/* * the key control system call, 32-bit compatibility version for 64-bit archs * - this should only be called if the 64-bit arch uses weird pointers in * 32-bit mode or doesn't guarantee that the top 32-bits of the argument * registers on taking a 32-bit syscall are zero * - if you can, you should call sys_keyctl directly */ asmlinkage long compat_sys_keyctl(u32 option, u32 arg2, u32 arg3, u32 arg4, u32 arg5) { switch (option) { case KEYCTL_GET_KEYRING_ID: return keyctl_get_keyring_ID(arg2, arg3); case KEYCTL_JOIN_SESSION_KEYRING: return keyctl_join_session_keyring(compat_ptr(arg2)); case KEYCTL_UPDATE: return keyctl_update_key(arg2, compat_ptr(arg3), arg4); case KEYCTL_REVOKE: return keyctl_revoke_key(arg2); case KEYCTL_DESCRIBE: return keyctl_describe_key(arg2, compat_ptr(arg3), arg4); case KEYCTL_CLEAR: return keyctl_keyring_clear(arg2); case KEYCTL_LINK: return keyctl_keyring_link(arg2, arg3); case KEYCTL_UNLINK: return keyctl_keyring_unlink(arg2, arg3); case KEYCTL_SEARCH: return keyctl_keyring_search(arg2, compat_ptr(arg3), compat_ptr(arg4), arg5); case KEYCTL_READ: return keyctl_read_key(arg2, compat_ptr(arg3), arg4); case KEYCTL_CHOWN: return keyctl_chown_key(arg2, arg3, arg4); case KEYCTL_SETPERM: return keyctl_setperm_key(arg2, arg3); case KEYCTL_INSTANTIATE: return keyctl_instantiate_key(arg2, compat_ptr(arg3), arg4, arg5); case KEYCTL_NEGATE: return keyctl_negate_key(arg2, arg3, arg4); case KEYCTL_SET_REQKEY_KEYRING: return keyctl_set_reqkey_keyring(arg2); case KEYCTL_SET_TIMEOUT: return keyctl_set_timeout(arg2, arg3); case KEYCTL_ASSUME_AUTHORITY: return keyctl_assume_authority(arg2); case KEYCTL_GET_SECURITY: return keyctl_get_security(arg2, compat_ptr(arg3), arg4); case KEYCTL_SESSION_TO_PARENT: return keyctl_session_to_parent(); default: return -EOPNOTSUPP; } } /* end compat_sys_keyctl() */
int main(int argc, char *argv[]) { key_serial_t key; char *ktype, *kdesc, *buf, *callout_info; int ret, ntype, dpos, n, fd; signal(SIGSEGV, oops); signal(SIGBUS, oops); signal(SIGPIPE, SIG_IGN); for (;;) { if (argc > 1 && strcmp(argv[1], "-d") == 0) { xdebug++; argv++; argc--; } else if (argc > 1 && strcmp(argv[1], "-n") == 0) { xnolog = 1; argv++; argc--; } else break; } if (argc != 8 && argc != 9) error("Unexpected argument count: %d\n", argc); fd = open("/dev/null", O_RDWR); if (fd < 0) error("open"); if (fd > 2) { close(fd); } else if (fd < 2) { ret = dup(fd); if (ret < 0) error("dup failed: %m\n"); if (ret < 2 && dup(fd) < 0) error("dup failed: %m\n"); } xkey = argv[2]; xuid = argv[3]; xgid = argv[4]; xthread_keyring = argv[5]; xprocess_keyring = argv[6]; xsession_keyring = argv[7]; key = atoi(xkey); /* assume authority over the key * - older kernel doesn't support this function */ ret = keyctl_assume_authority(key); if (ret < 0 && !(argc == 9 || errno == EOPNOTSUPP)) error("Failed to assume authority over key %d (%m)\n", key); /* ask the kernel to describe the key to us */ if (xdebug < 2) { ret = keyctl_describe_alloc(key, &buf); if (ret < 0) goto inaccessible; } else { buf = strdup("user;0;0;1f0000;debug:1234"); } /* extract the type and description from the key */ debug("Key descriptor: \"%s\"\n", buf); ntype = -1; dpos = -1; n = sscanf(buf, "%*[^;]%n;%*d;%*d;%x;%n", &ntype, &n, &dpos); if (n != 1) error("Failed to parse key description\n"); ktype = buf; ktype[ntype] = 0; kdesc = buf + dpos; debug("Key type: %s\n", ktype); debug("Key desc: %s\n", kdesc); /* get hold of the callout info */ callout_info = argv[8]; if (!callout_info) { void *tmp; if (keyctl_read_alloc(KEY_SPEC_REQKEY_AUTH_KEY, &tmp) < 0) error("Failed to retrieve callout info (%m)\n"); callout_info = tmp; } debug("CALLOUT: '%s'\n", callout_info); /* determine the action to perform */ lookup_action(argv[1], /* op */ key, /* ID of key under construction */ ktype, /* key type */ kdesc, /* key description */ callout_info /* call out information */ ); inaccessible: error("Key %d is inaccessible (%m)\n", key); } /* end main() */