1
// SPDX-License-Identifier: GPL-2.0-or-later
2
/* Request a key from userspace
3
 *
4
 * Copyright (C) 2004-2007 Red Hat, Inc. All Rights Reserved.
5
 * Written by David Howells ([email protected])
6
 *
7
 * See Documentation/security/keys/request-key.rst
8
 */
9

10
#include <linux/export.h>
11
#include <linux/sched.h>
12
#include <linux/kmod.h>
13
#include <linux/err.h>
14
#include <linux/keyctl.h>
15
#include <linux/slab.h>
16
#include <net/net_namespace.h>
17
#include "internal.h"
18
#include <keys/request_key_auth-type.h>
19

20
#define key_negative_timeout	60	/* default timeout on a negative key's existence */
21

22
static struct key *check_cached_key(struct keyring_search_context *ctx)
23
{
24
#ifdef CONFIG_KEYS_REQUEST_CACHE
25
	struct key *key = current->cached_requested_key;
26

27
	if (key &&
28
	    ctx->match_data.cmp(key, &ctx->match_data) &&
29
	    !(key->flags & ((1 << KEY_FLAG_INVALIDATED) |
30
			    (1 << KEY_FLAG_REVOKED))))
31
		return key_get(key);
32
#endif
33
	return NULL;
34
}
35

36
static void cache_requested_key(struct key *key)
37
{
38
#ifdef CONFIG_KEYS_REQUEST_CACHE
39
	struct task_struct *t = current;
40

41
	/* Do not cache key if it is a kernel thread */
42
	if (!(t->flags & PF_KTHREAD)) {
43
		key_put(t->cached_requested_key);
44
		t->cached_requested_key = key_get(key);
45
		set_tsk_thread_flag(t, TIF_NOTIFY_RESUME);
46
	}
47
#endif
48
}
49

50
/**
51
 * complete_request_key - Complete the construction of a key.
52
 * @authkey: The authorisation key.
53
 * @error: The success or failute of the construction.
54
 *
55
 * Complete the attempt to construct a key.  The key will be negated
56
 * if an error is indicated.  The authorisation key will be revoked
57
 * unconditionally.
58
 */
59
void complete_request_key(struct key *authkey, int error)
60
{
61
	struct request_key_auth *rka = get_request_key_auth(authkey);
62
	struct key *key = rka->target_key;
63

64
	kenter("%d{%d},%d", authkey->serial, key->serial, error);
65

66
	if (error < 0)
67
		key_negate_and_link(key, key_negative_timeout, NULL, authkey);
68
	else
69
		key_revoke(authkey);
70
}
71
EXPORT_SYMBOL(complete_request_key);
72

73
/*
74
 * Initialise a usermode helper that is going to have a specific session
75
 * keyring.
76
 *
77
 * This is called in context of freshly forked kthread before kernel_execve(),
78
 * so we can simply install the desired session_keyring at this point.
79
 */
80
static int umh_keys_init(struct subprocess_info *info, struct cred *cred)
81
{
82
	struct key *keyring = info->data;
83

84
	return install_session_keyring_to_cred(cred, keyring);
85
}
86

87
/*
88
 * Clean up a usermode helper with session keyring.
89
 */
90
static void umh_keys_cleanup(struct subprocess_info *info)
91
{
92
	struct key *keyring = info->data;
93
	key_put(keyring);
94
}
95

96
/*
97
 * Call a usermode helper with a specific session keyring.
98
 */
99
static int call_usermodehelper_keys(const char *path, char **argv, char **envp,
100
					struct key *session_keyring, int wait)
101
{
102
	struct subprocess_info *info;
103

104
	info = call_usermodehelper_setup(path, argv, envp, GFP_KERNEL,
105
					  umh_keys_init, umh_keys_cleanup,
106
					  session_keyring);
107
	if (!info)
108
		return -ENOMEM;
109

110
	key_get(session_keyring);
111
	return call_usermodehelper_exec(info, wait);
112
}
113

114
/*
115
 * Request userspace finish the construction of a key
116
 * - execute "/sbin/request-key <op> <key> <uid> <gid> <keyring> <keyring> <keyring>"
117
 */
118
static int call_sbin_request_key(struct key *authkey, void *aux)
119
{
120
	static char const request_key[] = "/sbin/request-key";
121
	struct request_key_auth *rka = get_request_key_auth(authkey);
122
	const struct cred *cred = current_cred();
123
	key_serial_t prkey, sskey;
124
	struct key *key = rka->target_key, *keyring, *session, *user_session;
125
	char *argv[9], *envp[3], uid_str[12], gid_str[12];
126
	char key_str[12], keyring_str[3][12];
127
	char desc[20];
128
	int ret, i;
129

