mirror of https://github.com/mkerrisk/man-pages
request_key.2: Add information regarding default keyring
Notes from Eugene: Based on linux v4.9-rc6 (9c763584): * security/keys/keyctl.c, SYSCALL_DEFINE4(request_key, ...), line 158: * Assume that call is performed with with destringid == 0: * We skip check on line 196, so dest_ref remains NULL * On line 213, request_key_and_link is called with key_ref_to_ptr(dest_ref) * key_ref_to_ptr() itself just zeroes lower bit which is used for indication that key reference in the possession of the current context. * security/keys/request_key.c, request_key_and_link, line 508: * On line 543, we try to search process keyrings for the key (we fill ctx at hte beginning of the function and then pass it to search_process_keyrings) * If key is found (key_ref is not erroneous), we convert key_ref to ptr on line 546 and skip the following block on line 547 since dest_keyring is 0. * If key is not found and error is not EAGAIN, then construct_key_and_link is called on line 566 with dest_keyring == NULL. * security/keys/request_key.c, construct_key_and_link, line 430: * On line 450, construct_get_dest_keyring is called with dest_keyring == NULL. * security/keys/request_key.c, construct_get_dest_keyring, line 253: * The argument here (which is pointer to pointer to struct key) is named _dest_keyring, but on line 257 it is dereferenced to local variable dest_keyring (so it stores NULL now). * We re going to the "else" branch (starting from line 266) of check on line 262 * Now we are switching against cred->jit_keyring with the behavour described in the patch. * git grep jit_keyring security/keys reveals that it is assigned inside keyctl_set_reqkey_keyring, security/keys/keyctl.c, line 1257. * keyctl_set_reqkey_keyring is called from SYSCALL_DEFINE5(keyctl, ...), when option passed to keyctl is KEYCTL_SET_REQKEY_KEYRING (line 1652). * Default value for jit_keyring is sort of difficult to find out, since it is inherited, but overall it is explicitly set to KEY_REQKEY_DEFL_THREAD_KEYRING or copied from zeroed-out structures (so it is equal to KEY_REQKEY_DEFL_DEFAULT) which leads to the same behaviour in case the process has not been upcalled by request_key construction. Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
34795036d1
commit
2bcf858070
|
@ -35,11 +35,6 @@ If the key is found or created,
|
|||
attaches it to the keyring whose ID is specified in
|
||||
.I dest_keyring
|
||||
and returns the key's serial number.
|
||||
.\" FIXME Is 'keyring' allowed to be 0? Reading the source, it appears so.
|
||||
.\" In this case, by default, the key is assigned to the session keyring.
|
||||
.\" But, the KEYCTL_SET_REQKEY_KEYRING also seems to have an influence here.
|
||||
.\" What are the details here?
|
||||
.\"
|
||||
|
||||
.BR request_key ()
|
||||
first recursively searches for a matching key in all of the keyrings
|
||||
|
@ -104,6 +99,48 @@ This specifies the caller's UID-specific keyring
|
|||
.B KEY_SPEC_USER_SESSION_KEYRING
|
||||
This specifies the caller's UID-session keyring
|
||||
.RB ( user-session-keyring (7)).
|
||||
.PP
|
||||
When the
|
||||
.I dest_keyring
|
||||
is specified to
|
||||
.BR 0 ,
|
||||
and no key construction have been performed, then no additional linking is done.
|
||||
Otherwise, if new key is constructed, it would be linked to the "default"
|
||||
keyring (which can be specified via the
|
||||
.BR keyctl (2)
|
||||
command
|
||||
.BR KEYCTL_SET_REQKEY_KEYRING ).
|
||||
More specifically, when kernel tries to determine to which keyring the
|
||||
newly constructed key should be linked, it tries the following options, starting
|
||||
from the value set via
|
||||
.BR KEYCTL_SET_REQKEY_KEYRING " " keyctl (2)
|
||||
command until it finds the first available one:
|
||||
.IP \(bu 3
|
||||
.\" 8bbf4976b59fc9fc2861e79cab7beb3f6d647640
|
||||
Requestor keyring (specified via
|
||||
.BR KEY_REQKEY_DEFL_REQUESTOR_KEYRING ,
|
||||
since Linux 2.6.29)
|
||||
.IP \(bu
|
||||
Thread-specific keyring (specified via
|
||||
.BR KEY_REQKEY_DEFL_THREAD_KEYRING )
|
||||
.IP \(bu
|
||||
Process-specific keyring (specified via
|
||||
.BR KEY_REQKEY_DEFL_PROCESS_KEYRING )
|
||||
.IP \(bu
|
||||
Session-specific keyring (specified via
|
||||
.BR KEY_REQKEY_DEFL_SESSION_KEYRING )
|
||||
.IP \(bu
|
||||
Session keyring for the process's user ID (specified via
|
||||
.BR KEY_REQKEY_DEFL_USER_SESSION_KEYRING ).
|
||||
This keyring is expected to always exist.
|
||||
.IP \(bu
|
||||
UID-specific keyring (specified via
|
||||
.BR KEY_REQKEY_DEFL_USER_KEYRING ).
|
||||
This keyring is also expected to always exist.
|
||||
.PP
|
||||
Specifying
|
||||
.B KEY_REQKEY_DEFL_DEFAULT
|
||||
leads to starting from the beginning of the list.
|
||||
.\"
|
||||
.SS Requesting user-space instantiation of a key
|
||||
If the kernel cannot find a key matching
|
||||
|
|
Loading…
Reference in New Issue