diff options
-rw-r--r-- | include/keys/user-type.h | 47 | ||||
-rw-r--r-- | security/keys/user_defined.c | 49 |
2 files changed, 71 insertions, 25 deletions
diff --git a/include/keys/user-type.h b/include/keys/user-type.h new file mode 100644 index 000000000000..26f6ec38577a --- /dev/null +++ b/include/keys/user-type.h @@ -0,0 +1,47 @@ +/* user-type.h: User-defined key type + * + * Copyright (C) 2005 Red Hat, Inc. All Rights Reserved. + * Written by David Howells (dhowells@redhat.com) + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version + * 2 of the License, or (at your option) any later version. + */ + +#ifndef _KEYS_USER_TYPE_H +#define _KEYS_USER_TYPE_H + +#include <linux/key.h> +#include <linux/rcupdate.h> + +/*****************************************************************************/ +/* + * the payload for a key of type "user" + * - once filled in and attached to a key: + * - the payload struct is invariant may not be changed, only replaced + * - the payload must be read with RCU procedures or with the key semaphore + * held + * - the payload may only be replaced with the key semaphore write-locked + * - the key's data length is the size of the actual data, not including the + * payload wrapper + */ +struct user_key_payload { + struct rcu_head rcu; /* RCU destructor */ + unsigned short datalen; /* length of this data */ + char data[0]; /* actual data */ +}; + +extern struct key_type key_type_user; + +extern int user_instantiate(struct key *key, const void *data, size_t datalen); +extern int user_duplicate(struct key *key, const struct key *source); +extern int user_update(struct key *key, const void *data, size_t datalen); +extern int user_match(const struct key *key, const void *criterion); +extern void user_destroy(struct key *key); +extern void user_describe(const struct key *user, struct seq_file *m); +extern long user_read(const struct key *key, + char __user *buffer, size_t buflen); + + +#endif /* _KEYS_USER_TYPE_H */ diff --git a/security/keys/user_defined.c b/security/keys/user_defined.c index e446acba73d3..cbda3b2780a1 100644 --- a/security/keys/user_defined.c +++ b/security/keys/user_defined.c @@ -15,18 +15,10 @@ #include <linux/slab.h> #include <linux/seq_file.h> #include <linux/err.h> +#include <keys/user-type.h> #include <asm/uaccess.h> #include "internal.h" -static int user_instantiate(struct key *key, const void *data, size_t datalen); -static int user_duplicate(struct key *key, const struct key *source); -static int user_update(struct key *key, const void *data, size_t datalen); -static int user_match(const struct key *key, const void *criterion); -static void user_destroy(struct key *key); -static void user_describe(const struct key *user, struct seq_file *m); -static long user_read(const struct key *key, - char __user *buffer, size_t buflen); - /* * user defined keys take an arbitrary string as the description and an * arbitrary blob of data as the payload @@ -42,19 +34,13 @@ struct key_type key_type_user = { .read = user_read, }; -struct user_key_payload { - struct rcu_head rcu; /* RCU destructor */ - unsigned short datalen; /* length of this data */ - char data[0]; /* actual data */ -}; - EXPORT_SYMBOL_GPL(key_type_user); /*****************************************************************************/ /* * instantiate a user defined key */ -static int user_instantiate(struct key *key, const void *data, size_t datalen) +int user_instantiate(struct key *key, const void *data, size_t datalen) { struct user_key_payload *upayload; int ret; @@ -78,18 +64,20 @@ static int user_instantiate(struct key *key, const void *data, size_t datalen) rcu_assign_pointer(key->payload.data, upayload); ret = 0; - error: +error: return ret; } /* end user_instantiate() */ +EXPORT_SYMBOL_GPL(user_instantiate); + /*****************************************************************************/ /* * duplicate a user defined key * - both keys' semaphores are locked against further modification * - the new key cannot yet be accessed */ -static int user_duplicate(struct key *key, const struct key *source) +int user_duplicate(struct key *key, const struct key *source) { struct user_key_payload *upayload, *spayload; int ret; @@ -112,6 +100,8 @@ static int user_duplicate(struct key *key, const struct key *source) } /* end user_duplicate() */ +EXPORT_SYMBOL_GPL(user_duplicate); + /*****************************************************************************/ /* * dispose of the old data from an updated user defined key @@ -131,7 +121,7 @@ static void user_update_rcu_disposal(struct rcu_head *rcu) * update a user defined key * - the key's semaphore is write-locked */ -static int user_update(struct key *key, const void *data, size_t datalen) +int user_update(struct key *key, const void *data, size_t datalen) { struct user_key_payload *upayload, *zap; int ret; @@ -163,26 +153,30 @@ static int user_update(struct key *key, const void *data, size_t datalen) call_rcu(&zap->rcu, user_update_rcu_disposal); - error: +error: return ret; } /* end user_update() */ +EXPORT_SYMBOL_GPL(user_update); + /*****************************************************************************/ /* * match users on their name */ -static int user_match(const struct key *key, const void *description) +int user_match(const struct key *key, const void *description) { return strcmp(key->description, description) == 0; } /* end user_match() */ +EXPORT_SYMBOL_GPL(user_match); + /*****************************************************************************/ /* * dispose of the data dangling from the corpse of a user */ -static void user_destroy(struct key *key) +void user_destroy(struct key *key) { struct user_key_payload *upayload = key->payload.data; @@ -190,11 +184,13 @@ static void user_destroy(struct key *key) } /* end user_destroy() */ +EXPORT_SYMBOL_GPL(user_destroy); + /*****************************************************************************/ /* * describe the user key */ -static void user_describe(const struct key *key, struct seq_file *m) +void user_describe(const struct key *key, struct seq_file *m) { seq_puts(m, key->description); @@ -202,13 +198,14 @@ static void user_describe(const struct key *key, struct seq_file *m) } /* end user_describe() */ +EXPORT_SYMBOL_GPL(user_describe); + /*****************************************************************************/ /* * read the key data * - the key's semaphore is read-locked */ -static long user_read(const struct key *key, - char __user *buffer, size_t buflen) +long user_read(const struct key *key, char __user *buffer, size_t buflen) { struct user_key_payload *upayload; long ret; @@ -228,3 +225,5 @@ static long user_read(const struct key *key, return ret; } /* end user_read() */ + +EXPORT_SYMBOL_GPL(user_read); |