Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\keys\key.c Create Date:2022-07-28 18:16:17
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:key_create_or_update - Update or create and instantiate a key.*@keyring_ref: A pointer to the destination keyring with possession flag.*@type: The type of key.*@description: The searchable description for the key.

Proto:key_ref_t key_create_or_update(key_ref_t keyring_ref, const char *type, const char *description, const void *payload, size_t plen, key_perm_t perm, unsigned long flags)

Type:key_ref_t

Parameter:

TypeParameterName
key_ref_tkeyring_ref
const char *type
const char *description
const void *payload
size_tplen
key_perm_tperm
unsigned longflags
816  struct keyring_index_key index_key = {description = description, }
820  struct assoc_array_edit * edit = NULL
821  cred = current_cred - Access the current task's subjective credentials* Access the subjective credentials of the current task. RCU-safe,* since nobody else can modify it.()
822  struct key * keyring, * key = NULL
825  struct key_restriction * restrict_link = NULL
829  type = Find and lock the specified key type against removal.* We return with the sem read-locked if successful. If the type wasn't* available -ENOKEY is returned instead.
830  If IS_ERR(type) Then
831  key_ref = ERR_PTR( - ENODEV)
832  Go to error
835  key_ref = ERR_PTR( - EINVAL)
836  If Not instantiate || Not description && Not preparse Then Go to error_put_type
840  keyring = key_ref_to_ptr(keyring_ref)
842  key_check(keyring)
844  If Not (flags & Override the check on restricted keyrings ) Then restrict_link = This is set on a keyring to restrict the addition of a link to a key * to it. If this structure isn't provided then it is assumed that the * keyring is open to any addition. It is ignored for non-keyring * keys. Only set this value using keyring_restrict(
847  key_ref = ERR_PTR( - ENOTDIR)
848  If type of key != key_type_keyring Then Go to error_put_type
851  memset( & prep, 0, size of prep )
852  Raw data = payload
853  Raw datalen = plen
854  Quota length for proposed payload = def_datalen
855  Expiry time of key = Located here for timespec[64]_valid_strict
856  If preparse Then
857  ret = preparse( & prep)
858  If ret < 0 Then
859  key_ref = ERR_PTR(ret)
860  Go to error_free_prep
862  If Not description Then description = Proposed key description (or NULL)
864  key_ref = ERR_PTR( - EINVAL)
865  If Not description Then Go to error_free_prep
868  desc_len = strlen - Find the length of a string*@s: The string to be sized
869  key_set_index_key( & index_key)
871  ret = __key_link_lock(keyring, & index_key)
872  If ret < 0 Then
873  key_ref = ERR_PTR(ret)
874  Go to error_free_prep
877  ret = Preallocate memory so that a key can be linked into to a keyring.
878  If ret < 0 Then
879  key_ref = ERR_PTR(ret)
880  Go to error_link_end
883  If restrict_link && check Then
884  ret = check(keyring, type, & Proposed payload , key)
886  If ret < 0 Then
887  key_ref = ERR_PTR(ret)
888  Go to error_link_end
894  ret = Check to see whether permission is granted to use a key in the desired way.
895  If ret < 0 Then
896  key_ref = ERR_PTR(ret)
897  Go to error_link_end
904  If update Then
905  key_ref = find_key_to_update(keyring_ref, & index_key)
906  If key_ref Then Go to found_matching_key
911  If perm == KEY_PERM_UNDEF Then
912  perm = possessor can view a key's attributes | possessor can find a key in search / search a keyring | possessor can create a link to a key/keyring | possessor can set key attributes
913  perm |= user permissions...
915  If read Then perm |= possessor can read key payload / view keyring
918  If type == key_type_keyring || update Then perm |= possessor can update key payload / add link to keyring
924  key = key_alloc - Allocate a key of the specified type.*@type: The type of key to allocate.*@desc: The key description to allow the key to be searched out.*@uid: The owner of the new key.*@gid: The group ID for the new key's group permissions.
926  If IS_ERR(key) Then
927  key_ref = ERR_CAST - Explicitly cast an error-valued pointer to another pointer type*@ptr: The pointer to cast.* Explicitly cast an error-valued pointer to another pointer type in such a* way as to make it clear that's what's going on.
928  Go to error_link_end
932  ret = Instantiate a key and link it into the target keyring atomically. Must be* called with the target keyring's semaphore writelocked. The target key's* semaphore need not be locked as instantiation is serialised by* key_construction_mutex.
933  If ret < 0 Then
934  key_put - Discard a reference to a key.*@key: The key to discard a reference from.* Discard a reference to a key, and when all the references are gone, we* schedule the cleanup task to come and pull it out of the tree in process
935  key_ref = ERR_PTR(ret)
936  Go to error_link_end
939  key_ref = make_key_ref(key, is_key_possessed(keyring_ref))
941  error_link_end :
942  Finish linking a key into to a keyring.* Must be called with __key_link_begin() having being called.
943  error_free_prep :
944  If preparse Then free_preparse( & prep)
946  error_put_type :
947  Unlock a key type locked by key_type_lookup().
948  error :
949  Return key_ref
951  found_matching_key :
955  Finish linking a key into to a keyring.* Must be called with __key_link_begin() having being called.
957  key = key_ref_to_ptr(key_ref)
958  If st_bit - Determine whether a bit is set*@nr: bit number to test*@addr: Address to start counting from Then
959  ret = wait_for_key_construction(key, true)
960  If ret < 0 Then
961  key_ref_put(key_ref)
962  key_ref = ERR_PTR(ret)
963  Go to error_free_prep
967  key_ref = Attempt to update an existing key.* The key is given to us with an incremented refcount that we need to discard* if we get an error.
968  Go to error_free_prep
Caller
NameDescribe
SYSCALL_DEFINE5Extract the description of a new key from userspace and either add it as a* new key to the specified keyring or update a matching key in that keyring.* If the description is NULL or an empty string, the key type is asked to* generate one from the payload.
integrity_add_key