Commit c06cfb08 authored by David Howells's avatar David Howells

KEYS: Remove key_type::match in favour of overriding default by match_preparse

A previous patch added a ->match_preparse() method to the key type.  This is
allowed to override the function called by the iteration algorithm.
Therefore, we can just set a default that simply checks for an exact match of
the key description with the original criterion data and allow match_preparse
to override it as needed.

The key_type::match op is then redundant and can be removed, as can the
user_match() function.
Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
Acked-by: default avatarVivek Goyal <vgoyal@redhat.com>
parent 614d8c39
...@@ -59,7 +59,7 @@ EXPORT_SYMBOL_GPL(asymmetric_keyid_match); ...@@ -59,7 +59,7 @@ EXPORT_SYMBOL_GPL(asymmetric_keyid_match);
* "id:<id>" - request a key matching the ID * "id:<id>" - request a key matching the ID
* "<subtype>:<id>" - request a key of a subtype * "<subtype>:<id>" - request a key of a subtype
*/ */
static int asymmetric_key_match(const struct key *key, static int asymmetric_key_cmp(const struct key *key,
const struct key_match_data *match_data) const struct key_match_data *match_data)
{ {
const struct asymmetric_key_subtype *subtype = asymmetric_key_subtype(key); const struct asymmetric_key_subtype *subtype = asymmetric_key_subtype(key);
...@@ -110,6 +110,7 @@ static int asymmetric_key_match(const struct key *key, ...@@ -110,6 +110,7 @@ static int asymmetric_key_match(const struct key *key,
static int asymmetric_key_match_preparse(struct key_match_data *match_data) static int asymmetric_key_match_preparse(struct key_match_data *match_data)
{ {
match_data->lookup_type = KEYRING_SEARCH_LOOKUP_ITERATE; match_data->lookup_type = KEYRING_SEARCH_LOOKUP_ITERATE;
match_data->cmp = asymmetric_key_cmp;
return 0; return 0;
} }
...@@ -224,7 +225,6 @@ struct key_type key_type_asymmetric = { ...@@ -224,7 +225,6 @@ struct key_type key_type_asymmetric = {
.free_preparse = asymmetric_key_free_preparse, .free_preparse = asymmetric_key_free_preparse,
.instantiate = generic_key_instantiate, .instantiate = generic_key_instantiate,
.match_preparse = asymmetric_key_match_preparse, .match_preparse = asymmetric_key_match_preparse,
.match = asymmetric_key_match,
.match_free = asymmetric_key_match_free, .match_free = asymmetric_key_match_free,
.destroy = asymmetric_key_destroy, .destroy = asymmetric_key_destroy,
.describe = asymmetric_key_describe, .describe = asymmetric_key_describe,
......
...@@ -75,7 +75,6 @@ static struct key_type key_type_pkcs7 = { ...@@ -75,7 +75,6 @@ static struct key_type key_type_pkcs7 = {
.preparse = pkcs7_preparse, .preparse = pkcs7_preparse,
.free_preparse = user_free_preparse, .free_preparse = user_free_preparse,
.instantiate = generic_key_instantiate, .instantiate = generic_key_instantiate,
.match = user_match,
.revoke = user_revoke, .revoke = user_revoke,
.destroy = user_destroy, .destroy = user_destroy,
.describe = user_describe, .describe = user_describe,
......
...@@ -62,7 +62,6 @@ cifs_spnego_key_destroy(struct key *key) ...@@ -62,7 +62,6 @@ cifs_spnego_key_destroy(struct key *key)
struct key_type cifs_spnego_key_type = { struct key_type cifs_spnego_key_type = {
.name = "cifs.spnego", .name = "cifs.spnego",
.instantiate = cifs_spnego_key_instantiate, .instantiate = cifs_spnego_key_instantiate,
.match = user_match,
.destroy = cifs_spnego_key_destroy, .destroy = cifs_spnego_key_destroy,
.describe = user_describe, .describe = user_describe,
}; };
......
...@@ -84,7 +84,6 @@ static struct key_type cifs_idmap_key_type = { ...@@ -84,7 +84,6 @@ static struct key_type cifs_idmap_key_type = {
.instantiate = cifs_idmap_key_instantiate, .instantiate = cifs_idmap_key_instantiate,
.destroy = cifs_idmap_key_destroy, .destroy = cifs_idmap_key_destroy,
.describe = user_describe, .describe = user_describe,
.match = user_match,
}; };
static char * static char *
......
