LXR linux/include/linux/key.h

   1/* SPDX-License-Identifier: GPL-2.0-or-later */
   2/* Authentication token and access key management
   3 *
   4 * Copyright (C) 2004, 2007 Red Hat, Inc. All Rights Reserved.
   5 * Written by David Howells (dhowells@redhat.com)
   6 *
   7 * See Documentation/security/keys/core.rst for information on keys/keyrings.
   8 */
   9
  10#ifndef _LINUX_KEY_H
  11#define _LINUX_KEY_H
  12
  13#include <linux/types.h>
  14#include <linux/list.h>
  15#include <linux/rbtree.h>
  16#include <linux/rcupdate.h>
  17#include <linux/sysctl.h>
  18#include <linux/rwsem.h>
  19#include <linux/atomic.h>
  20#include <linux/assoc_array.h>
  21#include <linux/refcount.h>
  22#include <linux/time64.h>
  23
  24#ifdef __KERNEL__
  25#include <linux/uidgid.h>
  26
  27/* key handle serial number */
  28typedef int32_t key_serial_t;
  29
  30/* key handle permissions mask */
  31typedef uint32_t key_perm_t;
  32
  33struct key;
  34
  35#ifdef CONFIG_KEYS
  36
  37#undef KEY_DEBUGGING
  38
  39#define KEY_POS_VIEW    0x01000000      /* possessor can view a key's attributes */
  40#define KEY_POS_READ    0x02000000      /* possessor can read key payload / view keyring */
  41#define KEY_POS_WRITE   0x04000000      /* possessor can update key payload / add link to keyring */
  42#define KEY_POS_SEARCH  0x08000000      /* possessor can find a key in search / search a keyring */
  43#define KEY_POS_LINK    0x10000000      /* possessor can create a link to a key/keyring */
  44#define KEY_POS_SETATTR 0x20000000      /* possessor can set key attributes */
  45#define KEY_POS_ALL     0x3f000000
  46
  47#define KEY_USR_VIEW    0x00010000      /* user permissions... */
  48#define KEY_USR_READ    0x00020000
  49#define KEY_USR_WRITE   0x00040000
  50#define KEY_USR_SEARCH  0x00080000
  51#define KEY_USR_LINK    0x00100000
  52#define KEY_USR_SETATTR 0x00200000
  53#define KEY_USR_ALL     0x003f0000
  54
  55#define KEY_GRP_VIEW    0x00000100      /* group permissions... */
  56#define KEY_GRP_READ    0x00000200
  57#define KEY_GRP_WRITE   0x00000400
  58#define KEY_GRP_SEARCH  0x00000800
  59#define KEY_GRP_LINK    0x00001000
  60#define KEY_GRP_SETATTR 0x00002000
  61#define KEY_GRP_ALL     0x00003f00
  62
  63#define KEY_OTH_VIEW    0x00000001      /* third party permissions... */
  64#define KEY_OTH_READ    0x00000002
  65#define KEY_OTH_WRITE   0x00000004
  66#define KEY_OTH_SEARCH  0x00000008
  67#define KEY_OTH_LINK    0x00000010
  68#define KEY_OTH_SETATTR 0x00000020
  69#define KEY_OTH_ALL     0x0000003f
  70
  71#define KEY_PERM_UNDEF  0xffffffff
  72
  73struct seq_file;
  74struct user_struct;
  75struct signal_struct;
  76struct cred;
  77
  78struct key_type;
  79struct key_owner;
  80struct keyring_list;
  81struct keyring_name;
  82
  83struct keyring_index_key {
  84        struct key_type         *type;
  85        const char              *description;
  86        size_t                  desc_len;
  87};
  88
  89union key_payload {
  90        void __rcu              *rcu_data0;
  91        void                    *data[4];
  92};
  93
  94/*****************************************************************************/
  95/*
  96 * key reference with possession attribute handling
  97 *
  98 * NOTE! key_ref_t is a typedef'd pointer to a type that is not actually
  99 * defined. This is because we abuse the bottom bit of the reference to carry a
 100 * flag to indicate whether the calling process possesses that key in one of
 101 * its keyrings.
 102 *
 103 * the key_ref_t has been made a separate type so that the compiler can reject
 104 * attempts to dereference it without proper conversion.
