18c2ecf20Sopenharmony_ci/* SPDX-License-Identifier: GPL-2.0-or-later */ 28c2ecf20Sopenharmony_ci/* Authentication token and access key management internal defs 38c2ecf20Sopenharmony_ci * 48c2ecf20Sopenharmony_ci * Copyright (C) 2003-5, 2007 Red Hat, Inc. All Rights Reserved. 58c2ecf20Sopenharmony_ci * Written by David Howells (dhowells@redhat.com) 68c2ecf20Sopenharmony_ci */ 78c2ecf20Sopenharmony_ci 88c2ecf20Sopenharmony_ci#ifndef _INTERNAL_H 98c2ecf20Sopenharmony_ci#define _INTERNAL_H 108c2ecf20Sopenharmony_ci 118c2ecf20Sopenharmony_ci#include <linux/sched.h> 128c2ecf20Sopenharmony_ci#include <linux/wait_bit.h> 138c2ecf20Sopenharmony_ci#include <linux/cred.h> 148c2ecf20Sopenharmony_ci#include <linux/key-type.h> 158c2ecf20Sopenharmony_ci#include <linux/task_work.h> 168c2ecf20Sopenharmony_ci#include <linux/keyctl.h> 178c2ecf20Sopenharmony_ci#include <linux/refcount.h> 188c2ecf20Sopenharmony_ci#include <linux/watch_queue.h> 198c2ecf20Sopenharmony_ci#include <linux/compat.h> 208c2ecf20Sopenharmony_ci#include <linux/mm.h> 218c2ecf20Sopenharmony_ci#include <linux/vmalloc.h> 228c2ecf20Sopenharmony_ci 238c2ecf20Sopenharmony_cistruct iovec; 248c2ecf20Sopenharmony_ci 258c2ecf20Sopenharmony_ci#ifdef __KDEBUG 268c2ecf20Sopenharmony_ci#define kenter(FMT, ...) \ 278c2ecf20Sopenharmony_ci printk(KERN_DEBUG "==> %s("FMT")\n", __func__, ##__VA_ARGS__) 288c2ecf20Sopenharmony_ci#define kleave(FMT, ...) \ 298c2ecf20Sopenharmony_ci printk(KERN_DEBUG "<== %s()"FMT"\n", __func__, ##__VA_ARGS__) 308c2ecf20Sopenharmony_ci#define kdebug(FMT, ...) \ 318c2ecf20Sopenharmony_ci printk(KERN_DEBUG " "FMT"\n", ##__VA_ARGS__) 328c2ecf20Sopenharmony_ci#else 338c2ecf20Sopenharmony_ci#define kenter(FMT, ...) \ 348c2ecf20Sopenharmony_ci no_printk(KERN_DEBUG "==> %s("FMT")\n", __func__, ##__VA_ARGS__) 358c2ecf20Sopenharmony_ci#define kleave(FMT, ...) \ 368c2ecf20Sopenharmony_ci no_printk(KERN_DEBUG "<== %s()"FMT"\n", __func__, ##__VA_ARGS__) 378c2ecf20Sopenharmony_ci#define kdebug(FMT, ...) \ 388c2ecf20Sopenharmony_ci no_printk(KERN_DEBUG FMT"\n", ##__VA_ARGS__) 398c2ecf20Sopenharmony_ci#endif 408c2ecf20Sopenharmony_ci 418c2ecf20Sopenharmony_ciextern struct key_type key_type_dead; 428c2ecf20Sopenharmony_ciextern struct key_type key_type_user; 438c2ecf20Sopenharmony_ciextern struct key_type key_type_logon; 448c2ecf20Sopenharmony_ci 458c2ecf20Sopenharmony_ci/*****************************************************************************/ 468c2ecf20Sopenharmony_ci/* 478c2ecf20Sopenharmony_ci * Keep track of keys for a user. 488c2ecf20Sopenharmony_ci * 498c2ecf20Sopenharmony_ci * This needs to be separate to user_struct to avoid a refcount-loop 508c2ecf20Sopenharmony_ci * (user_struct pins some keyrings which pin this struct). 