...@@ -177,7 +177,6 @@ static struct key_type key_type_id_resolver = { ...@@ -177,7 +177,6 @@ static struct key_type key_type_id_resolver = {
.preparse = user_preparse, .preparse = user_preparse,
.free_preparse = user_free_preparse, .free_preparse = user_free_preparse,
.instantiate = generic_key_instantiate, .instantiate = generic_key_instantiate,
.match = user_match,
.revoke = user_revoke, .revoke = user_revoke,
.destroy = user_destroy, .destroy = user_destroy,
.describe = user_describe, .describe = user_describe,
...@@ -401,7 +400,6 @@ static struct key_type key_type_id_resolver_legacy = { ...@@ -401,7 +400,6 @@ static struct key_type key_type_id_resolver_legacy = {
.preparse = user_preparse, .preparse = user_preparse,
.free_preparse = user_free_preparse, .free_preparse = user_free_preparse,
.instantiate = generic_key_instantiate, .instantiate = generic_key_instantiate,
.match = user_match,
.revoke = user_revoke, .revoke = user_revoke,
.destroy = user_destroy, .destroy = user_destroy,
.describe = user_describe, .describe = user_describe,
......
...@@ -36,13 +36,10 @@ extern struct key_type key_type_user; ...@@ -36,13 +36,10 @@ extern struct key_type key_type_user;
extern struct key_type key_type_logon; extern struct key_type key_type_logon;
struct key_preparsed_payload; struct key_preparsed_payload;
struct key_match_data;
extern int user_preparse(struct key_preparsed_payload *prep); extern int user_preparse(struct key_preparsed_payload *prep);
extern void user_free_preparse(struct key_preparsed_payload *prep); extern void user_free_preparse(struct key_preparsed_payload *prep);
extern int user_update(struct key *key, struct key_preparsed_payload *prep); extern int user_update(struct key *key, struct key_preparsed_payload *prep);
extern int user_match(const struct key *key,
const struct key_match_data *match_data);
extern void user_revoke(struct key *key); extern void user_revoke(struct key *key);
extern void user_destroy(struct key *key); extern void user_destroy(struct key *key);
extern void user_describe(const struct key *user, struct seq_file *m); extern void user_describe(const struct key *user, struct seq_file *m);
......
...@@ -113,10 +113,6 @@ struct key_type { ...@@ -113,10 +113,6 @@ struct key_type {
*/ */
int (*match_preparse)(struct key_match_data *match_data); int (*match_preparse)(struct key_match_data *match_data);
/* match a key against a description */
int (*match)(const struct key *key,
const struct key_match_data *match_data);
/* Free preparsed match data (optional). This should be supplied it /* Free preparsed match data (optional). This should be supplied it
* ->match_preparse() is supplied. */ * ->match_preparse() is supplied. */
void (*match_free)(struct key_match_data *match_data); void (*match_free)(struct key_match_data *match_data);
......
...@@ -476,7 +476,6 @@ struct key_type key_type_ceph = { ...@@ -476,7 +476,6 @@ struct key_type key_type_ceph = {
.preparse = ceph_key_preparse, .preparse = ceph_key_preparse,
.free_preparse = ceph_key_free_preparse, .free_preparse = ceph_key_free_preparse,
.instantiate = generic_key_instantiate, .instantiate = generic_key_instantiate,
.match = user_match,
.destroy = ceph_key_destroy, .destroy = ceph_key_destroy,
}; };
......
...@@ -176,8 +176,7 @@ static void dns_resolver_free_preparse(struct key_preparsed_payload *prep) ...@@ -176,8 +176,7 @@ static void dns_resolver_free_preparse(struct key_preparsed_payload *prep)
* The domain name may be a simple name or an absolute domain name (which * The domain name may be a simple name or an absolute domain name (which
* should end with a period). The domain name is case-independent. * should end with a period). The domain name is case-independent.
*/ */
static int static int dns_resolver_cmp(const struct key *key,
dns_resolver_match(const struct key *key,
const struct key_match_data *match_data) const struct key_match_data *match_data)
{ {
int slen, dlen, ret = 0; int slen, dlen, ret = 0;
...@@ -209,6 +208,16 @@ dns_resolver_match(const struct key *key, ...@@ -209,6 +208,16 @@ dns_resolver_match(const struct key *key,
return ret; return ret;
} }
/*
* Preparse the match criterion.
*/
static int dns_resolver_match_preparse(struct key_match_data *match_data)
{
match_data->lookup_type = KEYRING_SEARCH_LOOKUP_ITERATE;
match_data->cmp = dns_resolver_cmp;
return 0;
}
/* /*
* Describe a DNS key * Describe a DNS key
*/ */
...@@ -243,7 +252,7 @@ struct key_type key_type_dns_resolver = { ...@@ -243,7 +252,7 @@ struct key_type key_type_dns_resolver = {
.preparse = dns_resolver_preparse, .preparse = dns_resolver_preparse,
.free_preparse = dns_resolver_free_preparse, .free_preparse = dns_resolver_free_preparse,
.instantiate = generic_key_instantiate, .instantiate = generic_key_instantiate,
.match = dns_resolver_match, .match_preparse = dns_resolver_match_preparse,
.revoke = user_revoke, .revoke = user_revoke,
.destroy = user_destroy, .destroy = user_destroy,
.describe = dns_resolver_describe, .describe = dns_resolver_describe,
......
