| /security/keys/ |
| D | key.c | 42 void __key_check(const struct key *key) in __key_check() argument
45 key, key->magic, KEY_DEBUG_MAGIC); in __key_check()
137 static inline void key_alloc_serial(struct key *key) in key_alloc_serial() argument
140 struct key *xkey; in key_alloc_serial()
145 get_random_bytes(&key->serial, sizeof(key->serial)); in key_alloc_serial()
147 key->serial >>= 1; /* negative numbers are not permitted */ in key_alloc_serial()
148 } while (key->serial < 3); in key_alloc_serial()
158 xkey = rb_entry(parent, struct key, serial_node); in key_alloc_serial()
160 if (key->serial < xkey->serial) in key_alloc_serial()
162 else if (key->serial > xkey->serial) in key_alloc_serial()
[all …]
|
| D | gc.c | 130 struct key *key = in key_gc_unused_keys() local
131 list_entry(keys->next, struct key, graveyard_link); in key_gc_unused_keys()
132 list_del(&key->graveyard_link); in key_gc_unused_keys()
134 kdebug("- %u", key->serial); in key_gc_unused_keys()
135 key_check(key); in key_gc_unused_keys()
138 if (test_bit(KEY_FLAG_INSTANTIATED, &key->flags) && in key_gc_unused_keys()
139 !test_bit(KEY_FLAG_NEGATIVE, &key->flags) && in key_gc_unused_keys()
140 key->type->destroy) in key_gc_unused_keys()
141 key->type->destroy(key); in key_gc_unused_keys()
143 security_key_free(key); in key_gc_unused_keys()
[all …]
|
| D | request_key.c | 35 kenter("{%d,%d},%d", cons->key->serial, cons->authkey->serial, error); in complete_request_key()
38 key_negate_and_link(cons->key, key_negative_timeout, NULL, in complete_request_key()
43 key_put(cons->key); in complete_request_key()
58 struct key *keyring = info->data; in umh_keys_init()
68 struct key *keyring = info->data; in umh_keys_cleanup()
76 struct key *session_keyring, int wait) in call_usermodehelper_keys()
100 struct key *key = cons->key, *authkey = cons->authkey, *keyring, in call_sbin_request_key() local
107 kenter("{%d},{%d},%s", key->serial, authkey->serial, op); in call_sbin_request_key()
114 sprintf(desc, "_req.%u", key->serial); in call_sbin_request_key()
136 sprintf(key_str, "%d", key->serial); in call_sbin_request_key()
[all …]
|
| D | proc.c | 97 struct key *key = rb_entry(n, struct key, serial_node); in key_serial_next() local
98 if (kuid_has_mapping(user_ns, key->user->uid)) in key_serial_next()
110 static struct key *find_ge_key(struct seq_file *p, key_serial_t id) in find_ge_key()
114 struct key *minkey = NULL; in find_ge_key()
117 struct key *key = rb_entry(n, struct key, serial_node); in find_ge_key() local
118 if (id < key->serial) { in find_ge_key()
119 if (!minkey || minkey->serial > key->serial) in find_ge_key()
120 minkey = key; in find_ge_key()
122 } else if (id > key->serial) { in find_ge_key()
125 minkey = key; in find_ge_key()
[all …]
|
| D | internal.h | 91 extern int __key_link_begin(struct key *keyring,
94 extern int __key_link_check_live_key(struct key *keyring, struct key *key);
95 extern void __key_link(struct key *key, struct assoc_array_edit **_edit);
96 extern void __key_link_end(struct key *keyring,
103 extern struct key *keyring_search_instkey(struct key *keyring,
106 extern int iterate_over_keyring(const struct key *keyring,
107 int (*func)(const struct key *key, void *data),
131 extern bool key_default_cmp(const struct key *key,
139 extern struct key *find_keyring_by_name(const char *name, bool uid_keyring);
144 extern int install_session_keyring_to_cred(struct cred *, struct key *);
[all …]
|
| D | permission.c | 33 struct key *key; in key_task_permission() local
37 key = key_ref_to_ptr(key_ref); in key_task_permission()
40 if (uid_eq(key->uid, cred->fsuid)) { in key_task_permission()
41 kperm = key->perm >> 16; in key_task_permission()
47 if (gid_valid(key->gid) && key->perm & KEY_GRP_ALL) { in key_task_permission()
48 if (gid_eq(key->gid, cred->fsgid)) { in key_task_permission()
49 kperm = key->perm >> 8; in key_task_permission()
