From patchwork Wed Sep 27 19:50:47 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 9974645 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 93D2B60365 for ; Wed, 27 Sep 2017 19:51:43 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 864702904B for ; Wed, 27 Sep 2017 19:51:43 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 7AE612930C; Wed, 27 Sep 2017 19:51:43 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 003082904B for ; Wed, 27 Sep 2017 19:51:42 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751136AbdI0Tv2 (ORCPT ); Wed, 27 Sep 2017 15:51:28 -0400 Received: from mail-pg0-f67.google.com ([74.125.83.67]:34275 "EHLO mail-pg0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752029AbdI0TvT (ORCPT ); Wed, 27 Sep 2017 15:51:19 -0400 Received: by mail-pg0-f67.google.com with SMTP id u18so10222916pgo.1; Wed, 27 Sep 2017 12:51:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=tf6SbKK5uqoizhQJYAu+nh8fAbATAMSb408AIIAvVPg=; b=LRrZVJ2yYJV+bix+20jSUCuix6BwbrxW23rynZje0M2Mj1r93OS2MtiHBqTmjt8em+ UhYu+apo+fsWvu1Lt/+Af5LnCfhnbUl3yBL8Jy1roOlJOo1TPxtNOorl3tMSOkwiTz9l lh8Se1dbXWurlqy5w5AQIgX2t7eEeFymJPo2wpz15JX80V5Pgiz8TC+E/thVU1EuHzha bLFFtBB6K2wvOVfKZs7G3PLZLdARLNzwCk95JfDxX7rGLEB+IwtANCibk0VCmX9gd/vr HfA7BOogBWAb5NJGhzvjfURY8YSCATIxp+AnNVSQzVaB0fYeKEzpWvvFPR/TBzCEeTfV JUsw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=tf6SbKK5uqoizhQJYAu+nh8fAbATAMSb408AIIAvVPg=; b=UGOb7fxf5Qtsz8DzYTwkVdI8INjEhxG8dfKaGRlTsVt3aHAvDkHtOh/MITcgj2EW4c 6xXsqXbZoBCkbQrop8O998tva7ARUp5jzmcw2qD2mEPkGmEEuBOwaMBXBXLgJTjMYOMZ Yf2fLG4A1aTJKOGw4+nTmcgFSQg102UHCESLCV+SF+HkWFXlfv6sxVtoJ6Ru7bUWjwaR mnJhI/yvVFCl9cf4qBFRx3OwNVeShxlNky0Po8xPGvJIjnizgG7KC0ZBGwtn/DfGF+gl t+GhAfQpdz+v2IjodK1R1acMGtnuPZQ6ESh295+tNeRFGFPIzUcHAW+Dy/ezDbix2vcC piHg== X-Gm-Message-State: AHPjjUj9FfYXLccR6vyXlZWoKfEM757G9FCiYCm29w3Heft2DkdtQfBK QdIX7OKnMck7zny4FdQZySHkt6tN X-Google-Smtp-Source: AOwi7QAG/TkpEMITIF5Tc497D0DoQwHHmbK2RqcateHtykj6dZffG3Z2aFFKtresKxAZwQKFAW2csg== X-Received: by 10.99.53.206 with SMTP id c197mr2215493pga.440.1506541879067; Wed, 27 Sep 2017 12:51:19 -0700 (PDT) Received: from ebiggers-linuxstation.kir.corp.google.com ([100.66.174.81]) by smtp.gmail.com with ESMTPSA id d5sm24954499pfg.26.2017.09.27.12.51.18 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 27 Sep 2017 12:51:18 -0700 (PDT) From: Eric Biggers To: keyrings@vger.kernel.org Cc: David Howells , Michael Halcrow , linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, Eric Biggers Subject: [PATCH v3 7/7] KEYS: remove KEY_FLAG_NEGATIVE Date: Wed, 27 Sep 2017 12:50:47 -0700 Message-Id: <20170927195047.122358-8-ebiggers3@gmail.com> X-Mailer: git-send-email 2.14.2.822.g60be5d43e6-goog In-Reply-To: <20170927195047.122358-1-ebiggers3@gmail.com> References: <20170927195047.122358-1-ebiggers3@gmail.