URL https://opencores.org/ocsvn/test_project/test_project/trunk

Subversion Repositories test_project

[/] [test_project/] [trunk/] [linux_sd_driver/] [include/] [linux/] [key.h] - Blame information for rev 62

Details | Compare with Previous | View Log


/* Authentication token and access key management
 *
 * Copyright (C) 2004, 2007 Red Hat, Inc. All Rights Reserved.
 * Written by David Howells (dhowells@redhat.com)
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version
 * 2 of the License, or (at your option) any later version.
 *
 *
 * See Documentation/keys.txt for information on keys/keyrings.
 */
 
#ifndef _LINUX_KEY_H
#define _LINUX_KEY_H
 
#include <linux/types.h>
#include <linux/list.h>
#include <linux/rbtree.h>
#include <linux/rcupdate.h>
#include <asm/atomic.h>
 
#ifdef __KERNEL__
 
/* key handle serial number */
typedef int32_t key_serial_t;
 
/* key handle permissions mask */
typedef uint32_t key_perm_t;
 
struct key;
 
#ifdef CONFIG_KEYS
 
#undef KEY_DEBUGGING
 
#define KEY_POS_VIEW    0x01000000      /* possessor can view a key's attributes */
#define KEY_POS_READ    0x02000000      /* possessor can read key payload / view keyring */
#define KEY_POS_WRITE   0x04000000      /* possessor can update key payload / add link to keyring */
#define KEY_POS_SEARCH  0x08000000      /* possessor can find a key in search / search a keyring */
#define KEY_POS_LINK    0x10000000      /* possessor can create a link to a key/keyring */
#define KEY_POS_SETATTR 0x20000000      /* possessor can set key attributes */
#define KEY_POS_ALL     0x3f000000
 
#define KEY_USR_VIEW    0x00010000      /* user permissions... */
#define KEY_USR_READ    0x00020000
#define KEY_USR_WRITE   0x00040000
#define KEY_USR_SEARCH  0x00080000
#define KEY_USR_LINK    0x00100000
#define KEY_USR_SETATTR 0x00200000
#define KEY_USR_ALL     0x003f0000
 
#define KEY_GRP_VIEW    0x00000100      /* group permissions... */
#define KEY_GRP_READ    0x00000200
#define KEY_GRP_WRITE   0x00000400
#define KEY_GRP_SEARCH  0x00000800
#define KEY_GRP_LINK    0x00001000
#define KEY_GRP_SETATTR 0x00002000
#define KEY_GRP_ALL     0x00003f00
 
#define KEY_OTH_VIEW    0x00000001      /* third party permissions... */
#define KEY_OTH_READ    0x00000002
#define KEY_OTH_WRITE   0x00000004
#define KEY_OTH_SEARCH  0x00000008
#define KEY_OTH_LINK    0x00000010
#define KEY_OTH_SETATTR 0x00000020
#define KEY_OTH_ALL     0x0000003f
 
struct seq_file;
struct user_struct;
struct signal_struct;
 
struct key_type;
struct key_owner;
struct keyring_list;
struct keyring_name;
 
/*****************************************************************************/
/*
 * key reference with possession attribute handling
 *
 * NOTE! key_ref_t is a typedef'd pointer to a type that is not actually
 * defined. This is because we abuse the bottom bit of the reference to carry a
 * flag to indicate whether the calling process possesses that key in one of
 * its keyrings.
 *
 * the key_ref_t has been made a separate type so that the compiler can reject
 * attempts to dereference it without proper conversion.
 *
 * the three functions are used to assemble and disassemble references
 */
typedef struct __key_reference_with_attributes *key_ref_t;
 
static inline key_ref_t make_key_ref(const struct key *key,
                                     unsigned long possession)
{
        return (key_ref_t) ((unsigned long) key | possession);
}
 
static inline struct key *key_ref_to_ptr(const key_ref_t key_ref)
{
        return (struct key *) ((unsigned long) key_ref & ~1UL);
}
 
static inline unsigned long is_key_possessed(const key_ref_t key_ref)
{
        return (unsigned long) key_ref & 1UL;
}
 