 105 *
 106 * the three functions are used to assemble and disassemble references
 107 */
 108typedef struct __key_reference_with_attributes *key_ref_t;
 109
 110static inline key_ref_t make_key_ref(const struct key *key,
 111                                     bool possession)
 112{
 113        return (key_ref_t) ((unsigned long) key | possession);
 114}
 115
 116static inline struct key *key_ref_to_ptr(const key_ref_t key_ref)
 117{
 118        return (struct key *) ((unsigned long) key_ref & ~1UL);
 119}
 120
 121static inline bool is_key_possessed(const key_ref_t key_ref)
 122{
 123        return (unsigned long) key_ref & 1UL;
 124}
 125
 126typedef int (*key_restrict_link_func_t)(struct key *dest_keyring,
 127                                        const struct key_type *type,
 128                                        const union key_payload *payload,
 129                                        struct key *restriction_key);
 130
 131struct key_restriction {
 132        key_restrict_link_func_t check;
 133        struct key *key;
 134        struct key_type *keytype;
 135};
 136
 137enum key_state {
 138        KEY_IS_UNINSTANTIATED,
 139        KEY_IS_POSITIVE,                /* Positively instantiated */
 140};
 141
 142/*****************************************************************************/
 143/*
 144 * authentication token / access credential / keyring
 145 * - types of key include:
 146 *   - keyrings
 147 *   - disk encryption IDs
 148 *   - Kerberos TGTs and tickets
 149 */
 150struct key {
 151        refcount_t              usage;          /* number of references */
 152        key_serial_t            serial;         /* key serial number */
 153        union {
 154                struct list_head graveyard_link;
 155                struct rb_node  serial_node;
 156        };
 157        struct rw_semaphore     sem;            /* change vs change sem */
 158        struct key_user         *user;          /* owner of this key */
 159        void                    *security;      /* security data for this key */
 160        union {
 161                time64_t        expiry;         /* time at which key expires (or 0) */
 162                time64_t        revoked_at;     /* time at which key was revoked */
 163        };
 164        time64_t                last_used_at;   /* last time used for LRU keyring discard */
 165        kuid_t                  uid;
 166        kgid_t                  gid;
 167        key_perm_t              perm;           /* access permissions */
 168        unsigned short          quotalen;       /* length added to quota */
 169        unsigned short          datalen;        /* payload data length
 170                                                 * - may not match RCU dereferenced payload
 171                                                 * - payload should contain own length
 172                                                 */
 173        short                   state;          /* Key state (+) or rejection error (-) */
 174
 175#ifdef KEY_DEBUGGING
 176        unsigned                magic;
 177#define KEY_DEBUG_MAGIC         0x18273645u
 178#endif
 179
 180        unsigned long           flags;          /* status flags (change with bitops) */
 181#define KEY_FLAG_DEAD           0       /* set if key type has been deleted */
 182#define KEY_FLAG_REVOKED        1       /* set if key had been revoked */
 183#define KEY_FLAG_IN_QUOTA       2       /* set if key consumes quota */
 184#define KEY_FLAG_USER_CONSTRUCT 3       /* set if key is being constructed in userspace */
 185#define KEY_FLAG_ROOT_CAN_CLEAR 4       /* set if key can be cleared by root without permission */
 186#define KEY_FLAG_INVALIDATED    5       /* set if key has been invalidated */
 187#define KEY_FLAG_BUILTIN        6       /* set if key is built in to the kernel */
 188#define KEY_FLAG_ROOT_CAN_INVAL 7       /* set if key can be invalidated by root without permission */
 189#define KEY_FLAG_KEEP           8       /* set if key should not be removed */
 190#define KEY_FLAG_UID_KEYRING    9       /* set if key is a user or user session keyring */
 191
 192        /* the key type and key description string
 193         * - the desc is used to match a key against search criteria
 194         * - it should be a printable string
 195         * - eg: for krb5 AFS, this might be "afs@REDHAT.COM"
 196         */
 197        union {
 198                struct keyring_index_key index_key;
 199                struct {
 200                        struct key_type *type;          /* type of key */
 201                        char            *description;
 202                };
 203        };
 204
 205        /* key data
 206         * - this is used to hold the data actually used in cryptography or
 207         *   whatever
 208         */
 209        union {
 210                union key_payload payload;
 211                struct {
 212                        /* Keyring bits */
 213                        struct list_head name_link;
 214                        struct assoc_array keys;
 215                };
 216        };
 217
 218        /* This is set on a keyring to restrict the addition of a link to a key
 219         * to it.  If this structure isn't provided then it is assumed that the
 220         * keyring is open to any addition.  It is ignored for non-keyring
 221         * keys. Only set this value using keyring_restrict(), keyring_alloc(),
 222         * or key_alloc().