130
	kenter("{%d},{%d},%s", key->serial, authkey->serial, rka->op);
131

132
	ret = look_up_user_keyrings(NULL, &user_session);
133
	if (ret < 0)
134
		goto error_us;
135

136
	/* allocate a new session keyring */
137
	sprintf(desc, "_req.%u", key->serial);
138

139
	cred = get_current_cred();
140
	keyring = keyring_alloc(desc, cred->fsuid, cred->fsgid, cred,
141
				KEY_POS_ALL | KEY_USR_VIEW | KEY_USR_READ,
142
				KEY_ALLOC_QUOTA_OVERRUN, NULL, NULL);
143
	put_cred(cred);
144
	if (IS_ERR(keyring)) {
145
		ret = PTR_ERR(keyring);
146
		goto error_alloc;
147
	}
148

149
	/* attach the auth key to the session keyring */
150
	ret = key_link(keyring, authkey);
151
	if (ret < 0)
152
		goto error_link;
153

154
	/* record the UID and GID */
155
	sprintf(uid_str, "%d", from_kuid(&init_user_ns, cred->fsuid));
156
	sprintf(gid_str, "%d", from_kgid(&init_user_ns, cred->fsgid));
157

158
	/* we say which key is under construction */
159
	sprintf(key_str, "%d", key->serial);
160

161
	/* we specify the process's default keyrings */
162
	sprintf(keyring_str[0], "%d",
163
		cred->thread_keyring ? cred->thread_keyring->serial : 0);
164

165
	prkey = 0;
166
	if (cred->process_keyring)
167
		prkey = cred->process_keyring->serial;
168
	sprintf(keyring_str[1], "%d", prkey);
169

170
	session = cred->session_keyring;
171
	if (!session)
172
		session = user_session;
173
	sskey = session->serial;
174

175
	sprintf(keyring_str[2], "%d", sskey);
176

177
	/* set up a minimal environment */
178
	i = 0;
179
	envp[i++] = "HOME=/";
180
	envp[i++] = "PATH=/sbin:/bin:/usr/sbin:/usr/bin";
181
	envp[i] = NULL;
182

183
	/* set up the argument list */
184
	i = 0;
185
	argv[i++] = (char *)request_key;
186
	argv[i++] = (char *)rka->op;
187
	argv[i++] = key_str;
188
	argv[i++] = uid_str;
189
	argv[i++] = gid_str;
190
	argv[i++] = keyring_str[0];
191
	argv[i++] = keyring_str[1];
192
	argv[i++] = keyring_str[2];
193
	argv[i] = NULL;
194

195
	/* do it */
196
	ret = call_usermodehelper_keys(request_key, argv, envp, keyring,
197
				       UMH_WAIT_PROC);
198
	kdebug("usermode -> 0x%x", ret);
199
	if (ret >= 0) {
200
		/* ret is the exit/wait code */
201
		if (test_bit(KEY_FLAG_USER_CONSTRUCT, &key->flags) ||
202
		    key_validate(key) < 0)
203
			ret = -ENOKEY;
204
		else
205
			/* ignore any errors from userspace if the key was
206
			 * instantiated */
207
			ret = 0;
208
	}
209

210
error_link:
211
	key_put(keyring);
212

213
error_alloc:
214
	key_put(user_session);
215
error_us:
216
	complete_request_key(authkey, ret);
217
	kleave(" = %d", ret);
218
	return ret;
219
}
220

221
/*
222
 * Call out to userspace for key construction.
223
 *
224
 * Program failure is ignored in favour of key status.
225
 */
226
static int construct_key(struct key *key, const void *callout_info,
227
			 size_t callout_len, void *aux,
228
			 struct key *dest_keyring)
229
{
230
	request_key_actor_t actor;
231
	struct key *authkey;
232
	int ret;
233

234
	kenter("%d,%p,%zu,%p", key->serial, callout_info, callout_len, aux);
235

236
	/* allocate an authorisation key */
237
	authkey = request_key_auth_new(key, "create", callout_info, callout_len,
238
				       dest_keyring);
239
	if (IS_ERR(authkey))
240
		return PTR_ERR(authkey);
241