/*****************************************************************************/
/*
 * authentication token / access credential / keyring
 * - types of key include:
 *   - keyrings
 *   - disk encryption IDs
 *   - Kerberos TGTs and tickets
 */
struct key {
        atomic_t                usage;          /* number of references */
        key_serial_t            serial;         /* key serial number */
        struct rb_node          serial_node;
        struct key_type         *type;          /* type of key */
        struct rw_semaphore     sem;            /* change vs change sem */
        struct key_user         *user;          /* owner of this key */
        void                    *security;      /* security data for this key */
        time_t                  expiry;         /* time at which key expires (or 0) */
        uid_t                   uid;
        gid_t                   gid;
        key_perm_t              perm;           /* access permissions */
        unsigned short          quotalen;       /* length added to quota */
        unsigned short          datalen;        /* payload data length
                                                 * - may not match RCU dereferenced payload
                                                 * - payload should contain own length
                                                 */
 
#ifdef KEY_DEBUGGING
        unsigned                magic;
#define KEY_DEBUG_MAGIC         0x18273645u
#define KEY_DEBUG_MAGIC_X       0xf8e9dacbu
#endif
 
        unsigned long           flags;          /* status flags (change with bitops) */
#define KEY_FLAG_INSTANTIATED   0        /* set if key has been instantiated */
#define KEY_FLAG_DEAD           1       /* set if key type has been deleted */
#define KEY_FLAG_REVOKED        2       /* set if key had been revoked */
#define KEY_FLAG_IN_QUOTA       3       /* set if key consumes quota */
#define KEY_FLAG_USER_CONSTRUCT 4       /* set if key is being constructed in userspace */
#define KEY_FLAG_NEGATIVE       5       /* set if key is negative */
 
        /* the description string
         * - this is used to match a key against search criteria
         * - this should be a printable string
         * - eg: for krb5 AFS, this might be "afs@REDHAT.COM"
         */
        char                    *description;
 
        /* type specific data
         * - this is used by the keyring type to index the name
         */
        union {
                struct list_head        link;
                unsigned long           x[2];
                void                    *p[2];
        } type_data;
 
        /* key data
         * - this is used to hold the data actually used in cryptography or
         *   whatever
         */
        union {
                unsigned long           value;
                void                    *data;
                struct keyring_list     *subscriptions;
        } payload;
};
 
extern struct key *key_alloc(struct key_type *type,
                             const char *desc,
                             uid_t uid, gid_t gid,
                             struct task_struct *ctx,
                             key_perm_t perm,
                             unsigned long flags);
 
 
#define KEY_ALLOC_IN_QUOTA      0x0000  /* add to quota, reject if would overrun */
#define KEY_ALLOC_QUOTA_OVERRUN 0x0001  /* add to quota, permit even if overrun */
#define KEY_ALLOC_NOT_IN_QUOTA  0x0002  /* not in quota */
 
extern void key_revoke(struct key *key);
extern void key_put(struct key *key);
 
static inline struct key *key_get(struct key *key)
{
        if (key)
                atomic_inc(&key->usage);
        return key;
}
 
static inline void key_ref_put(key_ref_t key_ref)
{
        key_put(key_ref_to_ptr(key_ref));
}
 
extern struct key *request_key(struct key_type *type,
                               const char *description,
                               const char *callout_info);
 
extern struct key *request_key_with_auxdata(struct key_type *type,
                                            const char *description,
                                            const char *callout_info,
                                            void *aux);
 
extern struct key *request_key_async(struct key_type *type,
                                     const char *description,
                                     const char *callout_info);
 
extern struct key *request_key_async_with_auxdata(struct key_type *type,
                                                  const char *description,
                                                  const char *callout_info,
                                                  void *aux);
 
extern int wait_for_key_construction(struct key *key, bool intr);
 
extern int key_validate(struct key *key);
 
extern key_ref_t key_create_or_update(key_ref_t keyring,
                                      const char *type,
                                      const char *description,
                                      const void *payload,
                                      size_t plen,
                                      unsigned long flags);
 