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Eric Biggers Now that a key's reject_error is stored in the flags word, we can check for nonzero reject_error rather than for KEY_FLAG_NEGATIVE. Do this, then remove KEY_FLAG_NEGATIVE. Signed-off-by: Eric Biggers --- include/linux/key.h | 8 ++++++-- security/keys/encrypted-keys/encrypted.c | 2 +- security/keys/gc.c | 4 +--- security/keys/key.c | 4 +--- security/keys/keyctl.c | 2 +- security/keys/keyring.c | 2 +- security/keys/proc.c | 2 +- security/keys/request_key.c | 2 +- security/keys/trusted.c | 2 +- security/keys/user_defined.c | 2 +- 10 files changed, 15 insertions(+), 15 deletions(-) diff --git a/include/linux/key.h b/include/linux/key.h index 551f099f2f6a..26e2af588265 100644 --- a/include/linux/key.h +++ b/include/linux/key.h @@ -181,7 +181,6 @@ struct key { #define KEY_FLAG_REVOKED 2 /* set if key had been revoked */ #define KEY_FLAG_IN_QUOTA 3 /* set if key consumes quota */ #define KEY_FLAG_USER_CONSTRUCT 4 /* set if key is being constructed in userspace */ -#define KEY_FLAG_NEGATIVE 5 /* set if key is negative */ #define KEY_FLAG_ROOT_CAN_CLEAR 6 /* set if key can be cleared by root without permission */ #define KEY_FLAG_INVALIDATED 7 /* set if key has been invalidated */ #define KEY_FLAG_BUILTIN 8 /* set if key is built in to the kernel */ @@ -376,7 +375,12 @@ static inline bool key_is_instantiated(const struct key *key) unsigned long flags = smp_load_acquire(&key->flags); return (flags & (1 << KEY_FLAG_INSTANTIATED)) && - !(flags & (1 << KEY_FLAG_NEGATIVE)); + !(flags & KEY_FLAGS_REJECT_ERROR_MASK); +} + +static inline bool key_is_negative(const struct key *key) +{ + return key->flags & KEY_FLAGS_REJECT_ERROR_MASK; } #define dereference_key_rcu(KEY) \ diff --git a/security/keys/encrypted-keys/encrypted.c b/security/keys/encrypted-keys/encrypted.c index 69855ba0d3b3..f54b92868bc3 100644 --- a/security/keys/encrypted-keys/encrypted.c +++ b/security/keys/encrypted-keys/encrypted.c @@ -847,7 +847,7 @@ static int encrypted_update(struct key *key, struct key_preparsed_payload *prep) size_t datalen = prep->datalen; int ret = 0; - if (test_bit(KEY_FLAG_NEGATIVE, &key->flags)) + if (key_is_negative(key)) return -ENOKEY; if (datalen <= 0 || datalen > 32767 || !prep->data) return -EINVAL; diff --git a/security/keys/gc.c b/security/keys/gc.c index 87cb260e4890..0adc52be3ea9 100644 --- a/security/keys/gc.c +++ b/security/keys/gc.c @@ -135,9 +135,7 @@ static noinline void key_gc_unused_keys(struct list_head *keys) key_check(key); /* Throw away the key data if the key is instantiated */ - if (test_bit(KEY_FLAG_INSTANTIATED, &key->flags) && - !test_bit(KEY_FLAG_NEGATIVE, &key->flags) && - key->type->destroy) + if (key_is_instantiated(key) && key->type->destroy) key->type->destroy(key); security_key_free(key); diff --git a/security/keys/key.c b/security/keys/key.c index 786158d3442e..a7d86c9aedc8 100644 --- a/security/keys/key.c +++ b/security/keys/key.c @@ -407,10 +407,8 @@ static void mark_key_instantiated(struct key *key, unsigned int reject_error) do { old = READ_ONCE(key->flags); - new = (old & ~((1 << KEY_FLAG_NEGATIVE) | - KEY_FLAGS_REJECT_ERROR_MASK)) | + new = (old & ~KEY_FLAGS_REJECT_ERROR_MASK) | (1 << KEY_FLAG_INSTANTIATED) | - (reject_error ? (1 << KEY_FLAG_NEGATIVE) : 0) | (reject_error << KEY_FLAGS_REJECT_ERROR_SHIFT); } while (cmpxchg_release(&key->flags, old, new) != old); } diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c index 19a09e121089..e90b352cc3bd 100644 --- a/security/keys/keyctl.c +++ b/security/keys/keyctl.c @@ -766,7 +766,7 @@ long keyctl_read_key(key_serial_t keyid, char __user *buffer, size_t buflen) key = key_ref_to_ptr(key_ref); - if (test_bit(KEY_FLAG_NEGATIVE, &key->flags)) { + if (key_is_negative(key)) { ret = -ENOKEY; goto error2; } diff --git a/security/keys/keyring.c b/security/keys/keyring.c index cb39b517f69c..f7ae6c6ea30b 100644 --- a/security/keys/keyring.c +++ b/security/keys/keyring.c @@ -599,7 +599,7 @@ static int keyring_search_iterator(const void *object, void *iterator_data) if (ctx->flags & KEYRING_SEARCH_DO_STATE_CHECK) { /* we set a different error code if we pass a negative key */ - if (kflags & (1 << KEY_FLAG_NEGATIVE)) { + if (kflags & KEY_FLAGS_REJECT_ERROR_MASK) { ctx->result = ERR_PTR(-(int)(kflags >> KEY_FLAGS_REJECT_ERROR_SHIFT)); kleave(" = %d [neg]", ctx->skipped_ret); diff --git a/security/keys/proc.c b/security/keys/proc.c index a038069ac46a..7d34e70f8aa1 100644 --- a/security/keys/proc.c +++ b/security/keys/proc.c @@ -250,7 +250,7 @@ static int proc_keys_show(struct seq_file *m, void *v) showflag(flags, 'D', KEY_FLAG_DEAD), showflag(flags, 'Q', KEY_FLAG_IN_QUOTA), showflag(flags, 'U', KEY_FLAG_USER_CONSTRUCT), - showflag(flags, 'N', KEY_FLAG_NEGATIVE), + (flags & KEY_FLAGS_REJECT_ERROR_MASK) ? 'N' : '-', showflag(flags, 'i', KEY_FLAG_INVALIDATED), refcount_read(&key->usage), xbuf, diff --git a/security/keys/request_key.c b/security/keys/request_key.c index 0aab68344837..1953ceb33efc 100644 --- a/security/keys/request_key.c +++ b/security/keys/request_key.c @@ -599,7 +599,7 @@ int wait_for_key_construction(struct key *key, bool intr) /* Pairs with RELEASE in mark_key_instantiated() */ flags = smp_load_acquire(&key->flags); - if (flags & (1 << KEY_FLAG_NEGATIVE)) + if (flags & KEY_FLAGS_REJECT_ERROR_MASK) return -(int)(flags >> KEY_FLAGS_REJECT_ERROR_SHIFT); return key_validate(key); diff --git a/security/keys/trusted.c b/security/keys/trusted.c index ddfaebf60fc8..bd85315cbfeb 100644 --- a/security/keys/trusted.c +++ b/security/keys/trusted.c @@ -1066,7 +1066,7 @@ static int trusted_update(struct key *key, struct key_preparsed_payload *prep) char *datablob; int ret = 0; - if (test_bit(KEY_FLAG_NEGATIVE, &key->flags)) + if (key_is_negative(key)) return -ENOKEY; p = key->payload.data[0]; if (!p->migratable) diff --git a/security/keys/user_defined.c b/security/keys/user_defined.c index 3d8c68eba516..a5506400836c 100644 --- a/security/keys/user_defined.c +++ b/security/keys/user_defined.c @@ -114,7 +114,7 @@ int user_update(struct key *key, struct key_preparsed_payload *prep) /* attach the new data, displacing the old */ key->expiry = prep->expiry; - if (!test_bit(KEY_FLAG_NEGATIVE, &key->flags)) + if (!key_is_negative(key)) zap = dereference_key_locked(key); rcu_assign_keypointer(key, prep->payload.data[0]); prep->payload.data[0] = NULL;