[PATCH] keys: Permit key expiry time to be set

Add a new keyctl function that allows the expiry time to be set on a key or removed from a key, provided the caller has attribute modification access. Signed-off-by: David Howells <dhowells@redhat.com> Cc: Trond Myklebust <trond.myklebust@fys.uio.no> Cc: Alexander Zangerl <az@bond.edu.au> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>

[PATCH] keys: Permit key expiry time to be set
Add a new keyctl function that allows the expiry time to be set on a key or removed from a key, provided the caller has attribute modification access. Signed-off-by: David Howells <dhowells@redhat.com> Cc: Trond Myklebust <trond.myklebust@fys.uio.no> Cc: Alexander Zangerl <az@bond.edu.au> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
David Howells · Linus Torvalds
1 parent cd140a5c1f
Showing 5 changed files with 63 additions and 1 deletions Side-by-side Diff
Documentation/keys.txt
include/linux/keyctl.h
security/keys/compat.c
security/keys/internal.h
security/keys/keyctl.c
@@ -498,7 +498,7 @@
      keyring is full, error ENFILE will result.
  
      The link procedure checks the nesting of the keyrings, returning ELOOP if
-     it appears to deep or EDEADLK if the link would introduce a cycle.
+     it appears too deep or EDEADLK if the link would introduce a cycle.
  
  
  (*) Unlink a key or keyring from another keyring:
@@ -626,6 +626,19 @@
      [1] The default default is: the thread keyring if there is one, otherwise
      the process keyring if there is one, otherwise the session keyring if
      there is one, otherwise the user default session keyring.
+
+
+ (*) Set the timeout on a key.
+
+	long keyctl(KEYCTL_SET_TIMEOUT, key_serial_t key, unsigned timeout);
+
+     This sets or clears the timeout on a key. The timeout can be 0 to clear
+     the timeout or a number of seconds to set the expiry time that far into
+     the future.
+
+     The process must have attribute modification access on a key to set its
+     timeout. Timeouts may not be set with this function on negative, revoked
+     or expired keys.
  
  
 ===============
@@ -46,6 +46,7 @@
 #define KEYCTL_INSTANTIATE		12	/* instantiate a partially constructed key */
 #define KEYCTL_NEGATE			13	/* negate a partially constructed key */
 #define KEYCTL_SET_REQKEY_KEYRING	14	/* set default request-key keyring */
+#define KEYCTL_SET_TIMEOUT		15	/* set key timeout */
  
 #endif /*  _LINUX_KEYCTL_H */
@@ -74,6 +74,9 @@
 	case KEYCTL_SET_REQKEY_KEYRING:
 		return keyctl_set_reqkey_keyring(arg2);
  
+	case KEYCTL_SET_TIMEOUT:
+		return keyctl_set_timeout(arg2, arg3);
+
 	default:
 		return -EOPNOTSUPP;
 	}
@@ -136,6 +136,7 @@
 				   size_t, key_serial_t);
 extern long keyctl_negate_key(key_serial_t, unsigned, key_serial_t);
 extern long keyctl_set_reqkey_keyring(int);
+extern long keyctl_set_timeout(key_serial_t, unsigned);
  
  
 /*
@@ -967,6 +967,46 @@
  
 /*****************************************************************************/
 /*
+ * set or clear the timeout for a key
+ */
+long keyctl_set_timeout(key_serial_t id, unsigned timeout)
+{
+	struct timespec now;
+	struct key *key;
+	key_ref_t key_ref;
+	time_t expiry;
+	long ret;
+
+	key_ref = lookup_user_key(NULL, id, 1, 1, KEY_SETATTR);
+	if (IS_ERR(key_ref)) {
+		ret = PTR_ERR(key_ref);
+		goto error;
+	}
+
+	key = key_ref_to_ptr(key_ref);
+
+	/* make the changes with the locks held to prevent races */
+	down_write(&key->sem);
+
+	expiry = 0;
+	if (timeout > 0) {
+		now = current_kernel_time();
+		expiry = now.tv_sec + timeout;
+	}
+
+	key->expiry = expiry;
+
+	up_write(&key->sem);
+	key_put(key);
+
+	ret = 0;
+error:
+	return ret;
+
+} /* end keyctl_set_timeout() */
+
+/*****************************************************************************/
+/*
  * the key control system call
  */
 asmlinkage long sys_keyctl(int option, unsigned long arg2, unsigned long arg3,
@@ -1037,6 +1077,10 @@
  
 	case KEYCTL_SET_REQKEY_KEYRING:
 		return keyctl_set_reqkey_keyring(arg2);
+
+	case KEYCTL_SET_TIMEOUT:
+		return keyctl_set_timeout((key_serial_t) arg2,
+					  (unsigned) arg3);
  