extern int key_update(key_ref_t key,
                      const void *payload,
                      size_t plen);
 
extern int key_link(struct key *keyring,
                    struct key *key);
 
extern int key_unlink(struct key *keyring,
                      struct key *key);
 
extern struct key *keyring_alloc(const char *description, uid_t uid, gid_t gid,
                                 struct task_struct *ctx,
                                 unsigned long flags,
                                 struct key *dest);
 
extern int keyring_clear(struct key *keyring);
 
extern key_ref_t keyring_search(key_ref_t keyring,
                                struct key_type *type,
                                const char *description);
 
extern int keyring_add_key(struct key *keyring,
                           struct key *key);
 
extern struct key *key_lookup(key_serial_t id);
 
#define key_serial(key) ((key) ? (key)->serial : 0)
 
/*
 * the userspace interface
 */
extern struct key root_user_keyring, root_session_keyring;
extern int alloc_uid_keyring(struct user_struct *user,
                             struct task_struct *ctx);
extern void switch_uid_keyring(struct user_struct *new_user);
extern int copy_keys(unsigned long clone_flags, struct task_struct *tsk);
extern int copy_thread_group_keys(struct task_struct *tsk);
extern void exit_keys(struct task_struct *tsk);
extern void exit_thread_group_keys(struct signal_struct *tg);
extern int suid_keys(struct task_struct *tsk);
extern int exec_keys(struct task_struct *tsk);
extern void key_fsuid_changed(struct task_struct *tsk);
extern void key_fsgid_changed(struct task_struct *tsk);
extern void key_init(void);
 
#define __install_session_keyring(tsk, keyring)                 \
({                                                              \
        struct key *old_session = tsk->signal->session_keyring; \
        tsk->signal->session_keyring = keyring;                 \
        old_session;                                            \
})
 
#else /* CONFIG_KEYS */
 
#define key_validate(k)                 0
#define key_serial(k)                   0
#define key_get(k)                      ({ NULL; })
#define key_put(k)                      do { } while(0)
#define key_ref_put(k)                  do { } while(0)
#define make_key_ref(k, p)                      ({ NULL; })
#define key_ref_to_ptr(k)               ({ NULL; })
#define is_key_possessed(k)             0
#define alloc_uid_keyring(u,c)          0
#define switch_uid_keyring(u)           do { } while(0)
#define __install_session_keyring(t, k) ({ NULL; })
#define copy_keys(f,t)                  0
#define copy_thread_group_keys(t)       0
#define exit_keys(t)                    do { } while(0)
#define exit_thread_group_keys(tg)      do { } while(0)
#define suid_keys(t)                    do { } while(0)
#define exec_keys(t)                    do { } while(0)
#define key_fsuid_changed(t)            do { } while(0)
#define key_fsgid_changed(t)            do { } while(0)
#define key_init()                      do { } while(0)
 
/* Initial keyrings */
extern struct key root_user_keyring;
extern struct key root_session_keyring;
 
#endif /* CONFIG_KEYS */
#endif /* __KERNEL__ */
#endif /* _LINUX_KEY_H */

Browse

Tools

Subversion Repositories test_project

[/] [test_project/] [trunk/] [linux_sd_driver/] [include/] [linux/] [key.h] - Blame information for rev 62