518c2ecf20Sopenharmony_ci * 528c2ecf20Sopenharmony_ci * We also keep track of keys under request from userspace for this UID here. 538c2ecf20Sopenharmony_ci */ 548c2ecf20Sopenharmony_cistruct key_user { 558c2ecf20Sopenharmony_ci struct rb_node node; 568c2ecf20Sopenharmony_ci struct mutex cons_lock; /* construction initiation lock */ 578c2ecf20Sopenharmony_ci spinlock_t lock; 588c2ecf20Sopenharmony_ci refcount_t usage; /* for accessing qnkeys & qnbytes */ 598c2ecf20Sopenharmony_ci atomic_t nkeys; /* number of keys */ 608c2ecf20Sopenharmony_ci atomic_t nikeys; /* number of instantiated keys */ 618c2ecf20Sopenharmony_ci kuid_t uid; 628c2ecf20Sopenharmony_ci int qnkeys; /* number of keys allocated to this user */ 638c2ecf20Sopenharmony_ci int qnbytes; /* number of bytes allocated to this user */ 648c2ecf20Sopenharmony_ci}; 658c2ecf20Sopenharmony_ci 668c2ecf20Sopenharmony_ciextern struct rb_root key_user_tree; 678c2ecf20Sopenharmony_ciextern spinlock_t key_user_lock; 688c2ecf20Sopenharmony_ciextern struct key_user root_key_user; 698c2ecf20Sopenharmony_ci 708c2ecf20Sopenharmony_ciextern struct key_user *key_user_lookup(kuid_t uid); 718c2ecf20Sopenharmony_ciextern void key_user_put(struct key_user *user); 728c2ecf20Sopenharmony_ci 738c2ecf20Sopenharmony_ci/* 748c2ecf20Sopenharmony_ci * Key quota limits. 758c2ecf20Sopenharmony_ci * - root has its own separate limits to everyone else 768c2ecf20Sopenharmony_ci */ 778c2ecf20Sopenharmony_ciextern unsigned key_quota_root_maxkeys; 788c2ecf20Sopenharmony_ciextern unsigned key_quota_root_maxbytes; 798c2ecf20Sopenharmony_ciextern unsigned key_quota_maxkeys; 808c2ecf20Sopenharmony_ciextern unsigned key_quota_maxbytes; 818c2ecf20Sopenharmony_ci 828c2ecf20Sopenharmony_ci#define KEYQUOTA_LINK_BYTES 4 /* a link in a keyring is worth 4 bytes */ 838c2ecf20Sopenharmony_ci 848c2ecf20Sopenharmony_ci 858c2ecf20Sopenharmony_ciextern struct kmem_cache *key_jar; 868c2ecf20Sopenharmony_ciextern struct rb_root key_serial_tree; 878c2ecf20Sopenharmony_ciextern spinlock_t key_serial_lock; 888c2ecf20Sopenharmony_ciextern struct mutex key_construction_mutex; 898c2ecf20Sopenharmony_ciextern wait_queue_head_t request_key_conswq; 908c2ecf20Sopenharmony_ci 918c2ecf20Sopenharmony_ciextern void key_set_index_key(struct keyring_index_key *index_key); 928c2ecf20Sopenharmony_ciextern struct key_type *key_type_lookup(const char *type); 938c2ecf20Sopenharmony_ciextern void key_type_put(struct key_type *ktype); 948c2ecf20Sopenharmony_ci 958c2ecf20Sopenharmony_ciextern int __key_link_lock(struct key *keyring, 968c2ecf20Sopenharmony_ci const struct keyring_index_key *index_key); 978c2ecf20Sopenharmony_ciextern int __key_move_lock(struct key *l_keyring, struct key *u_keyring, 988c2ecf20Sopenharmony_ci const struct keyring_index_key *index_key); 998c2ecf20Sopenharmony_ciextern