 	default:
 		return -EOPNOTSUPP;
...	...	@@ -498,7 +498,7 @@
498	498	keyring is full, error ENFILE will result.
499	499
500	500	The link procedure checks the nesting of the keyrings, returning ELOOP if
501		- it appears to deep or EDEADLK if the link would introduce a cycle.
	501	+ it appears too deep or EDEADLK if the link would introduce a cycle.
502	502
503	503
504	504	(*) Unlink a key or keyring from another keyring:
...	...	@@ -626,6 +626,19 @@
626	626	[1] The default default is: the thread keyring if there is one, otherwise
627	627	the process keyring if there is one, otherwise the session keyring if
628	628	there is one, otherwise the user default session keyring.
	629	+
	630	+
	631	+ (*) Set the timeout on a key.
	632	+
	633	+ long keyctl(KEYCTL_SET_TIMEOUT, key_serial_t key, unsigned timeout);
	634	+
	635	+ This sets or clears the timeout on a key. The timeout can be 0 to clear
	636	+ the timeout or a number of seconds to set the expiry time that far into
	637	+ the future.
	638	+
	639	+ The process must have attribute modification access on a key to set its
	640	+ timeout. Timeouts may not be set with this function on negative, revoked
	641	+ or expired keys.
629	642
630	643
631	644	===============
...	...	@@ -46,6 +46,7 @@
46	46	#define KEYCTL_INSTANTIATE 12 /* instantiate a partially constructed key */
47	47	#define KEYCTL_NEGATE 13 /* negate a partially constructed key */
48	48	#define KEYCTL_SET_REQKEY_KEYRING 14 /* set default request-key keyring */
	49	+#define KEYCTL_SET_TIMEOUT 15 /* set key timeout */
49	50
50	51	#endif /* _LINUX_KEYCTL_H */
...	...	@@ -74,6 +74,9 @@
74	74	case KEYCTL_SET_REQKEY_KEYRING:
75	75	return keyctl_set_reqkey_keyring(arg2);
76	76
	77	+ case KEYCTL_SET_TIMEOUT:
	78	+ return keyctl_set_timeout(arg2, arg3);
	79	+
77	80	default:
78	81	return -EOPNOTSUPP;
79	82	}
...	...	@@ -136,6 +136,7 @@
136	136	size_t, key_serial_t);
137	137	extern long keyctl_negate_key(key_serial_t, unsigned, key_serial_t);
138	138	extern long keyctl_set_reqkey_keyring(int);
	139	+extern long keyctl_set_timeout(key_serial_t, unsigned);
139	140
140	141
141	142	/*
...	...	@@ -967,6 +967,46 @@
967	967
968	968	/*****************************************************************************/
969	969	/*
	970	+ * set or clear the timeout for a key
	971	+ */
	972	+long keyctl_set_timeout(key_serial_t id, unsigned timeout)
	973	+{
	974	+ struct timespec now;
	975	+ struct key *key;
	976	+ key_ref_t key_ref;
	977	+ time_t expiry;
	978	+ long ret;
	979	+
	980	+ key_ref = lookup_user_key(NULL, id, 1, 1, KEY_SETATTR);
	981	+ if (IS_ERR(key_ref)) {
	982	+ ret = PTR_ERR(key_ref);
	983	+ goto error;
	984	+ }
	985	+
	986	+ key = key_ref_to_ptr(key_ref);
	987	+
	988	+ /* make the changes with the locks held to prevent races */
	989	+ down_write(&key->sem);
	990	+
	991	+ expiry = 0;
	992	+ if (timeout > 0) {
	993	+ now = current_kernel_time();
	994	+ expiry = now.tv_sec + timeout;
	995	+ }
	996	+
	997	+ key->expiry = expiry;
	998	+
	999	+ up_write(&key->sem);
	1000	+ key_put(key);
	1001	+
	1002	+ ret = 0;
	1003	+error:
	1004	+ return ret;
	1005	+
	1006	+} /* end keyctl_set_timeout() */
	1007	+
	1008	+/*****************************************************************************/
	1009	+/*
970	1010	* the key control system call
971	1011	*/
972	1012	asmlinkage long sys_keyctl(int option, unsigned long arg2, unsigned long arg3,
...	...	@@ -1037,6 +1077,10 @@
1037	1077
1038	1078	case KEYCTL_SET_REQKEY_KEYRING:
1039	1079	return keyctl_set_reqkey_keyring(arg2);
	1080	+
	1081	+ case KEYCTL_SET_TIMEOUT:
	1082	+ return keyctl_set_timeout((key_serial_t) arg2,
	1083	+ (unsigned) arg3);
1040	1084
1041	1085	default:
1042	1086	return -EOPNOTSUPP;