53 ret = groups_search(cred->group_info, key->gid); in key_task_permission()
55 kperm = key->perm >> 8; in key_task_permission()
61 kperm = key->perm; in key_task_permission()
[all …]
|
| D | keyring.c | 46 static inline struct key *keyring_ptr_to_key(const struct assoc_array_ptr *x) in keyring_ptr_to_key()
49 return (struct key *)((unsigned long)object & ~KEYRING_PTR_SUBTYPE); in keyring_ptr_to_key()
51 static inline void *keyring_key_to_ptr(struct key *key) in keyring_key_to_ptr() argument
53 if (key->type == &key_type_keyring) in keyring_key_to_ptr()
54 return (void *)((unsigned long)key | KEYRING_PTR_SUBTYPE); in keyring_key_to_ptr()
55 return key; in keyring_key_to_ptr()
78 static int keyring_instantiate(struct key *keyring,
80 static void keyring_revoke(struct key *keyring);
81 static void keyring_destroy(struct key *keyring);
82 static void keyring_describe(const struct key *keyring, struct seq_file *m);
[all …]
|
| D | request_key_auth.c | 25 static int request_key_auth_instantiate(struct key *,
27 static void request_key_auth_describe(const struct key *, struct seq_file *);
28 static void request_key_auth_revoke(struct key *);
29 static void request_key_auth_destroy(struct key *);
30 static long request_key_auth_read(const struct key *, char __user *, size_t);
59 static int request_key_auth_instantiate(struct key *key, in request_key_auth_instantiate() argument
62 key->payload.data = (struct request_key_auth *)prep->data; in request_key_auth_instantiate()
69 static void request_key_auth_describe(const struct key *key, in request_key_auth_describe() argument
72 struct request_key_auth *rka = key->payload.data; in request_key_auth_describe()
75 seq_puts(m, key->description); in request_key_auth_describe()
[all …]
|
| D | user_defined.c | 97 int user_update(struct key *key, struct key_preparsed_payload *prep) in user_update() argument
119 ret = key_payload_reserve(key, datalen); in user_update()
123 if (!test_bit(KEY_FLAG_NEGATIVE, &key->flags)) in user_update()
124 zap = key->payload.data; in user_update()
127 rcu_assign_keypointer(key, upayload); in user_update()
128 key->expiry = 0; in user_update()
144 void user_revoke(struct key *key) in user_revoke() argument
146 struct user_key_payload *upayload = key->payload.data; in user_revoke()
149 key_payload_reserve(key, 0); in user_revoke()
152 rcu_assign_keypointer(key, NULL); in user_revoke()
[all …]
|
| D | big_key.c | 124 void big_key_revoke(struct key *key) in big_key_revoke() argument
126 struct path *path = (struct path *)&key->payload.data2; in big_key_revoke()
129 key_payload_reserve(key, 0); in big_key_revoke()
130 if (key_is_instantiated(key) && key->type_data.x[1] > BIG_KEY_FILE_THRESHOLD) in big_key_revoke()
137 void big_key_destroy(struct key *key) in big_key_destroy() argument
139 if (key->type_data.x[1] > BIG_KEY_FILE_THRESHOLD) { in big_key_destroy()
140 struct path *path = (struct path *)&key->payload.data2; in big_key_destroy()
145 kfree(key->payload.data); in big_key_destroy()
146 key->payload.data = NULL; in big_key_destroy()
153 void big_key_describe(const struct key *key, struct seq_file *m) in big_key_describe() argument
[all …]
|
| D | process_keys.c | 47 struct key *uid_keyring, *session_keyring; in install_user_keyrings()
139 struct key *keyring; in install_thread_keyring_to_cred()
185 struct key *keyring; in install_process_keyring_to_cred()
230 int install_session_keyring_to_cred(struct cred *cred, struct key *keyring) in install_session_keyring_to_cred()
233 struct key *old; in install_session_keyring_to_cred()
269 static int install_session_keyring(struct key *keyring) in install_session_keyring()
506 bool lookup_user_key_possessed(const struct key *key, in lookup_user_key_possessed() argument
509 return key == match_data->raw_data; in lookup_user_key_possessed()
539 struct key *key; in lookup_user_key() local
561 key = ctx.cred->thread_keyring; in lookup_user_key()