242
	/* Make the call */
243
	actor = call_sbin_request_key;
244
	if (key->type->request_key)
245
		actor = key->type->request_key;
246

247
	ret = actor(authkey, aux);
248

249
	/* check that the actor called complete_request_key() prior to
250
	 * returning an error */
251
	WARN_ON(ret < 0 &&
252
		!test_bit(KEY_FLAG_INVALIDATED, &authkey->flags));
253

254
	key_put(authkey);
255
	kleave(" = %d", ret);
256
	return ret;
257
}
258

259
/*
260
 * Get the appropriate destination keyring for the request.
261
 *
262
 * The keyring selected is returned with an extra reference upon it which the
263
 * caller must release.
264
 */
265
static int construct_get_dest_keyring(struct key **_dest_keyring)
266
{
267
	struct request_key_auth *rka;
268
	const struct cred *cred = current_cred();
269
	struct key *dest_keyring = *_dest_keyring, *authkey;
270
	int ret;
271

272
	kenter("%p", dest_keyring);
273

274
	/* find the appropriate keyring */
275
	if (dest_keyring) {
276
		/* the caller supplied one */
277
		key_get(dest_keyring);
278
	} else {
279
		bool do_perm_check = true;
280

281
		/* use a default keyring; falling through the cases until we
282
		 * find one that we actually have */
283
		switch (cred->jit_keyring) {
284
		case KEY_REQKEY_DEFL_DEFAULT:
285
		case KEY_REQKEY_DEFL_REQUESTOR_KEYRING:
286
			if (cred->request_key_auth) {
287
				authkey = cred->request_key_auth;
288
				down_read(&authkey->sem);
289
				rka = get_request_key_auth(authkey);
290
				if (!test_bit(KEY_FLAG_REVOKED,
291
					      &authkey->flags))
292
					dest_keyring =
293
						key_get(rka->dest_keyring);
294
				up_read(&authkey->sem);
295
				if (dest_keyring) {
296
					do_perm_check = false;
297
					break;
298
				}
299
			}
300

301
			fallthrough;
302
		case KEY_REQKEY_DEFL_THREAD_KEYRING:
303
			dest_keyring = key_get(cred->thread_keyring);
304
			if (dest_keyring)
305
				break;
306

307
			fallthrough;
308
		case KEY_REQKEY_DEFL_PROCESS_KEYRING:
309
			dest_keyring = key_get(cred->process_keyring);
310
			if (dest_keyring)
311
				break;
312

313
			fallthrough;
314
		case KEY_REQKEY_DEFL_SESSION_KEYRING:
315
			dest_keyring = key_get(cred->session_keyring);
316

317
			if (dest_keyring)
318
				break;
319

320
			fallthrough;
321
		case KEY_REQKEY_DEFL_USER_SESSION_KEYRING:
322
			ret = look_up_user_keyrings(NULL, &dest_keyring);
323
			if (ret < 0)
324
				return ret;
325
			break;
326

327
		case KEY_REQKEY_DEFL_USER_KEYRING:
328
			ret = look_up_user_keyrings(&dest_keyring, NULL);
329
			if (ret < 0)
330
				return ret;
331
			break;
332

333
		case KEY_REQKEY_DEFL_GROUP_KEYRING:
334
		default:
335
			BUG();
336
		}
337

338
		/*
339
		 * Require Write permission on the keyring.  This is essential
340
		 * because the default keyring may be the session keyring, and
341
		 * joining a keyring only requires Search permission.
342
		 *
343
		 * However, this check is skipped for the "requestor keyring" so
344
		 * that /sbin/request-key can itself use request_key() to add
345
		 * keys to the original requestor's destination keyring.
346
		 */
347
		if (dest_keyring && do_perm_check) {
348
			ret = key_permission(make_key_ref(dest_keyring, 1),
349
					     KEY_NEED_WRITE);
350
			if (ret) {
351
				key_put(dest_keyring);
352
				return ret;
353
			}
354
		}
355
	}
356

357
	*_dest_keyring = dest_keyring;
358
	kleave(" [dk %d]", key_serial(dest_keyring));
359
	return 0;
360
}
361