int __key_link_begin(struct key *keyring, 1008c2ecf20Sopenharmony_ci const struct keyring_index_key *index_key, 1018c2ecf20Sopenharmony_ci struct assoc_array_edit **_edit); 1028c2ecf20Sopenharmony_ciextern int __key_link_check_live_key(struct key *keyring, struct key *key); 1038c2ecf20Sopenharmony_ciextern void __key_link(struct key *keyring, struct key *key, 1048c2ecf20Sopenharmony_ci struct assoc_array_edit **_edit); 1058c2ecf20Sopenharmony_ciextern void __key_link_end(struct key *keyring, 1068c2ecf20Sopenharmony_ci const struct keyring_index_key *index_key, 1078c2ecf20Sopenharmony_ci struct assoc_array_edit *edit); 1088c2ecf20Sopenharmony_ci 1098c2ecf20Sopenharmony_ciextern key_ref_t find_key_to_update(key_ref_t keyring_ref, 1108c2ecf20Sopenharmony_ci const struct keyring_index_key *index_key); 1118c2ecf20Sopenharmony_ci 1128c2ecf20Sopenharmony_ciextern struct key *keyring_search_instkey(struct key *keyring, 1138c2ecf20Sopenharmony_ci key_serial_t target_id); 1148c2ecf20Sopenharmony_ci 1158c2ecf20Sopenharmony_ciextern int iterate_over_keyring(const struct key *keyring, 1168c2ecf20Sopenharmony_ci int (*func)(const struct key *key, void *data), 1178c2ecf20Sopenharmony_ci void *data); 1188c2ecf20Sopenharmony_ci 1198c2ecf20Sopenharmony_cistruct keyring_search_context { 1208c2ecf20Sopenharmony_ci struct keyring_index_key index_key; 1218c2ecf20Sopenharmony_ci const struct cred *cred; 1228c2ecf20Sopenharmony_ci struct key_match_data match_data; 1238c2ecf20Sopenharmony_ci unsigned flags; 1248c2ecf20Sopenharmony_ci#define KEYRING_SEARCH_NO_STATE_CHECK 0x0001 /* Skip state checks */ 1258c2ecf20Sopenharmony_ci#define KEYRING_SEARCH_DO_STATE_CHECK 0x0002 /* Override NO_STATE_CHECK */ 1268c2ecf20Sopenharmony_ci#define KEYRING_SEARCH_NO_UPDATE_TIME 0x0004 /* Don't update times */ 1278c2ecf20Sopenharmony_ci#define KEYRING_SEARCH_NO_CHECK_PERM 0x0008 /* Don't check permissions */ 1288c2ecf20Sopenharmony_ci#define KEYRING_SEARCH_DETECT_TOO_DEEP 0x0010 /* Give an error on excessive depth */ 1298c2ecf20Sopenharmony_ci#define KEYRING_SEARCH_SKIP_EXPIRED 0x0020 /* Ignore expired keys (intention to replace) */ 1308c2ecf20Sopenharmony_ci#define KEYRING_SEARCH_RECURSE 0x0040 /* Search child keyrings also */ 1318c2ecf20Sopenharmony_ci 1328c2ecf20Sopenharmony_ci int (*iterator)(const void *object, void *iterator_data); 1338c2ecf20Sopenharmony_ci 1348c2ecf20Sopenharmony_ci /* Internal stuff */ 1358c2ecf20Sopenharmony_ci int skipped_ret; 1368c2ecf20Sopenharmony_ci bool possessed; 1378c2ecf20Sopenharmony_ci key_ref_t result; 1388c2ecf20Sopenharmony_ci time64_t now; 1398c2ecf20Sopenharmony_ci}; 1408c2ecf20Sopenharmony_ci 1418c2ecf20Sopenharmony_ciextern bool key_default_cmp(const struct key *key, 1428c2ecf20Sopenharmony_ci const struct