summaryrefslogtreecommitdiffstats
path: root/include/linux/key-ui.h
diff options
context:
space:
mode:
Diffstat (limited to 'include/linux/key-ui.h')
-rw-r--r--include/linux/key-ui.h47
1 files changed, 43 insertions, 4 deletions
diff --git a/include/linux/key-ui.h b/include/linux/key-ui.h
index 60cc7b762e78..cc326174a808 100644
--- a/include/linux/key-ui.h
+++ b/include/linux/key-ui.h
@@ -1,4 +1,4 @@
-/* key-ui.h: key userspace interface stuff for use by keyfs
+/* key-ui.h: key userspace interface stuff
*
* Copyright (C) 2004 Red Hat, Inc. All Rights Reserved.
* Written by David Howells (dhowells@redhat.com)
@@ -31,8 +31,10 @@ extern spinlock_t key_serial_lock;
* subscribed
*/
struct keyring_list {
- unsigned maxkeys; /* max keys this list can hold */
- unsigned nkeys; /* number of keys currently held */
+ struct rcu_head rcu; /* RCU deletion hook */
+ unsigned short maxkeys; /* max keys this list can hold */
+ unsigned short nkeys; /* number of keys currently held */
+ unsigned short delkey; /* key to be unlinked by RCU */
struct key *keys[0];
};
@@ -82,8 +84,45 @@ static inline int key_any_permission(const struct key *key, key_perm_t perm)
return kperm != 0;
}
+static inline int key_task_groups_search(struct task_struct *tsk, gid_t gid)
+{
+ int ret;
+
+ task_lock(tsk);
+ ret = groups_search(tsk->group_info, gid);
+ task_unlock(tsk);
+ return ret;
+}
+
+static inline int key_task_permission(const struct key *key,
+ struct task_struct *context,
+ key_perm_t perm)
+{
+ key_perm_t kperm;
+
+ if (key->uid == context->fsuid) {
+ kperm = key->perm >> 16;
+ }
+ else if (key->gid != -1 &&
+ key->perm & KEY_GRP_ALL && (
+ key->gid == context->fsgid ||
+ key_task_groups_search(context, key->gid)
+ )
+ ) {
+ kperm = key->perm >> 8;
+ }
+ else {
+ kperm = key->perm;
+ }
+
+ kperm = kperm & perm & KEY_ALL;
+
+ return kperm == perm;
+
+}
-extern struct key *lookup_user_key(key_serial_t id, int create, int part,
+extern struct key *lookup_user_key(struct task_struct *context,
+ key_serial_t id, int create, int partial,
key_perm_t perm);
extern long join_session_keyring(const char *name);