| Message ID | 20240821123616.60401-3-dhowells@redhat.com (mailing list archive) |
|---|---|
| State | Handled Elsewhere |
| Headers | show |
| Series | keys: Add tracepoints | expand |
On Wed Aug 21, 2024 at 3:36 PM EEST, David Howells wrote: > Extract the key_user struct to its own header file to make it easier to > access from tracepoints. > > Signed-off-by: David Howells <dhowells@redhat.com> > cc: Jarkko Sakkinen <jarkko@kernel.org> > cc: keyrings@vger.kernel.org > cc: linux-security-module@vger.kernel.org > --- > include/keys/key_user.h | 35 +++++++++++++++++++++++++++++++++++ > security/keys/internal.h | 20 +------------------- > 2 files changed, 36 insertions(+), 19 deletions(-) > create mode 100644 include/keys/key_user.h > > diff --git a/include/keys/key_user.h b/include/keys/key_user.h > new file mode 100644 > index 000000000000..e9c383d8116e > --- /dev/null > +++ b/include/keys/key_user.h > @@ -0,0 +1,35 @@ > +/* User quota tracking for keys. > + * > + * Copyright (C) 2024 Red Hat, Inc. All Rights Reserved. > + * Written by David Howells (dhowells@redhat.com) > + * > + * This program is free software; you can redistribute it and/or > + * modify it under the terms of the GNU General Public Licence > + * as published by the Free Software Foundation; either version > + * 2 of the Licence, or (at your option) any later version. > + */ > + > +#ifndef _KEYS_KEY_USER_H > +#define _KEYS_KEY_USER_H > + > +/* > + * Keep track of keys for a user. > + * > + * This needs to be separate to user_struct to avoid a refcount-loop > + * (user_struct pins some keyrings which pin this struct). > + * > + * We also keep track of keys under request from userspace for this UID here. > + */ > +struct key_user { > + struct rb_node node; > + struct mutex cons_lock; /* construction initiation lock */ > + spinlock_t lock; > + refcount_t usage; /* for accessing qnkeys & qnbytes */ > + atomic_t nkeys; /* number of keys */ > + atomic_t nikeys; /* number of instantiated keys */ > + kuid_t uid; > + int qnkeys; /* number of keys allocated to this user */ > + int qnbytes; /* number of bytes allocated to this user */ > +}; > + > +#endif /* _KEYS_KEY_USER_H */ > diff --git a/security/keys/internal.h b/security/keys/internal.h > index 8ba87127e446..33c929a6bb97 100644 > --- a/security/keys/internal.h > +++ b/security/keys/internal.h > @@ -19,6 +19,7 @@ > #include <linux/compat.h> > #include <linux/mm.h> > #include <linux/vmalloc.h> > +#include <keys/key_user.h> > > struct iovec; > > @@ -43,25 +44,6 @@ extern struct key_type key_type_user; > extern struct key_type key_type_logon; > > /*****************************************************************************/ > -/* > - * Keep track of keys for a user. > - * > - * This needs to be separate to user_struct to avoid a refcount-loop > - * (user_struct pins some keyrings which pin this struct). > - * > - * We also keep track of keys under request from userspace for this UID here. > - */ > -struct key_user { > - struct rb_node node; > - struct mutex cons_lock; /* construction initiation lock */ > - spinlock_t lock; > - refcount_t usage; /* for accessing qnkeys & qnbytes */ > - atomic_t nkeys; /* number of keys */ > - atomic_t nikeys; /* number of instantiated keys */ > - kuid_t uid; > - int qnkeys; /* number of keys allocated to this user */ > - int qnbytes; /* number of bytes allocated to this user */ > -}; > > extern struct rb_root key_user_tree; > extern spinlock_t key_user_lock; Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> BR, Jarkko
diff --git a/include/keys/key_user.h b/include/keys/key_user.h new file mode 100644 index 000000000000..e9c383d8116e --- /dev/null +++ b/include/keys/key_user.h @@ -0,0 +1,35 @@ +/* User quota tracking for keys. + * + * Copyright (C) 2024 Red Hat, Inc. All Rights Reserved. + * Written by David Howells (dhowells@redhat.com) + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public Licence + * as published by the Free Software Foundation; either version + * 2 of the Licence, or (at your option) any later version. + */ + +#ifndef _KEYS_KEY_USER_H +#define _KEYS_KEY_USER_H + +/* + * Keep track of keys for a user. + * + * This needs to be separate to user_struct to avoid a refcount-loop + * (user_struct pins some keyrings which pin this struct). + * + * We also keep track of keys under request from userspace for this UID here. + */ +struct key_user { + struct rb_node node; + struct mutex cons_lock; /* construction initiation lock */ + spinlock_t lock; + refcount_t usage; /* for accessing qnkeys & qnbytes */ + atomic_t nkeys; /* number of keys */ + atomic_t nikeys; /* number of instantiated keys */ + kuid_t uid; + int qnkeys; /* number of keys allocated to this user */ + int qnbytes; /* number of bytes allocated to this user */ +}; + +#endif /* _KEYS_KEY_USER_H */ diff --git a/security/keys/internal.h b/security/keys/internal.h index 8ba87127e446..33c929a6bb97 100644 --- a/security/keys/internal.h +++ b/security/keys/internal.h @@ -19,6 +19,7 @@ #include <linux/compat.h> #include <linux/mm.h> #include <linux/vmalloc.h> +#include <keys/key_user.h> struct iovec; @@ -43,25 +44,6 @@ extern struct key_type key_type_user; extern struct key_type key_type_logon; /*****************************************************************************/ -/* - * Keep track of keys for a user. - * - * This needs to be separate to user_struct to avoid a refcount-loop - * (user_struct pins some keyrings which pin this struct). - * - * We also keep track of keys under request from userspace for this UID here. - */ -struct key_user { - struct rb_node node; - struct mutex cons_lock; /* construction initiation lock */ - spinlock_t lock; - refcount_t usage; /* for accessing qnkeys & qnbytes */ - atomic_t nkeys; /* number of keys */ - atomic_t nikeys; /* number of instantiated keys */ - kuid_t uid; - int qnkeys; /* number of keys allocated to this user */ - int qnbytes; /* number of bytes allocated to this user */ -}; extern struct rb_root key_user_tree; extern spinlock_t key_user_lock;
Extract the key_user struct to its own header file to make it easier to access from tracepoints. Signed-off-by: David Howells <dhowells@redhat.com> cc: Jarkko Sakkinen <jarkko@kernel.org> cc: keyrings@vger.kernel.org cc: linux-security-module@vger.kernel.org --- include/keys/key_user.h | 35 +++++++++++++++++++++++++++++++++++ security/keys/internal.h | 20 +------------------- 2 files changed, 36 insertions(+), 19 deletions(-) create mode 100644 include/keys/key_user.h