From patchwork Wed Jul 17 20:44:15 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Howells X-Patchwork-Id: 2829005 Return-Path: X-Original-To: patchwork-linux-nfs@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.19.201]) by patchwork1.web.kernel.org (Postfix) with ESMTP id E68689F9A0 for ; Wed, 17 Jul 2013 20:45:36 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 1E7CB20305 for ; Wed, 17 Jul 2013 20:45:36 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 3D7DD2026A for ; Wed, 17 Jul 2013 20:45:35 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756586Ab3GQUoW (ORCPT ); Wed, 17 Jul 2013 16:44:22 -0400 Received: from mx1.redhat.com ([209.132.183.28]:45110 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751371Ab3GQUoT (ORCPT ); Wed, 17 Jul 2013 16:44:19 -0400 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id r6HKiJxI016124 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Wed, 17 Jul 2013 16:44:19 -0400 Received: from warthog.procyon.org.uk (ovpn-113-49.phx2.redhat.com [10.3.113.49]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id r6HKiFr5031809; Wed, 17 Jul 2013 16:44:16 -0400 Organization: Red Hat UK Ltd. Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod Street, Windsor, Berkshire, SI4 1TE, United Kingdom. Registered in England and Wales under Company Registration No. 3798903 Subject: [PATCH 07/10] KEYS: Search for auth-key by name rather than targt key ID To: keyrings@linux-nfs.org From: David Howells Cc: linux-security-module@vger.kernel.org, linux-nfs@vger.kernel.org, linux-kernel@vger.kernel.org Date: Wed, 17 Jul 2013 21:44:15 +0100 Message-ID: <20130717204415.8591.41028.stgit@warthog.procyon.org.uk> In-Reply-To: <20130717204314.8591.52892.stgit@warthog.procyon.org.uk> References: <20130717204314.8591.52892.stgit@warthog.procyon.org.uk> User-Agent: StGit/0.16 MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 Sender: linux-nfs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org X-Spam-Status: No, score=-7.3 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI, RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Search for auth-key by name rather than by target key ID as, in a future patch, we'll by searching directly by index key in preference to iteration over all keys. Signed-off-by: David Howells --- security/keys/request_key_auth.c | 21 +++++++-------------- 1 file changed, 7 insertions(+), 14 deletions(-) -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/security/keys/request_key_auth.c b/security/keys/request_key_auth.c index 8d09852..7495a93 100644 --- a/security/keys/request_key_auth.c +++ b/security/keys/request_key_auth.c @@ -18,6 +18,7 @@ #include #include #include "internal.h" +#include static int request_key_auth_instantiate(struct key *, struct key_preparsed_payload *); @@ -222,33 +223,25 @@ error_alloc: } /* - * See if an authorisation key is associated with a particular key. - */ -static int key_get_instantiation_authkey_match(const struct key *key, - const void *_id) -{ - struct request_key_auth *rka = key->payload.data; - key_serial_t id = (key_serial_t)(unsigned long) _id; - - return rka->target_key->serial == id; -} - -/* * Search the current process's keyrings for the authorisation key for * instantiation of a key. */ struct key *key_get_instantiation_authkey(key_serial_t target_id) { + char description[16]; struct keyring_search_context ctx = { .index_key.type = &key_type_request_key_auth, + .index_key.description = description, .cred = current_cred(), - .match = key_get_instantiation_authkey_match, - .match_data = (void *)(unsigned long)target_id, + .match = user_match, + .match_data = description, .flags = KEYRING_SEARCH_LOOKUP_DIRECT, }; struct key *authkey; key_ref_t authkey_ref; + sprintf(description, "%x", target_id); + authkey_ref = search_process_keyrings(&ctx); if (IS_ERR(authkey_ref)) {