362
/*
363
 * Allocate a new key in under-construction state and attempt to link it in to
364
 * the requested keyring.
365
 *
366
 * May return a key that's already under construction instead if there was a
367
 * race between two thread calling request_key().
368
 */
369
static int construct_alloc_key(struct keyring_search_context *ctx,
370
			       struct key *dest_keyring,
371
			       unsigned long flags,
372
			       struct key_user *user,
373
			       struct key **_key)
374
{
375
	struct assoc_array_edit *edit = NULL;
376
	struct key *key;
377
	key_perm_t perm;
378
	key_ref_t key_ref;
379
	int ret;
380

381
	kenter("%s,%s,,,",
382
	       ctx->index_key.type->name, ctx->index_key.description);
383

384
	*_key = NULL;
385
	mutex_lock(&user->cons_lock);
386

387
	perm = KEY_POS_VIEW | KEY_POS_SEARCH | KEY_POS_LINK | KEY_POS_SETATTR;
388
	perm |= KEY_USR_VIEW;
389
	if (ctx->index_key.type->read)
390
		perm |= KEY_POS_READ;
391
	if (ctx->index_key.type == &key_type_keyring ||
392
	    ctx->index_key.type->update)
393
		perm |= KEY_POS_WRITE;
394

395
	key = key_alloc(ctx->index_key.type, ctx->index_key.description,
396
			ctx->cred->fsuid, ctx->cred->fsgid, ctx->cred,
397
			perm, flags, NULL);
398
	if (IS_ERR(key))
399
		goto alloc_failed;
400

401
	set_bit(KEY_FLAG_USER_CONSTRUCT, &key->flags);
402

403
	if (dest_keyring) {
404
		ret = __key_link_lock(dest_keyring, &key->index_key);
405
		if (ret < 0)
406
			goto link_lock_failed;
407
	}
408

409
	/*
410
	 * Attach the key to the destination keyring under lock, but we do need
411
	 * to do another check just in case someone beat us to it whilst we
412
	 * waited for locks.
413
	 *
414
	 * The caller might specify a comparison function which looks for keys
415
	 * that do not exactly match but are still equivalent from the caller's
416
	 * perspective. The __key_link_begin() operation must be done only after
417
	 * an actual key is determined.
418
	 */
419
	mutex_lock(&key_construction_mutex);
420

421
	rcu_read_lock();
422
	key_ref = search_process_keyrings_rcu(ctx);
423
	rcu_read_unlock();
424
	if (!IS_ERR(key_ref))
425
		goto key_already_present;
426

427
	if (dest_keyring) {
428
		ret = __key_link_begin(dest_keyring, &key->index_key, &edit);
429
		if (ret < 0)
430
			goto link_alloc_failed;
431
		__key_link(dest_keyring, key, &edit);
432
	}
433

434
	mutex_unlock(&key_construction_mutex);
435
	if (dest_keyring)
436
		__key_link_end(dest_keyring, &key->index_key, edit);
437
	mutex_unlock(&user->cons_lock);
438
	*_key = key;
439
	kleave(" = 0 [%d]", key_serial(key));
440
	return 0;
441

442
	/* the key is now present - we tell the caller that we found it by
443
	 * returning -EINPROGRESS  */
444
key_already_present:
445
	key_put(key);
446
	mutex_unlock(&key_construction_mutex);
447
	key = key_ref_to_ptr(key_ref);
448
	if (dest_keyring) {
449
		ret = __key_link_begin(dest_keyring, &key->index_key, &edit);
450
		if (ret < 0)
451
			goto link_alloc_failed_unlocked;
452
		ret = __key_link_check_live_key(dest_keyring, key);
453
		if (ret == 0)
454
			__key_link(dest_keyring, key, &edit);
455
		__key_link_end(dest_keyring, &key->index_key, edit);
456
		if (ret < 0)
457
			goto link_check_failed;
458
	}
459
	mutex_unlock(&user->cons_lock);
460
	*_key = key;
461
	kleave(" = -EINPROGRESS [%d]", key_serial(key));
462
	return -EINPROGRESS;
463

464
link_check_failed:
465
	mutex_unlock(&user->cons_lock);
466
	key_put(key);
467
	kleave(" = %d [linkcheck]", ret);
468
	return ret;
469

