825 ret = keyring->serial; 826 key_put(keyring); 827 okay: 828 return ret; 829 830 error3: 831 key_put(keyring); 832 error2: 833 mutex_unlock(&key_session_mutex); 834 error: 835 abort_creds(new); 836 return ret; 837 } 838 839 /* 840 * Replace a process's session keyring on behalf of one of its children when 841 * the target process is about to resume userspace execution. 842 */ 843 void key_change_session_keyring(struct callback_head *twork) 844 { 845 const struct cred *old = current_cred(); 846 struct cred *new = container_of(twork, struct cred, rcu); 847 848 if (unlikely(current->flags & PF_EXITING)) { 849 put_cred(new); 850 return; 851 } 852 853 new-> uid = old-> uid; 854 new-> euid = old-> euid; 855 new-> suid = old-> suid; 856 new->fsuid = old->fsuid; 857 new-> gid = old-> gid; 858 new-> egid = old-> egid; 859 new-> sgid = old-> sgid; 860 new->fsgid = old->fsgid; 861 new->user = get_uid(old->user); 862 new->user_ns = get_user_ns(old->user_ns); 863 new->group_info = get_group_info(old->group_info); 864 865 new->securebits = old->securebits; 866 new->cap_inheritable = old->cap_inheritable; 867 new->cap_permitted = old->cap_permitted; 868 new->cap_effective = old->cap_effective; 869 new->cap_ambient = old->cap_ambient; 870 new->cap_bset = old->cap_bset; 871 872 new->jit_keyring = old->jit_keyring; 873 new->thread_keyring = key_get(old->thread_keyring); 874 new->process_keyring = key_get(old->process_keyring); 875 876 security_transfer_creds(new, old); 877 878 commit_creds(new); 879 } 880 881 /* 882 * Make sure that root's user and user-session keyrings exist. 883 */ 884 static int __init init_root_keyring(void) 885 { 886 return install_user_keyrings(); 887 } 888 889 late_initcall(init_root_keyring); 890