...@@ -44,7 +44,6 @@ struct key_type key_type_rxrpc = { ...@@ -44,7 +44,6 @@ struct key_type key_type_rxrpc = {
.preparse = rxrpc_preparse, .preparse = rxrpc_preparse,
.free_preparse = rxrpc_free_preparse, .free_preparse = rxrpc_free_preparse,
.instantiate = generic_key_instantiate, .instantiate = generic_key_instantiate,
.match = user_match,
.destroy = rxrpc_destroy, .destroy = rxrpc_destroy,
.describe = rxrpc_describe, .describe = rxrpc_describe,
.read = rxrpc_read, .read = rxrpc_read,
...@@ -61,7 +60,6 @@ struct key_type key_type_rxrpc_s = { ...@@ -61,7 +60,6 @@ struct key_type key_type_rxrpc_s = {
.preparse = rxrpc_preparse_s, .preparse = rxrpc_preparse_s,
.free_preparse = rxrpc_free_preparse_s, .free_preparse = rxrpc_free_preparse_s,
.instantiate = generic_key_instantiate, .instantiate = generic_key_instantiate,
.match = user_match,
.destroy = rxrpc_destroy_s, .destroy = rxrpc_destroy_s,
.describe = rxrpc_describe, .describe = rxrpc_describe,
}; };
......
...@@ -36,7 +36,6 @@ struct key_type key_type_big_key = { ...@@ -36,7 +36,6 @@ struct key_type key_type_big_key = {
.preparse = big_key_preparse, .preparse = big_key_preparse,
.free_preparse = big_key_free_preparse, .free_preparse = big_key_free_preparse,
.instantiate = generic_key_instantiate, .instantiate = generic_key_instantiate,
.match = user_match,
.revoke = big_key_revoke, .revoke = big_key_revoke,
.destroy = big_key_destroy, .destroy = big_key_destroy,
.describe = big_key_describe, .describe = big_key_describe,
......
...@@ -970,7 +970,6 @@ struct key_type key_type_encrypted = { ...@@ -970,7 +970,6 @@ struct key_type key_type_encrypted = {
.name = "encrypted", .name = "encrypted",
.instantiate = encrypted_instantiate, .instantiate = encrypted_instantiate,
.update = encrypted_update, .update = encrypted_update,
.match = user_match,
.destroy = encrypted_destroy, .destroy = encrypted_destroy,
.describe = user_describe, .describe = user_describe,
.read = encrypted_read, .read = encrypted_read,
......
...@@ -127,6 +127,8 @@ struct keyring_search_context { ...@@ -127,6 +127,8 @@ struct keyring_search_context {
struct timespec now; struct timespec now;
}; };
extern int key_default_cmp(const struct key *key,
const struct key_match_data *match_data);
extern key_ref_t keyring_search_aux(key_ref_t keyring_ref, extern key_ref_t keyring_search_aux(key_ref_t keyring_ref,
struct keyring_search_context *ctx); struct keyring_search_context *ctx);
......
...@@ -799,7 +799,7 @@ key_ref_t key_create_or_update(key_ref_t keyring_ref, ...@@ -799,7 +799,7 @@ key_ref_t key_create_or_update(key_ref_t keyring_ref,
} }
key_ref = ERR_PTR(-EINVAL); key_ref = ERR_PTR(-EINVAL);
if (!index_key.type->match || !index_key.type->instantiate || if (!index_key.type->instantiate ||
(!index_key.description && !index_key.type->preparse)) (!index_key.description && !index_key.type->preparse))
goto error_put_type; goto error_put_type;
......
...@@ -89,7 +89,6 @@ struct key_type key_type_keyring = { ...@@ -89,7 +89,6 @@ struct key_type key_type_keyring = {
.preparse = keyring_preparse, .preparse = keyring_preparse,
.free_preparse = keyring_free_preparse, .free_preparse = keyring_free_preparse,
.instantiate = keyring_instantiate, .instantiate = keyring_instantiate,
.match = user_match,
.revoke = keyring_revoke, .revoke = keyring_revoke,
.destroy = keyring_destroy, .destroy = keyring_destroy,
.describe = keyring_describe, .describe = keyring_describe,
...@@ -511,6 +510,15 @@ struct key *keyring_alloc(const char *description, kuid_t uid, kgid_t gid, ...@@ -511,6 +510,15 @@ struct key *keyring_alloc(const char *description, kuid_t uid, kgid_t gid,
} }
EXPORT_SYMBOL(keyring_alloc); EXPORT_SYMBOL(keyring_alloc);
/*
* By default, we keys found by getting an exact match on their descriptions.
