LXR linux/security/keys/compat.c

   1// SPDX-License-Identifier: GPL-2.0-or-later
   2/* 32-bit compatibility syscall for 64-bit systems
   3 *
   4 * Copyright (C) 2004-5 Red Hat, Inc. All Rights Reserved.
   5 * Written by David Howells (dhowells@redhat.com)
   6 */
   7
   8#include <linux/syscalls.h>
   9#include <linux/keyctl.h>
  10#include <linux/compat.h>
  11#include <linux/slab.h>
  12#include "internal.h"
  13
  14/*
  15 * Instantiate a key with the specified compatibility multipart payload and
  16 * link the key into the destination keyring if one is given.
  17 *
  18 * The caller must have the appropriate instantiation permit set for this to
  19 * work (see keyctl_assume_authority).  No other permissions are required.
  20 *
  21 * If successful, 0 will be returned.
  22 */
  23static long compat_keyctl_instantiate_key_iov(
  24        key_serial_t id,
  25        const struct compat_iovec __user *_payload_iov,
  26        unsigned ioc,
  27        key_serial_t ringid)
  28{
  29        struct iovec iovstack[UIO_FASTIOV], *iov = iovstack;
  30        struct iov_iter from;
  31        long ret;
  32
  33        if (!_payload_iov)
  34                ioc = 0;
  35
  36        ret = compat_import_iovec(WRITE, _payload_iov, ioc,
  37                                  ARRAY_SIZE(iovstack), &iov,
  38                                  &from);
  39        if (ret < 0)
  40                return ret;
  41
  42        ret = keyctl_instantiate_key_common(id, &from, ringid);
  43        kfree(iov);
  44        return ret;
  45}
  46
  47/*
  48 * The key control system call, 32-bit compatibility version for 64-bit archs
  49 */
  50COMPAT_SYSCALL_DEFINE5(keyctl, u32, option,
  51                       u32, arg2, u32, arg3, u32, arg4, u32, arg5)
  52{
  53        switch (option) {
  54        case KEYCTL_GET_KEYRING_ID:
  55                return keyctl_get_keyring_ID(arg2, arg3);
  56
  57        case KEYCTL_JOIN_SESSION_KEYRING:
  58                return keyctl_join_session_keyring(compat_ptr(arg2));
  59
  60        case KEYCTL_UPDATE:
  61                return keyctl_update_key(arg2, compat_ptr(arg3), arg4);
  62
  63        case KEYCTL_REVOKE:
  64                return keyctl_revoke_key(arg2);
  65
  66        case KEYCTL_DESCRIBE:
  67                return keyctl_describe_key(arg2, compat_ptr(arg3), arg4);
  68
  69        case KEYCTL_CLEAR:
  70                return keyctl_keyring_clear(arg2);
  71
  72        case KEYCTL_LINK:
  73                return keyctl_keyring_link(arg2, arg3);
  74
  75        case KEYCTL_UNLINK:
  76                return keyctl_keyring_unlink(arg2, arg3);
  77
  78        case KEYCTL_SEARCH:
  79                return keyctl_keyring_search(arg2, compat_ptr(arg3),
  80                                             compat_ptr(arg4), arg5);
  81
  82        case KEYCTL_READ:
  83                return keyctl_read_key(arg2, compat_ptr(arg3), arg4);
  84
  85        case KEYCTL_CHOWN:
  86                return keyctl_chown_key(arg2, arg3, arg4);
  87
  88        case KEYCTL_SETPERM:
  89                return keyctl_setperm_key(arg2, arg3);
  90
  91        case KEYCTL_INSTANTIATE:
  92                return keyctl_instantiate_key(arg2, compat_ptr(arg3), arg4,
  93                                              arg5);
  94
  95        case KEYCTL_NEGATE:
  96                return keyctl_negate_key(arg2, arg3, arg4);
  97
  98        case KEYCTL_SET_REQKEY_KEYRING:
  99                return keyctl_set_reqkey_keyring(arg2);
 100
 101        case KEYCTL_SET_TIMEOUT:
 102                return keyctl_set_timeout(arg2, arg3);
 103
 104        case KEYCTL_ASSUME_AUTHORITY:
 105                return keyctl_assume_authority(arg2);
 106
 107        case KEYCTL_GET_SECURITY:
 108                return keyctl_get_security(arg2, compat_ptr(arg3), arg4);
 109
 110        case KEYCTL_SESSION_TO_PARENT:
 111                return keyctl_session_to_parent();
 112
 113        case KEYCTL_REJECT:
 114                return keyctl_reject_key(arg2, arg3, arg4, arg5);
 115
 116        case KEYCTL_INSTANTIATE_IOV:
 117                return compat_keyctl_instantiate_key_iov(
 118                        arg2, compat_ptr(arg3), arg4, arg5);
 119
 120        case KEYCTL_INVALIDATE:
 121                return keyctl_invalidate_key(arg2);
 122
 123        case KEYCTL_GET_PERSISTENT:
 124                return keyctl_get_persistent(arg2, arg3);
 125
 126        case KEYCTL_DH_COMPUTE:
 127                return compat_keyctl_dh_compute(compat_ptr(arg2),
 128                                                compat_ptr(arg3),
 129                                                arg4, compat_ptr(arg5));
 130
 131        case KEYCTL_RESTRICT_KEYRING:
 132                return keyctl_restrict_keyring(arg2, compat_ptr(arg3),
 133                                               compat_ptr(arg4));
 134
 135        case KEYCTL_PKEY_QUERY:
 136                if (arg3 != 0)
 137                        return -EINVAL;
 138                return keyctl_pkey_query(arg2,
 139                                         compat_ptr(arg4),
 140                                         compat_ptr(arg5));
 141
 142        case KEYCTL_PKEY_ENCRYPT:
 143        case KEYCTL_PKEY_DECRYPT:
 144        case KEYCTL_PKEY_SIGN:
 145                return keyctl_pkey_e_d_s(option,
 146                                         compat_ptr(arg2), compat_ptr(arg3),
 147                                         compat_ptr(arg4), compat_ptr(arg5));
 148
 149        case KEYCTL_PKEY_VERIFY:
 150                return keyctl_pkey_verify(compat_ptr(arg2), compat_ptr(arg3),
 151                                          compat_ptr(arg4), compat_ptr(arg5));
 152
 153        case KEYCTL_MOVE:
 154                return keyctl_keyring_move(arg2, arg3, arg4, arg5);
 155
 156        case KEYCTL_CAPABILITIES:
 157                return keyctl_capabilities(compat_ptr(arg2), arg3);
 158
 159        case KEYCTL_WATCH_KEY:
 160                return keyctl_watch_key(arg2, arg3, arg4);
 161
 162        default:
 163                return -EOPNOTSUPP;
 164        }
 165}
 166