Commit c06cfb08b88dfbe13be44a69ae2fdc3a7c902d81
1 parent
614d8c3901
Exists in
ti-lsk-linux-4.1.y
and in
10 other branches
KEYS: Remove key_type::match in favour of overriding default by match_preparse
A previous patch added a ->match_preparse() method to the key type. This is allowed to override the function called by the iteration algorithm. Therefore, we can just set a default that simply checks for an exact match of the key description with the original criterion data and allow match_preparse to override it as needed. The key_type::match op is then redundant and can be removed, as can the user_match() function. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Vivek Goyal <vgoyal@redhat.com>
Showing 19 changed files with 31 additions and 45 deletions Side-by-side Diff
- crypto/asymmetric_keys/asymmetric_type.c
- crypto/asymmetric_keys/pkcs7_key_type.c
- fs/cifs/cifs_spnego.c
- fs/cifs/cifsacl.c
- fs/nfs/idmap.c
- include/keys/user-type.h
- include/linux/key-type.h
- net/ceph/crypto.c
- net/dns_resolver/dns_key.c
- net/rxrpc/ar-key.c
- security/keys/big_key.c
- security/keys/encrypted-keys/encrypted.c
- security/keys/internal.h
- security/keys/key.c
- security/keys/keyring.c
- security/keys/request_key.c
- security/keys/request_key_auth.c
- security/keys/trusted.c
- security/keys/user_defined.c
crypto/asymmetric_keys/asymmetric_type.c
... | ... | @@ -59,8 +59,8 @@ |
59 | 59 | * "id:<id>" - request a key matching the ID |
60 | 60 | * "<subtype>:<id>" - request a key of a subtype |
61 | 61 | */ |
62 | -static int asymmetric_key_match(const struct key *key, | |
63 | - const struct key_match_data *match_data) | |
62 | +static int asymmetric_key_cmp(const struct key *key, | |
63 | + const struct key_match_data *match_data) | |
64 | 64 | { |
65 | 65 | const struct asymmetric_key_subtype *subtype = asymmetric_key_subtype(key); |
66 | 66 | const char *description = match_data->raw_data; |
... | ... | @@ -110,6 +110,7 @@ |
110 | 110 | static int asymmetric_key_match_preparse(struct key_match_data *match_data) |
111 | 111 | { |
112 | 112 | match_data->lookup_type = KEYRING_SEARCH_LOOKUP_ITERATE; |
113 | + match_data->cmp = asymmetric_key_cmp; | |
113 | 114 | return 0; |
114 | 115 | } |
115 | 116 | |
... | ... | @@ -224,7 +225,6 @@ |
224 | 225 | .free_preparse = asymmetric_key_free_preparse, |
225 | 226 | .instantiate = generic_key_instantiate, |
226 | 227 | .match_preparse = asymmetric_key_match_preparse, |
227 | - .match = asymmetric_key_match, | |
228 | 228 | .match_free = asymmetric_key_match_free, |
229 | 229 | .destroy = asymmetric_key_destroy, |
230 | 230 | .describe = asymmetric_key_describe, |
crypto/asymmetric_keys/pkcs7_key_type.c
fs/cifs/cifs_spnego.c
fs/cifs/cifsacl.c
fs/nfs/idmap.c
... | ... | @@ -177,7 +177,6 @@ |
177 | 177 | .preparse = user_preparse, |
178 | 178 | .free_preparse = user_free_preparse, |
179 | 179 | .instantiate = generic_key_instantiate, |
180 | - .match = user_match, | |
181 | 180 | .revoke = user_revoke, |
182 | 181 | .destroy = user_destroy, |
183 | 182 | .describe = user_describe, |
... | ... | @@ -401,7 +400,6 @@ |
401 | 400 | .preparse = user_preparse, |
402 | 401 | .free_preparse = user_free_preparse, |
403 | 402 | .instantiate = generic_key_instantiate, |
404 | - .match = user_match, | |
405 | 403 | .revoke = user_revoke, |
406 | 404 | .destroy = user_destroy, |
407 | 405 | .describe = user_describe, |
include/keys/user-type.h
... | ... | @@ -36,13 +36,10 @@ |
36 | 36 | extern struct key_type key_type_logon; |
37 | 37 | |
38 | 38 | struct key_preparsed_payload; |
39 | -struct key_match_data; | |