[all …]
|
| D | keyctl.c | 170 struct key *key; in SYSCALL_DEFINE4() local
219 key = request_key_and_link(ktype, description, callout_info, in SYSCALL_DEFINE4()
222 if (IS_ERR(key)) { in SYSCALL_DEFINE4()
223 ret = PTR_ERR(key); in SYSCALL_DEFINE4()
228 ret = wait_for_key_construction(key, 1); in SYSCALL_DEFINE4()
232 ret = key->serial; in SYSCALL_DEFINE4()
235 key_put(key); in SYSCALL_DEFINE4()
570 struct key *key, *instkey; in keyctl_describe_key() local
597 key = key_ref_to_ptr(key_ref); in keyctl_describe_key()
598 desclen = strlen(key->description); in keyctl_describe_key()
[all …]
|
| D | trusted.c | 76 static int TSS_rawhmac(unsigned char *digest, const unsigned char *key, in TSS_rawhmac() argument
91 ret = crypto_shash_setkey(hmacalg, key, keylen); in TSS_rawhmac()
123 static int TSS_authhmac(unsigned char *digest, const unsigned char *key, in TSS_authhmac() argument
163 ret = TSS_rawhmac(digest, key, keylen, SHA1_DIGEST_SIZE, in TSS_authhmac()
177 const unsigned char *key, in TSS_checkhmac1() argument
239 ret = TSS_rawhmac(testhmac, key, keylen, SHA1_DIGEST_SIZE, paramdigest, in TSS_checkhmac1()
394 const unsigned char *key, uint16_t type, uint32_t handle) in osap() argument
421 return TSS_rawhmac(s->secret, key, SHA1_DIGEST_SIZE, TPM_NONCE_SIZE, in osap()
672 p->key[p->key_len] = p->migratable; in key_seal()
675 p->key, p->key_len + 1, p->blob, &p->blob_len, in key_seal()
[all …]
|
| D | Kconfig | 6 bool "Enable access key retention support"
16 Furthermore, a special type of key is available that acts as keyring:
32 primarily aimed at Kerberos key storage. The keyrings are persistent
82 which are encrypted/decrypted with a 'master' symmetric key. The
83 'master' key can be either a trusted-key or user-key type.
101 Only key attributes are listed here; key payloads are not included in
|
| /security/selinux/ss/ |
| D | avtab.c | 38 struct avtab_key *key, struct avtab_datum *datum) in avtab_insert_node() argument
45 newnode->key = *key; in avtab_insert_node()
47 if (key->specified & AVTAB_XPERMS) { in avtab_insert_node()
71 static int avtab_insert(struct avtab *h, struct avtab_key *key, struct avtab_datum *datum) in avtab_insert() argument
75 u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD); in avtab_insert()
80 hvalue = avtab_hash(key, h->mask); in avtab_insert()
84 if (key->source_type == cur->key.source_type && in avtab_insert()
85 key->target_type == cur->key.target_type && in avtab_insert()
86 key->target_class == cur->key.target_class && in avtab_insert()
87 (specified & cur->key.specified)) { in avtab_insert()
[all …]
|
| D | hashtab.c | 12 struct hashtab *hashtab_create(u32 (*hash_value)(struct hashtab *h, const void *key), in hashtab_create() argument
39 int hashtab_insert(struct hashtab *h, void *key, void *datum) in hashtab_insert() argument
49 hvalue = h->hash_value(h, key); in hashtab_insert()
52 while (cur && h->keycmp(h, key, cur->key) > 0) { in hashtab_insert()
57 if (cur && (h->keycmp(h, key, cur->key) == 0)) in hashtab_insert()
63 newnode->key = key; in hashtab_insert()
77 void *hashtab_search(struct hashtab *h, const void *key) in hashtab_search() argument
85 hvalue = h->hash_value(h, key); in hashtab_search()
87 while (cur && h->keycmp(h, key, cur->key) > 0) in hashtab_search()
90 if (cur == NULL || (h->keycmp(h, key, cur->key) != 0)) in hashtab_search()
[all …]
|
| D | conditional.c | 103 cur->node->key.specified &= ~AVTAB_ENABLED; in evaluate_cond_node()
105 cur->node->key.specified |= AVTAB_ENABLED; in evaluate_cond_node()
111 cur->node->key.specified &= ~AVTAB_ENABLED; in evaluate_cond_node()
113 cur->node->key.specified |= AVTAB_ENABLED; in evaluate_cond_node()
186 int cond_destroy_bool(void *key, void *datum, void *p) in cond_destroy_bool() argument
188 kfree(key); in cond_destroy_bool()
193 int cond_index_bool(void *key, void *datum, void *datap) in cond_index_bool() argument