Line No.	Rev	Author	Line
1	62	marcus.erl	`/* Authentication token and access key management`
2			`*`
3			`* Copyright (C) 2004, 2007 Red Hat, Inc. All Rights Reserved.`
4			`* Written by David Howells (dhowells@redhat.com)`
5			`*`
6			`* This program is free software; you can redistribute it and/or`
7			`* modify it under the terms of the GNU General Public License`
8			`* as published by the Free Software Foundation; either version`
9			`* 2 of the License, or (at your option) any later version.`
10			`*`
11			`*`
12			`* See Documentation/keys.txt for information on keys/keyrings.`
13			`*/`
14
15			`#ifndef _LINUX_KEY_H`
16			`#define _LINUX_KEY_H`
17
18			`#include <linux/types.h>`
19			`#include <linux/list.h>`
20			`#include <linux/rbtree.h>`
21			`#include <linux/rcupdate.h>`
22			`#include <asm/atomic.h>`
23
24			`#ifdef __KERNEL__`
25
26			`/* key handle serial number */`
27			`typedef int32_t key_serial_t;`
28
29			`/* key handle permissions mask */`
30			`typedef uint32_t key_perm_t;`
31
32			`struct key;`
33
34			`#ifdef CONFIG_KEYS`
35
36			`#undef KEY_DEBUGGING`
37
38			`#define KEY_POS_VIEW 0x01000000 /* possessor can view a key's attributes */`
39			`#define KEY_POS_READ 0x02000000 /* possessor can read key payload / view keyring */`
40			`#define KEY_POS_WRITE 0x04000000 /* possessor can update key payload / add link to keyring */`
41			`#define KEY_POS_SEARCH 0x08000000 /* possessor can find a key in search / search a keyring */`
42			`#define KEY_POS_LINK 0x10000000 /* possessor can create a link to a key/keyring */`
43			`#define KEY_POS_SETATTR 0x20000000 /* possessor can set key attributes */`
44			`#define KEY_POS_ALL 0x3f000000`
45
46			`#define KEY_USR_VIEW 0x00010000 /* user permissions... */`
47			`#define KEY_USR_READ 0x00020000`
48			`#define KEY_USR_WRITE 0x00040000`
49			`#define KEY_USR_SEARCH 0x00080000`
50			`#define KEY_USR_LINK 0x00100000`
51			`#define KEY_USR_SETATTR 0x00200000`
52			`#define KEY_USR_ALL 0x003f0000`
53
54			`#define KEY_GRP_VIEW 0x00000100 /* group permissions... */`
55			`#define KEY_GRP_READ 0x00000200`
56			`#define KEY_GRP_WRITE 0x00000400`
57			`#define KEY_GRP_SEARCH 0x00000800`
58			`#define KEY_GRP_LINK 0x00001000`
59			`#define KEY_GRP_SETATTR 0x00002000`
60			`#define KEY_GRP_ALL 0x00003f00`
61
62			`#define KEY_OTH_VIEW 0x00000001 /* third party permissions... */`
63			`#define KEY_OTH_READ 0x00000002`
64			`#define KEY_OTH_WRITE 0x00000004`
65			`#define KEY_OTH_SEARCH 0x00000008`
66			`#define KEY_OTH_LINK 0x00000010`
67			`#define KEY_OTH_SETATTR 0x00000020`
68			`#define KEY_OTH_ALL 0x0000003f`
69
70			`struct seq_file;`
71			`struct user_struct;`
72			`struct signal_struct;`
73
74			`struct key_type;`
75			`struct key_owner;`
76			`struct keyring_list;`
77			`struct keyring_name;`
78
79			`/*****************************************************************************/`
80			`/*`
81			`* key reference with possession attribute handling`
82			`*`
83			`* NOTE! key_ref_t is a typedef'd pointer to a type that is not actually`
84			`* defined. This is because we abuse the bottom bit of the reference to carry a`
85			`* flag to indicate whether the calling process possesses that key in one of`
86			`* its keyrings.`
87			`*`
88			`* the key_ref_t has been made a separate type so that the compiler can reject`
89			`* attempts to dereference it without proper conversion.`
90			`*`
91			`* the three functions are used to assemble and disassemble references`
92			`*/`
93			`typedef struct __key_reference_with_attributes *key_ref_t;`
94
95			`static inline key_ref_t make_key_ref(const struct key *key,`
96			`unsigned long possession)`
97			`{`
98			`return (key_ref_t) ((unsigned long) key \| possession);`
99			`}`
100
101			`static inline struct key *key_ref_to_ptr(const key_ref_t key_ref)`