key_match_data *match_data); 1438c2ecf20Sopenharmony_ciextern key_ref_t keyring_search_rcu(key_ref_t keyring_ref, 1448c2ecf20Sopenharmony_ci struct keyring_search_context *ctx); 1458c2ecf20Sopenharmony_ci 1468c2ecf20Sopenharmony_ciextern key_ref_t search_cred_keyrings_rcu(struct keyring_search_context *ctx); 1478c2ecf20Sopenharmony_ciextern key_ref_t search_process_keyrings_rcu(struct keyring_search_context *ctx); 1488c2ecf20Sopenharmony_ci 1498c2ecf20Sopenharmony_ciextern struct key *find_keyring_by_name(const char *name, bool uid_keyring); 1508c2ecf20Sopenharmony_ci 1518c2ecf20Sopenharmony_ciextern int look_up_user_keyrings(struct key **, struct key **); 1528c2ecf20Sopenharmony_ciextern struct key *get_user_session_keyring_rcu(const struct cred *); 1538c2ecf20Sopenharmony_ciextern int install_thread_keyring_to_cred(struct cred *); 1548c2ecf20Sopenharmony_ciextern int install_process_keyring_to_cred(struct cred *); 1558c2ecf20Sopenharmony_ciextern int install_session_keyring_to_cred(struct cred *, struct key *); 1568c2ecf20Sopenharmony_ci 1578c2ecf20Sopenharmony_ciextern struct key *request_key_and_link(struct key_type *type, 1588c2ecf20Sopenharmony_ci const char *description, 1598c2ecf20Sopenharmony_ci struct key_tag *domain_tag, 1608c2ecf20Sopenharmony_ci const void *callout_info, 1618c2ecf20Sopenharmony_ci size_t callout_len, 1628c2ecf20Sopenharmony_ci void *aux, 1638c2ecf20Sopenharmony_ci struct key *dest_keyring, 1648c2ecf20Sopenharmony_ci unsigned long flags); 1658c2ecf20Sopenharmony_ci 1668c2ecf20Sopenharmony_ciextern bool lookup_user_key_possessed(const struct key *key, 1678c2ecf20Sopenharmony_ci const struct key_match_data *match_data); 1688c2ecf20Sopenharmony_ci#define KEY_LOOKUP_CREATE 0x01 1698c2ecf20Sopenharmony_ci#define KEY_LOOKUP_PARTIAL 0x02 1708c2ecf20Sopenharmony_ci 1718c2ecf20Sopenharmony_ciextern long join_session_keyring(const char *name); 1728c2ecf20Sopenharmony_ciextern void key_change_session_keyring(struct callback_head *twork); 1738c2ecf20Sopenharmony_ci 1748c2ecf20Sopenharmony_ciextern struct work_struct key_gc_work; 1758c2ecf20Sopenharmony_ciextern unsigned key_gc_delay; 1768c2ecf20Sopenharmony_ciextern void keyring_gc(struct key *keyring, time64_t limit); 1778c2ecf20Sopenharmony_ciextern void keyring_restriction_gc(struct key *keyring, 1788c2ecf20Sopenharmony_ci struct key_type *dead_type); 1798c2ecf20Sopenharmony_civoid key_set_expiry(struct key *key, time64_t expiry); 1808c2ecf20Sopenharmony_ciextern void key_schedule_gc(time64_t gc_at); 1818c2ecf20Sopenharmony_ciextern void key_schedule_gc_links(void); 1828c2ecf20Sopenharmony_ciextern void key_gc_keytype(struct key_type *ktype); 1838c2ecf20Sopenharmony_ci 1848c2ecf20Sopenharmony_ciextern int key_task_permission(const key_ref_t key_ref, 