40 | 39 | |
41 | 40 | extern int user_preparse(struct key_preparsed_payload *prep); |
42 | 41 | extern void user_free_preparse(struct key_preparsed_payload *prep); |
43 | 42 | extern int user_update(struct key *key, struct key_preparsed_payload *prep); |
44 | -extern int user_match(const struct key *key, | |
45 | - const struct key_match_data *match_data); | |
46 | 43 | extern void user_revoke(struct key *key); |
47 | 44 | extern void user_destroy(struct key *key); |
48 | 45 | extern void user_describe(const struct key *user, struct seq_file *m); |
include/linux/key-type.h
... | ... | @@ -113,10 +113,6 @@ |
113 | 113 | */ |
114 | 114 | int (*match_preparse)(struct key_match_data *match_data); |
115 | 115 | |
116 | - /* match a key against a description */ | |
117 | - int (*match)(const struct key *key, | |
118 | - const struct key_match_data *match_data); | |
119 | - | |
120 | 116 | /* Free preparsed match data (optional). This should be supplied it |
121 | 117 | * ->match_preparse() is supplied. */ |
122 | 118 | void (*match_free)(struct key_match_data *match_data); |
net/ceph/crypto.c
net/dns_resolver/dns_key.c
... | ... | @@ -176,9 +176,8 @@ |
176 | 176 | * The domain name may be a simple name or an absolute domain name (which |
177 | 177 | * should end with a period). The domain name is case-independent. |
178 | 178 | */ |
179 | -static int | |
180 | -dns_resolver_match(const struct key *key, | |
181 | - const struct key_match_data *match_data) | |
179 | +static int dns_resolver_cmp(const struct key *key, | |
180 | + const struct key_match_data *match_data) | |
182 | 181 | { |
183 | 182 | int slen, dlen, ret = 0; |
184 | 183 | const char *src = key->description, *dsp = match_data->raw_data; |
... | ... | @@ -210,6 +209,16 @@ |
210 | 209 | } |
211 | 210 | |
212 | 211 | /* |
212 | + * Preparse the match criterion. | |
213 | + */ | |
214 | +static int dns_resolver_match_preparse(struct key_match_data *match_data) | |
215 | +{ | |
216 | + match_data->lookup_type = KEYRING_SEARCH_LOOKUP_ITERATE; | |
217 | + match_data->cmp = dns_resolver_cmp; | |
218 | + return 0; | |
219 | +} | |
220 | + | |
221 | +/* | |
213 | 222 | * Describe a DNS key |
214 | 223 | */ |
215 | 224 | static void dns_resolver_describe(const struct key *key, struct seq_file *m) |
... | ... | @@ -243,7 +252,7 @@ |
243 | 252 | .preparse = dns_resolver_preparse, |
244 | 253 | .free_preparse = dns_resolver_free_preparse, |
245 | 254 | .instantiate = generic_key_instantiate, |
246 | - .match = dns_resolver_match, | |
255 | + .match_preparse = dns_resolver_match_preparse, | |
247 | 256 | .revoke = user_revoke, |
248 | 257 | .destroy = user_destroy, |
249 | 258 | .describe = dns_resolver_describe, |
net/rxrpc/ar-key.c
... | ... | @@ -44,7 +44,6 @@ |
44 | 44 | .preparse = rxrpc_preparse, |
45 | 45 | .free_preparse = rxrpc_free_preparse, |
46 | 46 | .instantiate = generic_key_instantiate, |
47 | - .match = user_match, | |
48 | 47 | .destroy = rxrpc_destroy, |
49 | 48 | .describe = rxrpc_describe, |
50 | 49 | .read = rxrpc_read, |
... | ... | @@ -61,7 +60,6 @@ |
61 | 60 | .preparse = rxrpc_preparse_s, |
62 | 61 | .free_preparse = rxrpc_free_preparse_s, |
63 | 62 | .instantiate = generic_key_instantiate, |
64 | - .match = user_match, | |
65 | 63 | .destroy = rxrpc_destroy_s, |
66 | 64 | .describe = rxrpc_describe, |
67 | 65 | }; |
security/keys/big_key.c
security/keys/encrypted-keys/encrypted.c
security/keys/internal.h
security/keys/key.c
security/keys/keyring.c
... | ... | @@ -89,7 +89,6 @@ |
89 | 89 | .preparse = keyring_preparse, |
90 | 90 | .free_preparse = keyring_free_preparse, |