470
link_alloc_failed:
471
	mutex_unlock(&key_construction_mutex);
472
link_alloc_failed_unlocked:
473
	__key_link_end(dest_keyring, &key->index_key, edit);
474
link_lock_failed:
475
	mutex_unlock(&user->cons_lock);
476
	key_put(key);
477
	kleave(" = %d [prelink]", ret);
478
	return ret;
479

480
alloc_failed:
481
	mutex_unlock(&user->cons_lock);
482
	kleave(" = %ld", PTR_ERR(key));
483
	return PTR_ERR(key);
484
}
485

486
/*
487
 * Commence key construction.
488
 */
489
static struct key *construct_key_and_link(struct keyring_search_context *ctx,
490
					  const char *callout_info,
491
					  size_t callout_len,
492
					  void *aux,
493
					  struct key *dest_keyring,
494
					  unsigned long flags)
495
{
496
	struct key_user *user;
497
	struct key *key;
498
	int ret;
499

500
	kenter("");
501

502
	if (ctx->index_key.type == &key_type_keyring)
503
		return ERR_PTR(-EPERM);
504

505
	ret = construct_get_dest_keyring(&dest_keyring);
506
	if (ret)
507
		goto error;
508

509
	user = key_user_lookup(current_fsuid());
510
	if (!user) {
511
		ret = -ENOMEM;
512
		goto error_put_dest_keyring;
513
	}
514

515
	ret = construct_alloc_key(ctx, dest_keyring, flags, user, &key);
516
	key_user_put(user);
517

518
	if (ret == 0) {
519
		ret = construct_key(key, callout_info, callout_len, aux,
520
				    dest_keyring);
521
		if (ret < 0) {
522
			kdebug("cons failed");
523
			goto construction_failed;
524
		}
525
	} else if (ret == -EINPROGRESS) {
526
		ret = 0;
527
	} else {
528
		goto error_put_dest_keyring;
529
	}
530

531
	key_put(dest_keyring);
532
	kleave(" = key %d", key_serial(key));
533
	return key;
534

535
construction_failed:
536
	key_negate_and_link(key, key_negative_timeout, NULL, NULL);
537
	key_put(key);
538
error_put_dest_keyring:
539
	key_put(dest_keyring);
540
error:
541
	kleave(" = %d", ret);
542
	return ERR_PTR(ret);
543
}
544

545
/**
546
 * request_key_and_link - Request a key and cache it in a keyring.
547
 * @type: The type of key we want.
548
 * @description: The searchable description of the key.
549
 * @domain_tag: The domain in which the key operates.
550
 * @callout_info: The data to pass to the instantiation upcall (or NULL).
551
 * @callout_len: The length of callout_info.
552
 * @aux: Auxiliary data for the upcall.
553
 * @dest_keyring: Where to cache the key.
554
 * @flags: Flags to key_alloc().
555
 *
556
 * A key matching the specified criteria (type, description, domain_tag) is
557
 * searched for in the process's keyrings and returned with its usage count
558
 * incremented if found.  Otherwise, if callout_info is not NULL, a key will be
559
 * allocated and some service (probably in userspace) will be asked to
560
 * instantiate it.
561
 *
562
 * If successfully found or created, the key will be linked to the destination
563
 * keyring if one is provided.
564
 *
565
 * Returns a pointer to the key if successful; -EACCES, -ENOKEY, -EKEYREVOKED
566
 * or -EKEYEXPIRED if an inaccessible, negative, revoked or expired key was
567
 * found; -ENOKEY if no key was found and no @callout_info was given; -EDQUOT
568
 * if insufficient key quota was available to create a new key; or -ENOMEM if
569
 * insufficient memory was available.
570
 *
571
 * If the returned key was created, then it may still be under construction,
572
 * and wait_for_key_construction() should be used to wait for that to complete.
573
 */
574
struct key *request_key_and_link(struct key_type *type,
575
				 const char *description,
576
				 struct key_tag *domain_tag,
577
				 const void *callout_info,
578
				 size_t callout_len,
579
				 void *aux,
580
				 struct key *dest_keyring,
581
				 unsigned long flags)
582
{
583
	struct keyring_search_context ctx = {
584
		.index_key.type		= type,
585
		.index_key.domain_tag	= domain_tag,
586
		.index_key.description	= description,
587
		.index_key.desc_len	= strlen(description),
588
		.cred			= current_cred(),
589
		.match_data.cmp		= key_default_cmp,
590
		.match_data.raw_data	= description,
591
		.match_data.lookup_type	= KEYRING_SEARCH_LOOKUP_DIRECT,
592
		.flags			= (KEYRING_SEARCH_DO_STATE_CHECK |
593
					   KEYRING_SEARCH_SKIP_EXPIRED |
594
					   KEYRING_SEARCH_RECURSE),
595
	};
596
	struct key *key;
597
	key_ref_t key_ref;
598
	int ret;
599

