| David Brazdil | 0f672f6 | 2019-12-10 10:32:29 +0000 | [diff] [blame^] | 1 | // SPDX-License-Identifier: GPL-2.0-or-later |
| Andrew Scull | b4b6d4a | 2019-01-02 15:54:55 +0000 | [diff] [blame] | 2 | /* 32-bit compatibility syscall for 64-bit systems |
| 3 | * |
| 4 | * Copyright (C) 2004-5 Red Hat, Inc. All Rights Reserved. |
| 5 | * Written by David Howells (dhowells@redhat.com) |
| Andrew Scull | b4b6d4a | 2019-01-02 15:54:55 +0000 | [diff] [blame] | 6 | */ |
| 7 | |
| 8 | #include <linux/syscalls.h> |
| 9 | #include <linux/keyctl.h> |
| 10 | #include <linux/compat.h> |
| 11 | #include <linux/slab.h> |
| 12 | #include "internal.h" |
| 13 | |
| 14 | /* |
| 15 | * Instantiate a key with the specified compatibility multipart payload and |
| 16 | * link the key into the destination keyring if one is given. |
| 17 | * |
| 18 | * The caller must have the appropriate instantiation permit set for this to |
| 19 | * work (see keyctl_assume_authority). No other permissions are required. |
| 20 | * |
| 21 | * If successful, 0 will be returned. |
| 22 | */ |
| 23 | static long compat_keyctl_instantiate_key_iov( |
| 24 | key_serial_t id, |
| 25 | const struct compat_iovec __user *_payload_iov, |
| 26 | unsigned ioc, |
| 27 | key_serial_t ringid) |
| 28 | { |
| 29 | struct iovec iovstack[UIO_FASTIOV], *iov = iovstack; |
| 30 | struct iov_iter from; |
| 31 | long ret; |
| 32 | |
| 33 | if (!_payload_iov) |
| 34 | ioc = 0; |
| 35 | |
| 36 | ret = compat_import_iovec(WRITE, _payload_iov, ioc, |
| 37 | ARRAY_SIZE(iovstack), &iov, |
| 38 | &from); |
| 39 | if (ret < 0) |
| 40 | return ret; |
| 41 | |
| 42 | ret = keyctl_instantiate_key_common(id, &from, ringid); |
| 43 | kfree(iov); |
| 44 | return ret; |
| 45 | } |
| 46 | |
| 47 | /* |
| 48 | * The key control system call, 32-bit compatibility version for 64-bit archs |
| 49 | * |
| 50 | * This should only be called if the 64-bit arch uses weird pointers in 32-bit |
| 51 | * mode or doesn't guarantee that the top 32-bits of the argument registers on |
| 52 | * taking a 32-bit syscall are zero. If you can, you should call sys_keyctl() |
| 53 | * directly. |
| 54 | */ |
| 55 | COMPAT_SYSCALL_DEFINE5(keyctl, u32, option, |
| 56 | u32, arg2, u32, arg3, u32, arg4, u32, arg5) |
| 57 | { |
| 58 | switch (option) { |
| 59 | case KEYCTL_GET_KEYRING_ID: |
| 60 | return keyctl_get_keyring_ID(arg2, arg3); |
| 61 | |
| 62 | case KEYCTL_JOIN_SESSION_KEYRING: |
| 63 | return keyctl_join_session_keyring(compat_ptr(arg2)); |
| 64 | |
| 65 | case KEYCTL_UPDATE: |
| 66 | return keyctl_update_key(arg2, compat_ptr(arg3), arg4); |
| 67 | |
| 68 | case KEYCTL_REVOKE: |
| 69 | return keyctl_revoke_key(arg2); |
| 70 | |
| 71 | case KEYCTL_DESCRIBE: |
| 72 | return keyctl_describe_key(arg2, compat_ptr(arg3), arg4); |
| 73 | |
| 74 | case KEYCTL_CLEAR: |
| 75 | return keyctl_keyring_clear(arg2); |
| 76 | |
| 77 | case KEYCTL_LINK: |
| 78 | return keyctl_keyring_link(arg2, arg3); |
| 79 | |
| 80 | case KEYCTL_UNLINK: |