91 | 91 | .instantiate = keyring_instantiate, |
92 | - .match = user_match, | |
93 | 92 | .revoke = keyring_revoke, |
94 | 93 | .destroy = keyring_destroy, |
95 | 94 | .describe = keyring_describe, |
... | ... | @@ -512,6 +511,15 @@ |
512 | 511 | EXPORT_SYMBOL(keyring_alloc); |
513 | 512 | |
514 | 513 | /* |
514 | + * By default, we keys found by getting an exact match on their descriptions. | |
515 | + */ | |
516 | +int key_default_cmp(const struct key *key, | |
517 | + const struct key_match_data *match_data) | |
518 | +{ | |
519 | + return strcmp(key->description, match_data->raw_data) == 0; | |
520 | +} | |
521 | + | |
522 | +/* | |
515 | 523 | * Iteration function to consider each key found. |
516 | 524 | */ |
517 | 525 | static int keyring_search_iterator(const void *object, void *iterator_data) |
518 | 526 | |
... | ... | @@ -884,16 +892,13 @@ |
884 | 892 | .index_key.type = type, |
885 | 893 | .index_key.description = description, |
886 | 894 | .cred = current_cred(), |
887 | - .match_data.cmp = type->match, | |
895 | + .match_data.cmp = key_default_cmp, | |
888 | 896 | .match_data.raw_data = description, |
889 | 897 | .match_data.lookup_type = KEYRING_SEARCH_LOOKUP_DIRECT, |
890 | 898 | .flags = KEYRING_SEARCH_DO_STATE_CHECK, |
891 | 899 | }; |
892 | 900 | key_ref_t key; |
893 | 901 | int ret; |
894 | - | |
895 | - if (!ctx.match_data.cmp) | |
896 | - return ERR_PTR(-ENOKEY); | |
897 | 902 | |
898 | 903 | if (type->match_preparse) { |
899 | 904 | ret = type->match_preparse(&ctx.match_data); |
security/keys/request_key.c
... | ... | @@ -531,7 +531,7 @@ |
531 | 531 | .index_key.type = type, |
532 | 532 | .index_key.description = description, |
533 | 533 | .cred = current_cred(), |
534 | - .match_data.cmp = type->match, | |
534 | + .match_data.cmp = key_default_cmp, | |
535 | 535 | .match_data.raw_data = description, |
536 | 536 | .match_data.lookup_type = KEYRING_SEARCH_LOOKUP_DIRECT, |
537 | 537 | }; |
security/keys/request_key_auth.c
... | ... | @@ -246,7 +246,7 @@ |
246 | 246 | .index_key.type = &key_type_request_key_auth, |
247 | 247 | .index_key.description = description, |
248 | 248 | .cred = current_cred(), |
249 | - .match_data.cmp = user_match, | |
249 | + .match_data.cmp = key_default_cmp, | |
250 | 250 | .match_data.raw_data = description, |
251 | 251 | .match_data.lookup_type = KEYRING_SEARCH_LOOKUP_DIRECT, |
252 | 252 | }; |
security/keys/trusted.c
security/keys/user_defined.c
... | ... | @@ -30,7 +30,6 @@ |
30 | 30 | .free_preparse = user_free_preparse, |
31 | 31 | .instantiate = generic_key_instantiate, |
32 | 32 | .update = user_update, |
33 | - .match = user_match, | |
34 | 33 | .revoke = user_revoke, |
35 | 34 | .destroy = user_destroy, |
36 | 35 | .describe = user_describe, |
... | ... | @@ -51,7 +50,6 @@ |
51 | 50 | .free_preparse = user_free_preparse, |
52 | 51 | .instantiate = generic_key_instantiate, |
53 | 52 | .update = user_update, |
54 | - .match = user_match, | |
55 | 53 | .revoke = user_revoke, |
56 | 54 | .destroy = user_destroy, |
57 | 55 | .describe = user_describe, |
... | ... | @@ -135,16 +133,6 @@ |
135 | 133 | } |
136 | 134 | |
137 | 135 | EXPORT_SYMBOL_GPL(user_update); |
138 | - | |
139 | -/* | |
140 | - * match users on their name | |
141 | - */ | |
142 | -int user_match(const struct key *key, const struct key_match_data *match_data) | |
143 | -{ | |
144 | - return strcmp(key->description, match_data->raw_data) == 0; | |
145 | -} | |
146 | - | |
147 | -EXPORT_SYMBOL_GPL(user_match); | |
148 | 136 | |
149 | 137 | /* |
150 | 138 | * dispose of the links from a revoked keyring |