1858c2ecf20Sopenharmony_ci const struct cred *cred, 1868c2ecf20Sopenharmony_ci enum key_need_perm need_perm); 1878c2ecf20Sopenharmony_ci 1888c2ecf20Sopenharmony_cistatic inline void notify_key(struct key *key, 1898c2ecf20Sopenharmony_ci enum key_notification_subtype subtype, u32 aux) 1908c2ecf20Sopenharmony_ci{ 1918c2ecf20Sopenharmony_ci#ifdef CONFIG_KEY_NOTIFICATIONS 1928c2ecf20Sopenharmony_ci struct key_notification n = { 1938c2ecf20Sopenharmony_ci .watch.type = WATCH_TYPE_KEY_NOTIFY, 1948c2ecf20Sopenharmony_ci .watch.subtype = subtype, 1958c2ecf20Sopenharmony_ci .watch.info = watch_sizeof(n), 1968c2ecf20Sopenharmony_ci .key_id = key_serial(key), 1978c2ecf20Sopenharmony_ci .aux = aux, 1988c2ecf20Sopenharmony_ci }; 1998c2ecf20Sopenharmony_ci 2008c2ecf20Sopenharmony_ci post_watch_notification(key->watchers, &n.watch, current_cred(), 2018c2ecf20Sopenharmony_ci n.key_id); 2028c2ecf20Sopenharmony_ci#endif 2038c2ecf20Sopenharmony_ci} 2048c2ecf20Sopenharmony_ci 2058c2ecf20Sopenharmony_ci/* 2068c2ecf20Sopenharmony_ci * Check to see whether permission is granted to use a key in the desired way. 2078c2ecf20Sopenharmony_ci */ 2088c2ecf20Sopenharmony_cistatic inline int key_permission(const key_ref_t key_ref, 2098c2ecf20Sopenharmony_ci enum key_need_perm need_perm) 2108c2ecf20Sopenharmony_ci{ 2118c2ecf20Sopenharmony_ci return key_task_permission(key_ref, current_cred(), need_perm); 2128c2ecf20Sopenharmony_ci} 2138c2ecf20Sopenharmony_ci 2148c2ecf20Sopenharmony_ciextern struct key_type key_type_request_key_auth; 2158c2ecf20Sopenharmony_ciextern struct key *request_key_auth_new(struct key *target, 2168c2ecf20Sopenharmony_ci const char *op, 2178c2ecf20Sopenharmony_ci const void *callout_info, 2188c2ecf20Sopenharmony_ci size_t callout_len, 2198c2ecf20Sopenharmony_ci struct key *dest_keyring); 2208c2ecf20Sopenharmony_ci 2218c2ecf20Sopenharmony_ciextern struct key *key_get_instantiation_authkey(key_serial_t target_id); 2228c2ecf20Sopenharmony_ci 2238c2ecf20Sopenharmony_ci/* 2248c2ecf20Sopenharmony_ci * Determine whether a key is dead. 2258c2ecf20Sopenharmony_ci */ 2268c2ecf20Sopenharmony_cistatic inline bool key_is_dead(const struct key *key, time64_t limit) 2278c2ecf20Sopenharmony_ci{ 2288c2ecf20Sopenharmony_ci time64_t expiry = key->expiry; 2298c2ecf20Sopenharmony_ci 2308c2ecf20Sopenharmony_ci if (expiry != TIME64_MAX) { 2318c2ecf20Sopenharmony_ci if (!