| 81 | return keyctl_keyring_unlink(arg2, arg3); |
| 82 | |
| 83 | case KEYCTL_SEARCH: |
| 84 | return keyctl_keyring_search(arg2, compat_ptr(arg3), |
| 85 | compat_ptr(arg4), arg5); |
| 86 | |
| 87 | case KEYCTL_READ: |
| 88 | return keyctl_read_key(arg2, compat_ptr(arg3), arg4); |
| 89 | |
| 90 | case KEYCTL_CHOWN: |
| 91 | return keyctl_chown_key(arg2, arg3, arg4); |
| 92 | |
| 93 | case KEYCTL_SETPERM: |
| 94 | return keyctl_setperm_key(arg2, arg3); |
| 95 | |
| 96 | case KEYCTL_INSTANTIATE: |
| 97 | return keyctl_instantiate_key(arg2, compat_ptr(arg3), arg4, |
| 98 | arg5); |
| 99 | |
| 100 | case KEYCTL_NEGATE: |
| 101 | return keyctl_negate_key(arg2, arg3, arg4); |
| 102 | |
| 103 | case KEYCTL_SET_REQKEY_KEYRING: |
| 104 | return keyctl_set_reqkey_keyring(arg2); |
| 105 | |
| 106 | case KEYCTL_SET_TIMEOUT: |
| 107 | return keyctl_set_timeout(arg2, arg3); |
| 108 | |
| 109 | case KEYCTL_ASSUME_AUTHORITY: |
| 110 | return keyctl_assume_authority(arg2); |
| 111 | |
| 112 | case KEYCTL_GET_SECURITY: |
| 113 | return keyctl_get_security(arg2, compat_ptr(arg3), arg4); |
| 114 | |
| 115 | case KEYCTL_SESSION_TO_PARENT: |
| 116 | return keyctl_session_to_parent(); |
| 117 | |
| 118 | case KEYCTL_REJECT: |
| 119 | return keyctl_reject_key(arg2, arg3, arg4, arg5); |
| 120 | |
| 121 | case KEYCTL_INSTANTIATE_IOV: |
| 122 | return compat_keyctl_instantiate_key_iov( |
| 123 | arg2, compat_ptr(arg3), arg4, arg5); |
| 124 | |
| 125 | case KEYCTL_INVALIDATE: |
| 126 | return keyctl_invalidate_key(arg2); |
| 127 | |
| 128 | case KEYCTL_GET_PERSISTENT: |
| 129 | return keyctl_get_persistent(arg2, arg3); |
| 130 | |
| 131 | case KEYCTL_DH_COMPUTE: |
| 132 | return compat_keyctl_dh_compute(compat_ptr(arg2), |
| 133 | compat_ptr(arg3), |
| 134 | arg4, compat_ptr(arg5)); |
| 135 | |
| 136 | case KEYCTL_RESTRICT_KEYRING: |
| 137 | return keyctl_restrict_keyring(arg2, compat_ptr(arg3), |
| 138 | compat_ptr(arg4)); |
| 139 | |
| David Brazdil | 0f672f6 | 2019-12-10 10:32:29 +0000 | [diff] [blame^] | 140 | case KEYCTL_PKEY_QUERY: |
| 141 | if (arg3 != 0) |
| 142 | return -EINVAL; |
| 143 | return keyctl_pkey_query(arg2, |
| 144 | compat_ptr(arg4), |
| 145 | compat_ptr(arg5)); |
| 146 | |
| 147 | case KEYCTL_PKEY_ENCRYPT: |
| 148 | case KEYCTL_PKEY_DECRYPT: |
| 149 | case KEYCTL_PKEY_SIGN: |
| 150 | return keyctl_pkey_e_d_s(option, |
| 151 | compat_ptr(arg2), compat_ptr(arg3), |
| 152 | compat_ptr(arg4), compat_ptr(arg5)); |
| 153 | |
| 154 | case KEYCTL_PKEY_VERIFY: |
| 155 | return keyctl_pkey_verify(compat_ptr(arg2), compat_ptr(arg3), |
| 156 | compat_ptr(arg4), compat_ptr(arg5)); |
| 157 | |
| 158 | case KEYCTL_MOVE: |
| 159 | return keyctl_keyring_move(arg2, arg3, arg4, arg5); |
| 160 | |
| 161 | case KEYCTL_CAPABILITIES: |
| 162 | return keyctl_capabilities(compat_ptr(arg2), arg3); |
| 163 | |
| Andrew Scull | b4b6d4a | 2019-01-02 15:54:55 +0000 | [diff] [blame] | 164 | default: |
| 165 | return -EOPNOTSUPP; |
| 166 | } |
| 167 | } |