Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\keys\request_key.c Create Date:2022-07-28 18:23:18
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:Request userspace finish the construction of a key* - execute "/sbin/request-key <op> <key> <uid> <gid> <keyring> <keyring> <keyring>"

Proto:static int call_sbin_request_key(struct key *authkey, void *aux)

Type:int

Parameter:

TypeParameterName
struct key *authkey
void *aux
117  request_key[] = "/sbin/request-key"
118  rka = get_request_key_auth(authkey)
119  cred = current_cred - Access the current task's subjective credentials* Access the subjective credentials of the current task. RCU-safe,* since nobody else can modify it.()
121  key = target_key
122  char * argv[9], * envp[3], uid_str[12], gid_str[12]
123  char key_str[12], keyring_str[3][12]
127  kenter("{%d},{%d},%s", key serial number , key serial number , op)
129  ret = Look up the user and user session keyrings for the current process's UID,* creating them if they don't exist.
130  If ret < 0 Then Go to error_us
134  sprintf - Format a string and place it in a buffer*@buf: The buffer to place the result into*@fmt: The format string to use*@...: Arguments for the format string* The function returns the number of characters written* into @buf
136  cred = get_current_cred - Get the current task's subjective credentials* Get the subjective credentials of the current task, pinning them so that* they can't go away. Accessing the current task's credentials directly is* not permitted.()
137  keyring = Allocate a keyring and link into the destination keyring.
140  put_cred - Release a reference to a set of credentials*@cred: The credentials to release* Release a reference to a set of credentials, deleting them when the last ref* is released
141  If IS_ERR(keyring) Then
142  ret = PTR_ERR(keyring)
143  Go to error_alloc
147  ret = key_link - Link a key to a keyring*@keyring: The keyring to make the link in
148  If ret < 0 Then Go to error_link
152  sprintf(uid_str, "%d", m_kuid - Create a uid from a kuid user-namespace pair.*@targ: The user namespace we want a uid in.*@kuid: The kernel internal uid to start with.* Map @kuid into the user-namespace specified by @targ and* return the resulting uid.)
153  sprintf(gid_str, "%d", from_kgid( & userns count is 1 for root user, 1 for init_uts_ns,* and 1 for... ?, GID for VFS ops ))
156  sprintf(key_str, "%d", key serial number )
159  sprintf(keyring_str[0], "%d", keyring private to this thread ? key serial number : 0)
162  prkey = 0
163  If keyring private to this process Then prkey = key serial number
165  sprintf(keyring_str[1], "%d", prkey)
167  session = keyring inherited over fork
168  If Not session Then session = user_session
170  sskey = key serial number
172  sprintf(keyring_str[2], "%d", sskey)
175  i = 0
176  envp[i++] = "HOME=/"
177  envp[i++] = "PATH=/sbin:/bin:/usr/sbin:/usr/bin"
178  envp[i] = NULL
181  i = 0
182  argv[i++] = request_key
183  argv[i++] = op
184  argv[i++] = key_str
185  argv[i++] = uid_str
186  argv[i++] = gid_str
187  argv[i++] = keyring_str[0]
188  argv[i++] = keyring_str[1]
189  argv[i++] = keyring_str[2]
190  argv[i] = NULL
193  ret = Call a usermode helper with a specific session keyring.
195  kdebug("usermode -> 0x%x", ret)
196  If ret >= 0 Then
198  If st_bit - Determine whether a bit is set*@nr: bit number to test*@addr: Address to start counting from || key_validate - Validate a key.*@key: The key to be validated.* Check that a key is valid, returning 0 if the key is okay, -ENOKEY if the* key is invalidated, -EKEYREVOKED if the key's type has been removed or if < 0 Then ret = -ENOKEY
201  Else ret = 0
207  error_link :
208  key_put - Discard a reference to a key.*@key: The key to discard a reference from.* Discard a reference to a key, and when all the references are gone, we* schedule the cleanup task to come and pull it out of the tree in process
210  error_alloc :
211  key_put - Discard a reference to a key.*@key: The key to discard a reference from.* Discard a reference to a key, and when all the references are gone, we* schedule the cleanup task to come and pull it out of the tree in process
212  error_us :
213  mplete_request_key - Complete the construction of a key.*@authkey: The authorisation key.*@error: The success or failute of the construction.* Complete the attempt to construct a key. The key will be negated* if an error is indicated
214  kleave(" = %d", ret)
215  Return ret