permission.c 2.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111
  1. /* Key permission checking
  2. *
  3. * Copyright (C) 2005 Red Hat, Inc. All Rights Reserved.
  4. * Written by David Howells (dhowells@redhat.com)
  5. *
  6. * This program is free software; you can redistribute it and/or
  7. * modify it under the terms of the GNU General Public License
  8. * as published by the Free Software Foundation; either version
  9. * 2 of the License, or (at your option) any later version.
  10. */
  11. #include <linux/module.h>
  12. #include <linux/security.h>
  13. #include "internal.h"
  14. /**
  15. * key_task_permission - Check a key can be used
  16. * @key_ref: The key to check.
  17. * @cred: The credentials to use.
  18. * @perm: The permissions to check for.
  19. *
  20. * Check to see whether permission is granted to use a key in the desired way,
  21. * but permit the security modules to override.
  22. *
  23. * The caller must hold either a ref on cred or must hold the RCU readlock.
  24. *
  25. * Returns 0 if successful, -EACCES if access is denied based on the
  26. * permissions bits or the LSM check.
  27. */
  28. int key_task_permission(const key_ref_t key_ref, const struct cred *cred,
  29. unsigned perm)
  30. {
  31. struct key *key;
  32. key_perm_t kperm;
  33. int ret;
  34. key = key_ref_to_ptr(key_ref);
  35. /* use the second 8-bits of permissions for keys the caller owns */
  36. if (uid_eq(key->uid, cred->fsuid)) {
  37. kperm = key->perm >> 16;
  38. goto use_these_perms;
  39. }
  40. /* use the third 8-bits of permissions for keys the caller has a group
  41. * membership in common with */
  42. if (gid_valid(key->gid) && key->perm & KEY_GRP_ALL) {
  43. if (gid_eq(key->gid, cred->fsgid)) {
  44. kperm = key->perm >> 8;
  45. goto use_these_perms;
  46. }
  47. ret = groups_search(cred->group_info, key->gid);
  48. if (ret) {
  49. kperm = key->perm >> 8;
  50. goto use_these_perms;
  51. }
  52. }
  53. /* otherwise use the least-significant 8-bits */
  54. kperm = key->perm;
  55. use_these_perms:
  56. /* use the top 8-bits of permissions for keys the caller possesses
  57. * - possessor permissions are additive with other permissions
  58. */
  59. if (is_key_possessed(key_ref))
  60. kperm |= key->perm >> 24;
  61. kperm = kperm & perm & KEY_NEED_ALL;
  62. if (kperm != perm)
  63. return -EACCES;
  64. /* let LSM be the final arbiter */
  65. return security_key_permission(key_ref, cred, perm);
  66. }
  67. EXPORT_SYMBOL(key_task_permission);
  68. /**
  69. * key_validate - Validate a key.
  70. * @key: The key to be validated.
  71. *
  72. * Check that a key is valid, returning 0 if the key is okay, -ENOKEY if the
  73. * key is invalidated, -EKEYREVOKED if the key's type has been removed or if
  74. * the key has been revoked or -EKEYEXPIRED if the key has expired.
  75. */
  76. int key_validate(const struct key *key)
  77. {
  78. unsigned long flags = READ_ONCE(key->flags);
  79. time64_t expiry = READ_ONCE(key->expiry);
  80. if (flags & (1 << KEY_FLAG_INVALIDATED))
  81. return -ENOKEY;
  82. /* check it's still accessible */
  83. if (flags & ((1 << KEY_FLAG_REVOKED) |
  84. (1 << KEY_FLAG_DEAD)))
  85. return -EKEYREVOKED;
  86. /* check it hasn't expired */
  87. if (expiry) {
  88. if (ktime_get_real_seconds() >= expiry)
  89. return -EKEYEXPIRED;
  90. }
  91. return 0;
  92. }
  93. EXPORT_SYMBOL(key_validate);