102			`{`
103			`return (struct key *) ((unsigned long) key_ref & ~1UL);`
104			`}`
105
106			`static inline unsigned long is_key_possessed(const key_ref_t key_ref)`
107			`{`
108			`return (unsigned long) key_ref & 1UL;`
109			`}`
110
111			`/*****************************************************************************/`
112			`/*`
113			`* authentication token / access credential / keyring`
114			`* - types of key include:`
115			`* - keyrings`
116			`* - disk encryption IDs`
117			`* - Kerberos TGTs and tickets`
118			`*/`
119			`struct key {`
120			`atomic_t usage; /* number of references */`
121			`key_serial_t serial; /* key serial number */`
122			`struct rb_node serial_node;`
123			`struct key_type type; / type of key */`
124			`struct rw_semaphore sem; /* change vs change sem */`
125			`struct key_user user; / owner of this key */`
126			`void security; / security data for this key */`
127			`time_t expiry; /* time at which key expires (or 0) */`
128			`uid_t uid;`
129			`gid_t gid;`
130			`key_perm_t perm; /* access permissions */`
131			`unsigned short quotalen; /* length added to quota */`
132			`unsigned short datalen; /* payload data length`
133			`* - may not match RCU dereferenced payload`
134			`* - payload should contain own length`
135			`*/`
136
137			`#ifdef KEY_DEBUGGING`
138			`unsigned magic;`
139			`#define KEY_DEBUG_MAGIC 0x18273645u`
140			`#define KEY_DEBUG_MAGIC_X 0xf8e9dacbu`
141			`#endif`
142
143			`unsigned long flags; /* status flags (change with bitops) */`
144			`#define KEY_FLAG_INSTANTIATED 0 /* set if key has been instantiated */`
145			`#define KEY_FLAG_DEAD 1 /* set if key type has been deleted */`
146			`#define KEY_FLAG_REVOKED 2 /* set if key had been revoked */`
147			`#define KEY_FLAG_IN_QUOTA 3 /* set if key consumes quota */`
148			`#define KEY_FLAG_USER_CONSTRUCT 4 /* set if key is being constructed in userspace */`
149			`#define KEY_FLAG_NEGATIVE 5 /* set if key is negative */`
150
151			`/* the description string`
152			`* - this is used to match a key against search criteria`
153			`* - this should be a printable string`
154			`* - eg: for krb5 AFS, this might be "afs@REDHAT.COM"`
155			`*/`
156			`char *description;`
157
158			`/* type specific data`
159			`* - this is used by the keyring type to index the name`
160			`*/`
161			`union {`
162			`struct list_head link;`
163			`unsigned long x[2];`
164			`void *p[2];`
165			`} type_data;`
166
167			`/* key data`
168			`* - this is used to hold the data actually used in cryptography or`
169			`* whatever`
170			`*/`
171			`union {`
172			`unsigned long value;`
173			`void *data;`
174			`struct keyring_list *subscriptions;`
175			`} payload;`
176			`};`
177
178			`extern struct key key_alloc(struct key_type type,`
179			`const char *desc,`
180			`uid_t uid, gid_t gid,`
181			`struct task_struct *ctx,`
182			`key_perm_t perm,`
183			`unsigned long flags);`
184
185
186			`#define KEY_ALLOC_IN_QUOTA 0x0000 /* add to quota, reject if would overrun */`
187			`#define KEY_ALLOC_QUOTA_OVERRUN 0x0001 /* add to quota, permit even if overrun */`
188			`#define KEY_ALLOC_NOT_IN_QUOTA 0x0002 /* not in quota */`
189
190			`extern void key_revoke(struct key *key);`
191			`extern void key_put(struct key *key);`
192
193			`static inline struct key key_get(struct key key)`
194			`{`
195			`if (key)`
196			`atomic_inc(&key->usage);`
197			`return key;`
198			`}`
199
200			`static inline void key_ref_put(key_ref_t key_ref)`
201			`{`
202			`key_put(key_ref_to_ptr(key_ref));`
203			`}`
204
205			`extern struct key request_key(struct key_type type,`
206			`const char *description,`
207			`const char *callout_info);`
208
209			`extern struct key request_key_with_auxdata(struct key_type type,`
210			`const char *description,`