(key->type->flags & KEY_TYPE_INSTANT_REAP)) 2328c2ecf20Sopenharmony_ci expiry += key_gc_delay; 2338c2ecf20Sopenharmony_ci if (expiry <= limit) 2348c2ecf20Sopenharmony_ci return true; 2358c2ecf20Sopenharmony_ci } 2368c2ecf20Sopenharmony_ci 2378c2ecf20Sopenharmony_ci return 2388c2ecf20Sopenharmony_ci key->flags & ((1 << KEY_FLAG_DEAD) | 2398c2ecf20Sopenharmony_ci (1 << KEY_FLAG_INVALIDATED)) || 2408c2ecf20Sopenharmony_ci key->domain_tag->removed; 2418c2ecf20Sopenharmony_ci} 2428c2ecf20Sopenharmony_ci 2438c2ecf20Sopenharmony_ci/* 2448c2ecf20Sopenharmony_ci * keyctl() functions 2458c2ecf20Sopenharmony_ci */ 2468c2ecf20Sopenharmony_ciextern long keyctl_get_keyring_ID(key_serial_t, int); 2478c2ecf20Sopenharmony_ciextern long keyctl_join_session_keyring(const char __user *); 2488c2ecf20Sopenharmony_ciextern long keyctl_update_key(key_serial_t, const void __user *, size_t); 2498c2ecf20Sopenharmony_ciextern long keyctl_revoke_key(key_serial_t); 2508c2ecf20Sopenharmony_ciextern long keyctl_keyring_clear(key_serial_t); 2518c2ecf20Sopenharmony_ciextern long keyctl_keyring_link(key_serial_t, key_serial_t); 2528c2ecf20Sopenharmony_ciextern long keyctl_keyring_move(key_serial_t, key_serial_t, key_serial_t, unsigned int); 2538c2ecf20Sopenharmony_ciextern long keyctl_keyring_unlink(key_serial_t, key_serial_t); 2548c2ecf20Sopenharmony_ciextern long keyctl_describe_key(key_serial_t, char __user *, size_t); 2558c2ecf20Sopenharmony_ciextern long keyctl_keyring_search(key_serial_t, const char __user *, 2568c2ecf20Sopenharmony_ci const char __user *, key_serial_t); 2578c2ecf20Sopenharmony_ciextern long keyctl_read_key(key_serial_t, char __user *, size_t); 2588c2ecf20Sopenharmony_ciextern long keyctl_chown_key(key_serial_t, uid_t, gid_t); 2598c2ecf20Sopenharmony_ciextern long keyctl_setperm_key(key_serial_t, key_perm_t); 2608c2ecf20Sopenharmony_ciextern long keyctl_instantiate_key(key_serial_t, const void __user *, 2618c2ecf20Sopenharmony_ci size_t, key_serial_t); 2628c2ecf20Sopenharmony_ciextern long keyctl_negate_key(key_serial_t, unsigned, key_serial_t); 2638c2ecf20Sopenharmony_ciextern long keyctl_set_reqkey_keyring(int); 2648c2ecf20Sopenharmony_ciextern long keyctl_set_timeout(key_serial_t, unsigned); 2658c2ecf20Sopenharmony_ciextern long keyctl_assume_authority(key_serial_t); 2668c2ecf20Sopenharmony_ciextern long keyctl_get_security(key_serial_t keyid, char __user *buffer, 2678c2ecf20Sopenharmony_ci size_t buflen); 2688c2ecf20Sopenharmony_ciextern long keyctl_session_to_parent(void); 2698c2ecf20Sopenharmony_ciextern long keyctl_reject_key(key_serial_t, unsigned, unsigned, key_serial_t); 2708c2ecf20Sopenharmony_ciextern long keyctl_instantiate_key_iov(key_serial_t, 2718c2ecf20Sopenharmony_ci const struct iovec __user *, 2728c2ecf20Sopenharmony_ci unsigned, key_serial_t); 2738c2ecf20Sopenharmony_ciextern long keyctl_invalidate_key(key_serial_t); 2748c2ecf20Sopenharmony_ciextern long keyctl_restrict_keyring(key_serial_t id, 2758c2ecf20Sopenharmony_ci const char __user *_type, 2768c2ecf20Sopenharmony_ci const char __user *_restriction); 2778c2ecf20Sopenharmony_ci#ifdef CONFIG_PERSISTENT_KEYRINGS 2788c2ecf20Sopenharmony_ciextern