mirror of
https://github.com/torvalds/linux.git
synced 2024-12-16 16:12:52 +00:00
9f6ed2ca25
For CIFS, we want to be able to store NTLM credentials (aka username and password) in the keyring. We do not, however want to allow users to fetch those keys back out of the keyring since that would be a security risk. Unfortunately, due to the nuances of key permission bits, it's not possible to do this. We need to grant search permissions so the kernel can find these keys, but that also implies permissions to read the payload. Resolve this by adding a new key_type. This key type is essentially the same as key_type_user, but does not define a .read op. This prevents the payload from ever being visible from userspace. This key type also vets the description to ensure that it's "qualified" by checking to ensure that it has a ':' in it that is preceded by other characters. Acked-by: David Howells <dhowells@redhat.com> Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <smfrench@gmail.com>
49 lines
1.7 KiB
C
49 lines
1.7 KiB
C
/* user-type.h: User-defined key type
|
|
*
|
|
* Copyright (C) 2005 Red Hat, Inc. All Rights Reserved.
|
|
* Written by David Howells (dhowells@redhat.com)
|
|
*
|
|
* This program is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU General Public License
|
|
* as published by the Free Software Foundation; either version
|
|
* 2 of the License, or (at your option) any later version.
|
|
*/
|
|
|
|
#ifndef _KEYS_USER_TYPE_H
|
|
#define _KEYS_USER_TYPE_H
|
|
|
|
#include <linux/key.h>
|
|
#include <linux/rcupdate.h>
|
|
|
|
/*****************************************************************************/
|
|
/*
|
|
* the payload for a key of type "user" or "logon"
|
|
* - once filled in and attached to a key:
|
|
* - the payload struct is invariant may not be changed, only replaced
|
|
* - the payload must be read with RCU procedures or with the key semaphore
|
|
* held
|
|
* - the payload may only be replaced with the key semaphore write-locked
|
|
* - the key's data length is the size of the actual data, not including the
|
|
* payload wrapper
|
|
*/
|
|
struct user_key_payload {
|
|
struct rcu_head rcu; /* RCU destructor */
|
|
unsigned short datalen; /* length of this data */
|
|
char data[0]; /* actual data */
|
|
};
|
|
|
|
extern struct key_type key_type_user;
|
|
extern struct key_type key_type_logon;
|
|
|
|
extern int user_instantiate(struct key *key, const void *data, size_t datalen);
|
|
extern int user_update(struct key *key, const void *data, size_t datalen);
|
|
extern int user_match(const struct key *key, const void *criterion);
|
|
extern void user_revoke(struct key *key);
|
|
extern void user_destroy(struct key *key);
|
|
extern void user_describe(const struct key *user, struct seq_file *m);
|
|
extern long user_read(const struct key *key,
|
|
char __user *buffer, size_t buflen);
|
|
|
|
|
|
#endif /* _KEYS_USER_TYPE_H */
|