600
	kenter("%s,%s,%p,%zu,%p,%p,%lx",
601
	       ctx.index_key.type->name, ctx.index_key.description,
602
	       callout_info, callout_len, aux, dest_keyring, flags);
603

604
	if (type->match_preparse) {
605
		ret = type->match_preparse(&ctx.match_data);
606
		if (ret < 0) {
607
			key = ERR_PTR(ret);
608
			goto error;
609
		}
610
	}
611

612
	key = check_cached_key(&ctx);
613
	if (key)
614
		goto error_free;
615

616
	/* search all the process keyrings for a key */
617
	rcu_read_lock();
618
	key_ref = search_process_keyrings_rcu(&ctx);
619
	rcu_read_unlock();
620

621
	if (!IS_ERR(key_ref)) {
622
		if (dest_keyring) {
623
			ret = key_task_permission(key_ref, current_cred(),
624
						  KEY_NEED_LINK);
625
			if (ret < 0) {
626
				key_ref_put(key_ref);
627
				key = ERR_PTR(ret);
628
				goto error_free;
629
			}
630
		}
631

632
		key = key_ref_to_ptr(key_ref);
633
		if (dest_keyring) {
634
			ret = key_link(dest_keyring, key);
635
			if (ret < 0) {
636
				key_put(key);
637
				key = ERR_PTR(ret);
638
				goto error_free;
639
			}
640
		}
641

642
		/* Only cache the key on immediate success */
643
		cache_requested_key(key);
644
	} else if (PTR_ERR(key_ref) != -EAGAIN) {
645
		key = ERR_CAST(key_ref);
646
	} else  {
647
		/* the search failed, but the keyrings were searchable, so we
648
		 * should consult userspace if we can */
649
		key = ERR_PTR(-ENOKEY);
650
		if (!callout_info)
651
			goto error_free;
652

653
		key = construct_key_and_link(&ctx, callout_info, callout_len,
654
					     aux, dest_keyring, flags);
655
	}
656

657
error_free:
658
	if (type->match_free)
659
		type->match_free(&ctx.match_data);
660
error:
661
	kleave(" = %p", key);
662
	return key;
663
}
664

665
/**
666
 * wait_for_key_construction - Wait for construction of a key to complete
667
 * @key: The key being waited for.
668
 * @intr: Whether to wait interruptibly.
669
 *
670
 * Wait for a key to finish being constructed.
671
 *
672
 * Returns 0 if successful; -ERESTARTSYS if the wait was interrupted; -ENOKEY
673
 * if the key was negated; or -EKEYREVOKED or -EKEYEXPIRED if the key was
674
 * revoked or expired.
675
 */
676
int wait_for_key_construction(struct key *key, bool intr)
677
{
678
	int ret;
679

680
	ret = wait_on_bit(&key->flags, KEY_FLAG_USER_CONSTRUCT,
681
			  intr ? TASK_INTERRUPTIBLE : TASK_UNINTERRUPTIBLE);
682
	if (ret)
683
		return -ERESTARTSYS;
684
	ret = key_read_state(key);
685
	if (ret < 0)
686
		return ret;
687
	return key_validate(key);
688
}
689
EXPORT_SYMBOL(wait_for_key_construction);
690

691
/**
692
 * request_key_tag - Request a key and wait for construction
693
 * @type: Type of key.
694
 * @description: The searchable description of the key.
695
 * @domain_tag: The domain in which the key operates.
696
 * @callout_info: The data to pass to the instantiation upcall (or NULL).
697
 *
698
 * As for request_key_and_link() except that it does not add the returned key
699
 * to a keyring if found, new keys are always allocated in the user's quota,
700
 * the callout_info must be a NUL-terminated string and no auxiliary data can
701
 * be passed.
702
 *
703
 * Furthermore, it then works as wait_for_key_construction() to wait for the
704
 * completion of keys undergoing construction with a non-interruptible wait.
705
 */
706
struct key *request_key_tag(struct key_type *type,
707
			    const char *description,
708
			    struct key_tag *domain_tag,
709
			    const char *callout_info)
710
{
711
	struct key *key;
712
	size_t callout_len = 0;
713
	int ret;
714