long keyctl_get_persistent(uid_t, key_serial_t); 2798c2ecf20Sopenharmony_ciextern unsigned persistent_keyring_expiry; 2808c2ecf20Sopenharmony_ci#else 2818c2ecf20Sopenharmony_cistatic inline long keyctl_get_persistent(uid_t uid, key_serial_t destring) 2828c2ecf20Sopenharmony_ci{ 2838c2ecf20Sopenharmony_ci return -EOPNOTSUPP; 2848c2ecf20Sopenharmony_ci} 2858c2ecf20Sopenharmony_ci#endif 2868c2ecf20Sopenharmony_ci 2878c2ecf20Sopenharmony_ci#ifdef CONFIG_KEY_DH_OPERATIONS 2888c2ecf20Sopenharmony_ciextern long keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *, 2898c2ecf20Sopenharmony_ci size_t, struct keyctl_kdf_params __user *); 2908c2ecf20Sopenharmony_ciextern long __keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *, 2918c2ecf20Sopenharmony_ci size_t, struct keyctl_kdf_params *); 2928c2ecf20Sopenharmony_ci#ifdef CONFIG_COMPAT 2938c2ecf20Sopenharmony_ciextern long compat_keyctl_dh_compute(struct keyctl_dh_params __user *params, 2948c2ecf20Sopenharmony_ci char __user *buffer, size_t buflen, 2958c2ecf20Sopenharmony_ci struct compat_keyctl_kdf_params __user *kdf); 2968c2ecf20Sopenharmony_ci#endif 2978c2ecf20Sopenharmony_ci#define KEYCTL_KDF_MAX_OUTPUT_LEN 1024 /* max length of KDF output */ 2988c2ecf20Sopenharmony_ci#define KEYCTL_KDF_MAX_OI_LEN 64 /* max length of otherinfo */ 2998c2ecf20Sopenharmony_ci#else 3008c2ecf20Sopenharmony_cistatic inline long keyctl_dh_compute(struct keyctl_dh_params __user *params, 3018c2ecf20Sopenharmony_ci char __user *buffer, size_t buflen, 3028c2ecf20Sopenharmony_ci struct keyctl_kdf_params __user *kdf) 3038c2ecf20Sopenharmony_ci{ 3048c2ecf20Sopenharmony_ci return -EOPNOTSUPP; 3058c2ecf20Sopenharmony_ci} 3068c2ecf20Sopenharmony_ci 3078c2ecf20Sopenharmony_ci#ifdef CONFIG_COMPAT 3088c2ecf20Sopenharmony_cistatic inline long compat_keyctl_dh_compute( 3098c2ecf20Sopenharmony_ci struct keyctl_dh_params __user *params, 3108c2ecf20Sopenharmony_ci char __user *buffer, size_t buflen, 3118c2ecf20Sopenharmony_ci struct keyctl_kdf_params __user *kdf) 3128c2ecf20Sopenharmony_ci{ 3138c2ecf20Sopenharmony_ci return -EOPNOTSUPP; 3148c2ecf20Sopenharmony_ci} 3158c2ecf20Sopenharmony_ci#endif 3168c2ecf20Sopenharmony_ci#endif 3178c2ecf20Sopenharmony_ci 3188c2ecf20Sopenharmony_ci#ifdef CONFIG_ASYMMETRIC_KEY_TYPE 3198c2ecf20Sopenharmony_ciextern long keyctl_pkey_query(key_serial_t, 3208c2ecf20Sopenharmony_ci const char __user *, 3218c2ecf20Sopenharmony_ci struct keyctl_pkey_query __user *); 3228c2ecf20Sopenharmony_ci 3238c2ecf20Sopenharmony_ciextern long keyctl_pkey_verify(const struct keyctl_pkey_params __user *, 3248c2ecf20Sopenharmony_ci const char __user *, 3258c2ecf20Sopenharmony_ci const void __user *, const void __user *); 3268c2ecf20Sopenharmony_ci 3278c2ecf20Sopenharmony_ciextern long keyctl_pkey_e_d_s(int, 