Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\keys\key.c Create Date:2022-07-28 18:15:36
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:key_alloc - Allocate a key of the specified type.*@type: The type of key to allocate.*@desc: The key description to allow the key to be searched out.*@uid: The owner of the new key.*@gid: The group ID for the new key's group permissions.

Proto:struct key *key_alloc(struct key_type *type, const char *desc, kuid_t uid, kgid_t gid, const struct cred *cred, key_perm_t perm, unsigned long flags, struct key_restriction *restrict_link)

Type:struct key

Parameter:

TypeParameterName
struct key_type *type
const char *desc
kuid_tuid
kgid_tgid
const struct cred *cred
key_perm_tperm
unsigned longflags
struct key_restriction *restrict_link
229  struct key_user * user = NULL
234  key = ERR_PTR( - EINVAL)
235  If Not desc || Not desc Then Go to error
238  If vet_description Then
239  ret = vet_description(desc)
240  If ret < 0 Then
241  key = ERR_PTR(ret)
242  Go to error
246  desclen = strlen(desc)
247  quotalen = desclen + 1 + default payload length for quota precalculation (optional)* - this can be used instead of calling key_payload_reserve(), that* function only needs to be called if the real datalen is different
250  user = Get the key quota record for a user, allocating a new record if one doesn't* already exist.
251  If Not user Then Go to no_memory_1
256  If Not (flags & in quota ) Then
257  maxkeys = If uid_eq(uid, GLOBAL_ROOT_UID) Then 's key count quota Else general key count quota
259  maxbytes = If uid_eq(uid, GLOBAL_ROOT_UID) Then 's key space quota Else general key space quota
262  spin_lock( & lock)
270  umber of keys allocated to this user ++
271  umber of bytes allocated to this user += quotalen
272  spin_unlock( & lock)
276  key = Shortcuts
277  If Not key Then Go to no_memory_2
280  desc_len = desclen
281  description = kmemdup - duplicate region of memory*@src: memory region to duplicate*@len: memory region length*@gfp: GFP mask to use* Return: newly allocated copy of @src or %NULL in case of error
282  If Not description Then Go to no_memory_3
284  type = type
285  key_set_index_key( & index_key)
287  _set - set a refcount's value*@r: the refcount*@n: value to which the refcount will be set
288  init_rwsem( & change vs change sem )
289  lockdep_set_class( & change vs change sem , & key->sem lock class )
290  owner of this key = user
291  length added to quota = quotalen
292  payload data length * - may not match RCU dereferenced payload * - payload should contain own length = default payload length for quota precalculation (optional)* - this can be used instead of calling key_payload_reserve(), that* function only needs to be called if the real datalen is different
293  uid = uid
294  gid = gid
295  access permissions = perm
296  This is set on a keyring to restrict the addition of a link to a key * to it. If this structure isn't provided then it is assumed that the * keyring is open to any addition. It is ignored for non-keyring * keys. Only set this value using keyring_restrict( = restrict_link
297  last time used for LRU keyring discard = ktime_get_real_seconds - Get the seconds portion of CLOCK_REALTIME* Returns the wall clock seconds since 1970. This replaces the* get_seconds() interface which is not y2038 safe on 32bit systems.
299  If Not (flags & in quota ) Then status flags (change with bitops) |= 1 << set if key consumes quota
301  If flags & Key is built into kernel Then status flags (change with bitops) |= 1 << set if key is built in to the kernel
303  If flags & allocating a user or user session keyring Then status flags (change with bitops) |= 1 << set if key is a user or user session keyring
311  ret = security_key_alloc(key, cred, flags)
312  If ret < 0 Then Go to security_error
316  _inc - increment a refcount*@r: the refcount to increment* Similar to atomic_inc(), but will saturate at REFCOUNT_SATURATED and WARN
317  atomic_inc( & umber of keys )
318  Allocate a serial number for a key. These are assigned randomly to avoid* security issues through covert channel problems.
320  error :
321  Return key
323  security_error :
324  kfree(description)
325  kmem_cache_free(key_jar, key)
326  If Not (flags & in quota ) Then
327  spin_lock( & lock)
328  umber of keys allocated to this user --
329  umber of bytes allocated to this user -= quotalen
330  spin_unlock( & lock)
332  Dispose of a user structure
333  key = ERR_PTR(ret)
334  Go to error
336  no_memory_3 :
337  kmem_cache_free(key_jar, key)
338  no_memory_2 :
339  If Not (flags & in quota ) Then
340  spin_lock( & lock)
341  umber of keys allocated to this user --
342  umber of bytes allocated to this user -= quotalen
343  spin_unlock( & lock)
345  Dispose of a user structure
346  no_memory_1 :
347  key = ERR_PTR( - ENOMEM)
348  Go to error
350  no_quota :
351  spin_unlock( & lock)
352  Dispose of a user structure
353  key = ERR_PTR( - EDQUOT)
354  Go to error
Caller
NameDescribe
key_create_or_updatekey_create_or_update - Update or create and instantiate a key.*@keyring_ref: A pointer to the destination keyring with possession flag.*@type: The type of key.*@description: The searchable description for the key.
keyring_allocAllocate a keyring and link into the destination keyring.
construct_alloc_keyAllocate a new key in under-construction state and attempt to link it in to* the requested keyring.* May return a key that's already under construction instead if there was a* race between two thread calling request_key().
request_key_auth_newCreate an authorisation token for /sbin/request-key or whoever to gain* access to the caller's security data.
add_new_master_keyAllocate a new fscrypt_master_key which contains the given secret, set it as* the payload of a new 'struct key' of type fscrypt, and link the 'struct key'* into the given keyring. Synchronized by fscrypt_add_key_mutex.