206 if (flex_array_put_ptr(fa, booldatum->value - 1, key, in cond_index_bool()
223 char *key = NULL; in cond_read_bool() local
247 key = kmalloc(len + 1, GFP_KERNEL); in cond_read_bool()
[all …]
|
| D | policydb.c | 177 char *key = NULL; in roles_init() local
192 key = kstrdup(OBJECT_R, GFP_KERNEL); in roles_init()
193 if (!key) in roles_init()
196 rc = hashtab_insert(p->p_roles.table, key, role); in roles_init()
202 kfree(key); in roles_init()
246 const struct range_trans *key = k; in rangetr_hash() local
247 return (key->source_type + (key->target_type << 3) + in rangetr_hash()
248 (key->target_class << 5)) & (h->size - 1); in rangetr_hash()
327 static int common_index(void *key, void *datum, void *datap) in common_index() argument
339 if (flex_array_put_ptr(fa, comdatum->value - 1, key, in common_index()
[all …]
|
| D | conditional.h | 67 int cond_destroy_bool(void *key, void *datum, void *p);
69 int cond_index_bool(void *key, void *datum, void *datap);
73 int cond_write_bool(void *key, void *datum, void *ptr);
76 void cond_compute_av(struct avtab *ctab, struct avtab_key *key,
78 void cond_compute_xperms(struct avtab *ctab, struct avtab_key *key,
|
| D | hashtab.h | 16 void *key; member
25 u32 (*hash_value)(struct hashtab *h, const void *key);
42 struct hashtab *hashtab_create(u32 (*hash_value)(struct hashtab *h, const void *key),
|
| D | avtab.h | 80 struct avtab_key key; member
109 struct avtab_node *avtab_insert_nonunique(struct avtab *h, struct avtab_key *key,
112 struct avtab_node *avtab_search_node(struct avtab *h, struct avtab_key *key);
|
| /security/integrity/ |
| D | digsig_asymmetric.c | 26 static struct key *request_asymmetric_key(struct key *keyring, uint32_t keyid) in request_asymmetric_key()
28 struct key *key; in request_asymmetric_key() local
41 key = ERR_CAST(kref); in request_asymmetric_key()
43 key = key_ref_to_ptr(kref); in request_asymmetric_key()
45 key = request_key(&key_type_asymmetric, name, NULL); in request_asymmetric_key()
48 if (IS_ERR(key)) { in request_asymmetric_key()
50 name, PTR_ERR(key)); in request_asymmetric_key()
51 switch (PTR_ERR(key)) { in request_asymmetric_key()
58 return key; in request_asymmetric_key()
62 pr_debug("%s() = 0 [%x]\n", __func__, key_serial(key)); in request_asymmetric_key()
[all …]
|
| /security/keys/encrypted-keys/ |
| D | encrypted.c | 306 static struct key *request_user_key(const char *master_desc, u8 **master_key, in request_user_key()
310 struct key *ukey; in request_user_key()
345 static int calc_hmac(u8 *digest, const u8 *key, unsigned int keylen, in calc_hmac() argument
357 ret = crypto_shash_setkey(hmacalg, key, keylen); in calc_hmac()
411 static int init_blkcipher_desc(struct blkcipher_desc *desc, const u8 *key, in init_blkcipher_desc() argument
425 ret = crypto_blkcipher_setkey(desc->tfm, key, key_len); in init_blkcipher_desc()
435 static struct key *request_master_key(struct encrypted_key_payload *epayload, in request_master_key()
438 struct key *mkey = ERR_PTR(-EINVAL); in request_master_key()
605 static struct encrypted_key_payload *encrypted_key_alloc(struct key *key, in encrypted_key_alloc() argument
642 ret = key_payload_reserve(key, payload_datalen + datablob_len in encrypted_key_alloc()
[all …]
|
| D | masterkey_trusted.c | 31 struct key *request_trusted_key(const char *trusted_desc, in request_trusted_key()
35 struct key *tkey; in request_trusted_key()
43 *master_key = tpayload->key; in request_trusted_key()
|
| /security/integrity/ima/ |
| D | ima_queue.c | 50 unsigned int key; in ima_lookup_digest_entry() local
53 key = ima_hash_key(digest_value); in ima_lookup_digest_entry()
55 hlist_for_each_entry_rcu(qe, &ima_htable.queue[key], hnext) { in ima_lookup_digest_entry()
74 unsigned int key; in ima_add_digest_entry() local
87 key = ima_hash_key(entry->digest); in ima_add_digest_entry()
88 hlist_add_head_rcu(&qe->hnext, &ima_htable.queue[key]); in ima_add_digest_entry()
|