Lines Matching defs:key
38 static struct key *get_user_register(struct user_namespace *user_ns)
40 struct key *reg_keyring = READ_ONCE(user_ns->user_keyring_register);
74 int look_up_user_keyrings(struct key **_user_keyring,
75 struct key **_user_session_keyring)
79 struct key *reg_keyring, *uid_keyring, *session_keyring;
185 struct key *get_user_session_keyring_rcu(const struct cred *cred)
187 struct key *reg_keyring = READ_ONCE(cred->user_ns->user_keyring_register);
223 struct key *keyring;
270 struct key *keyring;
317 int install_session_keyring_to_cred(struct cred *cred, struct key *keyring)
320 struct key *old;
356 static int install_session_keyring(struct key *keyring)
402 * matching key under RCU conditions (the caller must be holding the RCU read
408 * parameter to the key's description.
415 * Returns a pointer to the key with the key usage count incremented if
416 * successful, -EAGAIN if we didn't find any matching key or -ENOKEY if we only
420 * returned key reference.
424 struct key *user_session;
429 * searchable, but we failed to find a key or we found a negative key;
447 case -EAGAIN: /* no key */
448 case -ENOKEY: /* negative key */
465 case -EAGAIN: /* no key */
469 case -ENOKEY: /* negative key */
487 case -EAGAIN: /* no key */
491 case -ENOKEY: /* negative key */
509 case -EAGAIN: /* no key */
513 case -ENOKEY: /* negative key */
522 /* no key - decide on the error we're going to go for */
531 * matching key in the manner of search_my_process_keyrings(), but also search
532 * the keys attached to the assumed authorisation key using its credentials if
549 /* if this process has an instantiation authorisation key, then we also
573 /* no key - decide on the error we're going to go for */
585 * See if the key we're looking at is the target key.
587 bool lookup_user_key_possessed(const struct key *key,
590 return key == match_data->raw_data;
594 * Look up a key ID given us by userspace with a given permissions mask to get
595 * the key it refers to.
599 * validity and permission checks on the found key.
601 * Returns a pointer to the key with an incremented usage count if successful;
602 * -EINVAL if the key ID is invalid; -ENOKEY if the key ID does not correspond
603 * to a key or the best found key was a negative key; -EKEYREVOKED or
604 * -EKEYEXPIRED if the best found key was revoked or expired; -EACCES if the
605 * found key doesn't grant the requested permit or the LSM denied access to it;
609 * returned key reference.
621 struct key *key, *user_session;
643 key = ctx.cred->thread_keyring;
644 __key_get(key);
645 key_ref = make_key_ref(key, 1);
661 key = ctx.cred->process_keyring;
662 __key_get(key);
663 key_ref = make_key_ref(key, 1);
691 key = ctx.cred->session_keyring;
692 __key_get(key);
693 key_ref = make_key_ref(key, 1);
697 ret = look_up_user_keyrings(&key, NULL);
700 key_ref = make_key_ref(key, 1);
704 ret = look_up_user_keyrings(NULL, &key);
707 key_ref = make_key_ref(key, 1);
716 key = ctx.cred->request_key_auth;
717 if (!key)
720 __key_get(key);
721 key_ref = make_key_ref(key, 1);
732 key = NULL;
735 key = rka->dest_keyring;
736 __key_get(key);
739 if (!key)
741 key_ref = make_key_ref(key, 1);
749 key = key_lookup(id);
750 if (IS_ERR(key)) {
751 key_ref = ERR_CAST(key);
755 key_ref = make_key_ref(key, 0);
757 /* check to see if we possess the key */
758 ctx.index_key = key->index_key;
759 ctx.match_data.raw_data = key;
767 key_put(key);
774 /* unlink does not use the nominated key in any way, so can skip all
778 ret = wait_for_key_construction(key, true);
791 ret = key_validate(key);
798 key_read_state(key) == KEY_IS_UNINSTANTIATED)
807 key->last_used_at = ktime_get_real_seconds();
841 struct key *keyring;