 223         *
 224         * This is intended for use with rings of trusted keys whereby addition
 225         * to the keyring needs to be controlled.  KEY_ALLOC_BYPASS_RESTRICTION
 226         * overrides this, allowing the kernel to add extra keys without
 227         * restriction.
 228         */
 229        struct key_restriction *restrict_link;
 230};
 231
 232extern struct key *key_alloc(struct key_type *type,
 233                             const char *desc,
 234                             kuid_t uid, kgid_t gid,
 235                             const struct cred *cred,
 236                             key_perm_t perm,
 237                             unsigned long flags,
 238                             struct key_restriction *restrict_link);
 239
 240
 241#define KEY_ALLOC_IN_QUOTA              0x0000  /* add to quota, reject if would overrun */
 242#define KEY_ALLOC_QUOTA_OVERRUN         0x0001  /* add to quota, permit even if overrun */
 243#define KEY_ALLOC_NOT_IN_QUOTA          0x0002  /* not in quota */
 244#define KEY_ALLOC_BUILT_IN              0x0004  /* Key is built into kernel */
 245#define KEY_ALLOC_BYPASS_RESTRICTION    0x0008  /* Override the check on restricted keyrings */
 246#define KEY_ALLOC_UID_KEYRING           0x0010  /* allocating a user or user session keyring */
 247
 248extern void key_revoke(struct key *key);
 249extern void key_invalidate(struct key *key);
 250extern void key_put(struct key *key);
 251
 252static inline struct key *__key_get(struct key *key)
 253{
 254        refcount_inc(&key->usage);
 255        return key;
 256}
 257
 258static inline struct key *key_get(struct key *key)
 259{
 260        return key ? __key_get(key) : key;
 261}
 262
 263static inline void key_ref_put(key_ref_t key_ref)
 264{
 265        key_put(key_ref_to_ptr(key_ref));
 266}
 267
 268extern struct key *request_key(struct key_type *type,
 269                               const char *description,
 270                               const char *callout_info);
 271
 272extern struct key *request_key_with_auxdata(struct key_type *type,
 273                                            const char *description,
 274                                            const void *callout_info,
 275                                            size_t callout_len,
 276                                            void *aux);
 277
 278extern struct key *request_key_async(struct key_type *type,
 279                                     const char *description,
 280                                     const void *callout_info,
 281                                     size_t callout_len);
 282
 283extern struct key *request_key_async_with_auxdata(struct key_type *type,
 284                                                  const char *description,
 285                                                  const void *callout_info,
 286                                                  size_t callout_len,
 287                                                  void *aux);
 288
 289extern int wait_for_key_construction(struct key *key, bool intr);
 290
 291extern int key_validate(const struct key *key);
 292
 293extern key_ref_t key_create_or_update(key_ref_t keyring,
 294                                      const char *type,
 295                                      const char *description,
 296                                      const void *payload,
 297                                      size_t plen,
 298                                      key_perm_t perm,
 299                                      unsigned long flags);
 300
 301extern int key_update(key_ref_t key,
 302                      const void *payload,
 303                      size_t plen);
 304
 305extern int key_link(struct key *keyring,
 306                    struct key *key);
 307
 308extern int key_unlink(struct key *keyring,
 309                      struct key *key);
 310
 311extern struct key *keyring_alloc(const char *description, kuid_t uid, kgid_t gid,
 312                                 const struct cred *cred,
 313                                 key_perm_t perm,
 314                                 unsigned long flags,
 315                                 struct key_restriction *restrict_link,
 316                                 struct key *dest);
 317
 318extern int restrict_link_reject(struct key *keyring,
 319                                const struct key_type *type,
 320                                const union key_payload *payload,
 321                                struct key *restriction_key);
 322
 323extern int keyring_clear(struct key *keyring);
 324
 325extern key_ref_t keyring_search(key_ref_t keyring,
 326                                struct key_type *type,
 327                                const char *description);
 328
 329extern int keyring_add_key(struct key *keyring,
 330                           struct key *key);
 331
 332extern int keyring_restrict(key_ref_t keyring, const char *type,
 333                            const char *restriction);
 334
 335extern struct key *key_lookup(key_serial_t id);
 336
 337static inline key_serial_t key_serial(const struct key *key)
 338{
 339        return key ? key->serial : 0;
 340}
 341
 342extern void key_set_timeout(struct key *, unsigned);
 343
 344extern key_ref_t lookup_user_key(key_serial_t id, unsigned long flags,
 345                                 key_perm_t perm);
 346
 347/*
 348 * The permissions required on a key that we're looking up.