3288c2ecf20Sopenharmony_ci const struct keyctl_pkey_params __user *, 3298c2ecf20Sopenharmony_ci const char __user *, 3308c2ecf20Sopenharmony_ci const void __user *, void __user *); 3318c2ecf20Sopenharmony_ci#else 3328c2ecf20Sopenharmony_cistatic inline long keyctl_pkey_query(key_serial_t id, 3338c2ecf20Sopenharmony_ci const char __user *_info, 3348c2ecf20Sopenharmony_ci struct keyctl_pkey_query __user *_res) 3358c2ecf20Sopenharmony_ci{ 3368c2ecf20Sopenharmony_ci return -EOPNOTSUPP; 3378c2ecf20Sopenharmony_ci} 3388c2ecf20Sopenharmony_ci 3398c2ecf20Sopenharmony_cistatic inline long keyctl_pkey_verify(const struct keyctl_pkey_params __user *params, 3408c2ecf20Sopenharmony_ci const char __user *_info, 3418c2ecf20Sopenharmony_ci const void __user *_in, 3428c2ecf20Sopenharmony_ci const void __user *_in2) 3438c2ecf20Sopenharmony_ci{ 3448c2ecf20Sopenharmony_ci return -EOPNOTSUPP; 3458c2ecf20Sopenharmony_ci} 3468c2ecf20Sopenharmony_ci 3478c2ecf20Sopenharmony_cistatic inline long keyctl_pkey_e_d_s(int op, 3488c2ecf20Sopenharmony_ci const struct keyctl_pkey_params __user *params, 3498c2ecf20Sopenharmony_ci const char __user *_info, 3508c2ecf20Sopenharmony_ci const void __user *_in, 3518c2ecf20Sopenharmony_ci void __user *_out) 3528c2ecf20Sopenharmony_ci{ 3538c2ecf20Sopenharmony_ci return -EOPNOTSUPP; 3548c2ecf20Sopenharmony_ci} 3558c2ecf20Sopenharmony_ci#endif 3568c2ecf20Sopenharmony_ci 3578c2ecf20Sopenharmony_ciextern long keyctl_capabilities(unsigned char __user *_buffer, size_t buflen); 3588c2ecf20Sopenharmony_ci 3598c2ecf20Sopenharmony_ci#ifdef CONFIG_KEY_NOTIFICATIONS 3608c2ecf20Sopenharmony_ciextern long keyctl_watch_key(key_serial_t, int, int); 3618c2ecf20Sopenharmony_ci#else 3628c2ecf20Sopenharmony_cistatic inline long keyctl_watch_key(key_serial_t key_id, int watch_fd, int watch_id) 3638c2ecf20Sopenharmony_ci{ 3648c2ecf20Sopenharmony_ci return -EOPNOTSUPP; 3658c2ecf20Sopenharmony_ci} 3668c2ecf20Sopenharmony_ci#endif 3678c2ecf20Sopenharmony_ci 3688c2ecf20Sopenharmony_ci/* 3698c2ecf20Sopenharmony_ci * Debugging key validation 3708c2ecf20Sopenharmony_ci */ 3718c2ecf20Sopenharmony_ci#ifdef KEY_DEBUGGING 3728c2ecf20Sopenharmony_ciextern void __key_check(const struct key *); 3738c2ecf20Sopenharmony_ci 3748c2ecf20Sopenharmony_cistatic inline void key_check(const struct key *key) 3758c2ecf20Sopenharmony_ci{ 3768c2ecf20Sopenharmony_ci if (key && (IS_ERR(key) || key->magic != KEY_DEBUG_MAGIC)) 3778c2ecf20Sopenharmony_ci __key_check(key); 3788c2ecf20Sopenharmony_ci} 3798c2ecf20Sopenharmony_ci 3808c2ecf20Sopenharmony_ci#else 3818c2ecf20Sopenharmony_ci 3828c2ecf20Sopenharmony_ci#define key_check(key) do {} while(0) 3838c2ecf20Sopenharmony_ci 3848c2ecf20Sopenharmony_ci#endif 3858c2ecf20Sopenharmony_ci#endif /* _INTERNAL_H */ 386