211			`const char *callout_info,`
212			`void *aux);`
213
214			`extern struct key request_key_async(struct key_type type,`
215			`const char *description,`
216			`const char *callout_info);`
217
218			`extern struct key request_key_async_with_auxdata(struct key_type type,`
219			`const char *description,`
220			`const char *callout_info,`
221			`void *aux);`
222
223			`extern int wait_for_key_construction(struct key *key, bool intr);`
224
225			`extern int key_validate(struct key *key);`
226
227			`extern key_ref_t key_create_or_update(key_ref_t keyring,`
228			`const char *type,`
229			`const char *description,`
230			`const void *payload,`
231			`size_t plen,`
232			`unsigned long flags);`
233
234			`extern int key_update(key_ref_t key,`
235			`const void *payload,`
236			`size_t plen);`
237
238			`extern int key_link(struct key *keyring,`
239			`struct key *key);`
240
241			`extern int key_unlink(struct key *keyring,`
242			`struct key *key);`
243
244			`extern struct key keyring_alloc(const char description, uid_t uid, gid_t gid,`
245			`struct task_struct *ctx,`
246			`unsigned long flags,`
247			`struct key *dest);`
248
249			`extern int keyring_clear(struct key *keyring);`
250
251			`extern key_ref_t keyring_search(key_ref_t keyring,`
252			`struct key_type *type,`
253			`const char *description);`
254
255			`extern int keyring_add_key(struct key *keyring,`
256			`struct key *key);`
257
258			`extern struct key *key_lookup(key_serial_t id);`
259
260			`#define key_serial(key) ((key) ? (key)->serial : 0)`
261
262			`/*`
263			`* the userspace interface`
264			`*/`
265			`extern struct key root_user_keyring, root_session_keyring;`
266			`extern int alloc_uid_keyring(struct user_struct *user,`
267			`struct task_struct *ctx);`
268			`extern void switch_uid_keyring(struct user_struct *new_user);`
269			`extern int copy_keys(unsigned long clone_flags, struct task_struct *tsk);`
270			`extern int copy_thread_group_keys(struct task_struct *tsk);`
271			`extern void exit_keys(struct task_struct *tsk);`
272			`extern void exit_thread_group_keys(struct signal_struct *tg);`
273			`extern int suid_keys(struct task_struct *tsk);`
274			`extern int exec_keys(struct task_struct *tsk);`
275			`extern void key_fsuid_changed(struct task_struct *tsk);`
276			`extern void key_fsgid_changed(struct task_struct *tsk);`
277			`extern void key_init(void);`
278
279			`#define __install_session_keyring(tsk, keyring) \`
280			`({ \`
281			`struct key *old_session = tsk->signal->session_keyring; \`
282			`tsk->signal->session_keyring = keyring; \`
283			`old_session; \`
284			`})`
285
286			`#else /* CONFIG_KEYS */`
287
288			`#define key_validate(k) 0`
289			`#define key_serial(k) 0`
290			`#define key_get(k) ({ NULL; })`
291			`#define key_put(k) do { } while(0)`
292			`#define key_ref_put(k) do { } while(0)`
293			`#define make_key_ref(k, p) ({ NULL; })`
294			`#define key_ref_to_ptr(k) ({ NULL; })`
295			`#define is_key_possessed(k) 0`
296			`#define alloc_uid_keyring(u,c) 0`
297			`#define switch_uid_keyring(u) do { } while(0)`
298			`#define __install_session_keyring(t, k) ({ NULL; })`
299			`#define copy_keys(f,t) 0`
300			`#define copy_thread_group_keys(t) 0`
301			`#define exit_keys(t) do { } while(0)`
302			`#define exit_thread_group_keys(tg) do { } while(0)`
303			`#define suid_keys(t) do { } while(0)`
304			`#define exec_keys(t) do { } while(0)`
305			`#define key_fsuid_changed(t) do { } while(0)`
306			`#define key_fsgid_changed(t) do { } while(0)`
307			`#define key_init() do { } while(0)`
308
309			`/* Initial keyrings */`
310			`extern struct key root_user_keyring;`
311			`extern struct key root_session_keyring;`
312
313			`#endif /* CONFIG_KEYS */`
314			`#endif /* __KERNEL__ */`
315			`#endif /* _LINUX_KEY_H */`