 349 */
 350#define KEY_NEED_VIEW   0x01    /* Require permission to view attributes */
 351#define KEY_NEED_READ   0x02    /* Require permission to read content */
 352#define KEY_NEED_WRITE  0x04    /* Require permission to update / modify */
 353#define KEY_NEED_SEARCH 0x08    /* Require permission to search (keyring) or find (key) */
 354#define KEY_NEED_LINK   0x10    /* Require permission to link */
 355#define KEY_NEED_SETATTR 0x20   /* Require permission to change attributes */
 356#define KEY_NEED_ALL    0x3f    /* All the above permissions */
 357
 358static inline short key_read_state(const struct key *key)
 359{
 360        /* Barrier versus mark_key_instantiated(). */
 361        return smp_load_acquire(&key->state);
 362}
 363
 364/**
 365 * key_is_positive - Determine if a key has been positively instantiated
 366 * @key: The key to check.
 367 *
 368 * Return true if the specified key has been positively instantiated, false
 369 * otherwise.
 370 */
 371static inline bool key_is_positive(const struct key *key)
 372{
 373        return key_read_state(key) == KEY_IS_POSITIVE;
 374}
 375
 376static inline bool key_is_negative(const struct key *key)
 377{
 378        return key_read_state(key) < 0;
 379}
 380
 381#define dereference_key_rcu(KEY)                                        \
 382        (rcu_dereference((KEY)->payload.rcu_data0))
 383
 384#define dereference_key_locked(KEY)                                     \
 385        (rcu_dereference_protected((KEY)->payload.rcu_data0,            \
 386                                   rwsem_is_locked(&((struct key *)(KEY))->sem)))
 387
 388#define rcu_assign_keypointer(KEY, PAYLOAD)                             \
 389do {                                                                    \
 390        rcu_assign_pointer((KEY)->payload.rcu_data0, (PAYLOAD));        \
 391} while (0)
 392
 393#ifdef CONFIG_SYSCTL
 394extern struct ctl_table key_sysctls[];
 395#endif
 396/*
 397 * the userspace interface
 398 */
 399extern int install_thread_keyring_to_cred(struct cred *cred);
 400extern void key_fsuid_changed(struct task_struct *tsk);
 401extern void key_fsgid_changed(struct task_struct *tsk);
 402extern void key_init(void);
 403
 404#else /* CONFIG_KEYS */
 405
 406#define key_validate(k)                 0
 407#define key_serial(k)                   0
 408#define key_get(k)                      ({ NULL; })
 409#define key_revoke(k)                   do { } while(0)
 410#define key_invalidate(k)               do { } while(0)
 411#define key_put(k)                      do { } while(0)
 412#define key_ref_put(k)                  do { } while(0)
 413#define make_key_ref(k, p)              NULL
 414#define key_ref_to_ptr(k)               NULL
 415#define is_key_possessed(k)             0
 416#define key_fsuid_changed(t)            do { } while(0)
 417#define key_fsgid_changed(t)            do { } while(0)
 418#define key_init()                      do { } while(0)
 419
 420#endif /* CONFIG_KEYS */
 421#endif /* __KERNEL__ */
 422#endif /* _LINUX_KEY_H */
 423