715
	if (callout_info)
716
		callout_len = strlen(callout_info);
717
	key = request_key_and_link(type, description, domain_tag,
718
				   callout_info, callout_len,
719
				   NULL, NULL, KEY_ALLOC_IN_QUOTA);
720
	if (!IS_ERR(key)) {
721
		ret = wait_for_key_construction(key, false);
722
		if (ret < 0) {
723
			key_put(key);
724
			return ERR_PTR(ret);
725
		}
726
	}
727
	return key;
728
}
729
EXPORT_SYMBOL(request_key_tag);
730

731
/**
732
 * request_key_with_auxdata - Request a key with auxiliary data for the upcaller
733
 * @type: The type of key we want.
734
 * @description: The searchable description of the key.
735
 * @domain_tag: The domain in which the key operates.
736
 * @callout_info: The data to pass to the instantiation upcall (or NULL).
737
 * @callout_len: The length of callout_info.
738
 * @aux: Auxiliary data for the upcall.
739
 *
740
 * As for request_key_and_link() except that it does not add the returned key
741
 * to a keyring if found and new keys are always allocated in the user's quota.
742
 *
743
 * Furthermore, it then works as wait_for_key_construction() to wait for the
744
 * completion of keys undergoing construction with a non-interruptible wait.
745
 */
746
struct key *request_key_with_auxdata(struct key_type *type,
747
				     const char *description,
748
				     struct key_tag *domain_tag,
749
				     const void *callout_info,
750
				     size_t callout_len,
751
				     void *aux)
752
{
753
	struct key *key;
754
	int ret;
755

756
	key = request_key_and_link(type, description, domain_tag,
757
				   callout_info, callout_len,
758
				   aux, NULL, KEY_ALLOC_IN_QUOTA);
759
	if (!IS_ERR(key)) {
760
		ret = wait_for_key_construction(key, false);
761
		if (ret < 0) {
762
			key_put(key);
763
			return ERR_PTR(ret);
764
		}
765
	}
766
	return key;
767
}
768
EXPORT_SYMBOL(request_key_with_auxdata);
769

770
/**
771
 * request_key_rcu - Request key from RCU-read-locked context
772
 * @type: The type of key we want.
773
 * @description: The name of the key we want.
774
 * @domain_tag: The domain in which the key operates.
775
 *
776
 * Request a key from a context that we may not sleep in (such as RCU-mode
777
 * pathwalk).  Keys under construction are ignored.
778
 *
779
 * Return a pointer to the found key if successful, -ENOKEY if we couldn't find
780
 * a key or some other error if the key found was unsuitable or inaccessible.
781
 */
782
struct key *request_key_rcu(struct key_type *type,
783
			    const char *description,
784
			    struct key_tag *domain_tag)
785
{
786
	struct keyring_search_context ctx = {
787
		.index_key.type		= type,
788
		.index_key.domain_tag	= domain_tag,
789
		.index_key.description	= description,
790
		.index_key.desc_len	= strlen(description),
791
		.cred			= current_cred(),
792
		.match_data.cmp		= key_default_cmp,
793
		.match_data.raw_data	= description,
794
		.match_data.lookup_type	= KEYRING_SEARCH_LOOKUP_DIRECT,
795
		.flags			= (KEYRING_SEARCH_DO_STATE_CHECK |
796
					   KEYRING_SEARCH_SKIP_EXPIRED),
797
	};
798
	struct key *key;
799
	key_ref_t key_ref;
800

801
	kenter("%s,%s", type->name, description);
802

803
	key = check_cached_key(&ctx);
804
	if (key)
805
		return key;
806

807
	/* search all the process keyrings for a key */
808
	key_ref = search_process_keyrings_rcu(&ctx);
809
	if (IS_ERR(key_ref)) {
810
		key = ERR_CAST(key_ref);
811
		if (PTR_ERR(key_ref) == -EAGAIN)
812
			key = ERR_PTR(-ENOKEY);
813
	} else {
814
		key = key_ref_to_ptr(key_ref);
815
		cache_requested_key(key);
816
	}
817

818
	kleave(" = %p", key);
819
	return key;
820
}
821
EXPORT_SYMBOL(request_key_rcu);
822

823