*/
int key_default_cmp(const struct key *key,
const struct key_match_data *match_data)
{
return strcmp(key->description, match_data->raw_data) == 0;
}
/* /*
* Iteration function to consider each key found. * Iteration function to consider each key found.
*/ */
...@@ -884,7 +892,7 @@ key_ref_t keyring_search(key_ref_t keyring, ...@@ -884,7 +892,7 @@ key_ref_t keyring_search(key_ref_t keyring,
.index_key.type = type, .index_key.type = type,
.index_key.description = description, .index_key.description = description,
.cred = current_cred(), .cred = current_cred(),
.match_data.cmp = type->match, .match_data.cmp = key_default_cmp,
.match_data.raw_data = description, .match_data.raw_data = description,
.match_data.lookup_type = KEYRING_SEARCH_LOOKUP_DIRECT, .match_data.lookup_type = KEYRING_SEARCH_LOOKUP_DIRECT,
.flags = KEYRING_SEARCH_DO_STATE_CHECK, .flags = KEYRING_SEARCH_DO_STATE_CHECK,
...@@ -892,9 +900,6 @@ key_ref_t keyring_search(key_ref_t keyring, ...@@ -892,9 +900,6 @@ key_ref_t keyring_search(key_ref_t keyring,
key_ref_t key; key_ref_t key;
int ret; int ret;
if (!ctx.match_data.cmp)
return ERR_PTR(-ENOKEY);
if (type->match_preparse) { if (type->match_preparse) {
ret = type->match_preparse(&ctx.match_data); ret = type->match_preparse(&ctx.match_data);
if (ret < 0) if (ret < 0)
......
...@@ -531,7 +531,7 @@ struct key *request_key_and_link(struct key_type *type, ...@@ -531,7 +531,7 @@ struct key *request_key_and_link(struct key_type *type,
.index_key.type = type, .index_key.type = type,
.index_key.description = description, .index_key.description = description,
.cred = current_cred(), .cred = current_cred(),
.match_data.cmp = type->match, .match_data.cmp = key_default_cmp,
.match_data.raw_data = description, .match_data.raw_data = description,
.match_data.lookup_type = KEYRING_SEARCH_LOOKUP_DIRECT, .match_data.lookup_type = KEYRING_SEARCH_LOOKUP_DIRECT,
}; };
......
...@@ -246,7 +246,7 @@ struct key *key_get_instantiation_authkey(key_serial_t target_id) ...@@ -246,7 +246,7 @@ struct key *key_get_instantiation_authkey(key_serial_t target_id)
.index_key.type = &key_type_request_key_auth, .index_key.type = &key_type_request_key_auth,
.index_key.description = description, .index_key.description = description,
.cred = current_cred(), .cred = current_cred(),
.match_data.cmp = user_match, .match_data.cmp = key_default_cmp,
.match_data.raw_data = description, .match_data.raw_data = description,
.match_data.lookup_type = KEYRING_SEARCH_LOOKUP_DIRECT, .match_data.lookup_type = KEYRING_SEARCH_LOOKUP_DIRECT,
}; };
......
...@@ -1096,7 +1096,6 @@ struct key_type key_type_trusted = { ...@@ -1096,7 +1096,6 @@ struct key_type key_type_trusted = {
.name = "trusted", .name = "trusted",
.instantiate = trusted_instantiate, .instantiate = trusted_instantiate,
.update = trusted_update, .update = trusted_update,
.match = user_match,
.destroy = trusted_destroy, .destroy = trusted_destroy,
.describe = user_describe, .describe = user_describe,
.read = trusted_read, .read = trusted_read,
......
...@@ -30,7 +30,6 @@ struct key_type key_type_user = { ...@@ -30,7 +30,6 @@ struct key_type key_type_user = {
.free_preparse = user_free_preparse, .free_preparse = user_free_preparse,
.instantiate = generic_key_instantiate, .instantiate = generic_key_instantiate,
.update = user_update, .update = user_update,
.match = user_match,
.revoke = user_revoke, .revoke = user_revoke,
.destroy = user_destroy, .destroy = user_destroy,
.describe = user_describe, .describe = user_describe,
...@@ -51,7 +50,6 @@ struct key_type key_type_logon = { ...@@ -51,7 +50,6 @@ struct key_type key_type_logon = {
.free_preparse = user_free_preparse, .free_preparse = user_free_preparse,
.instantiate = generic_key_instantiate, .instantiate = generic_key_instantiate,
.update = user_update, .update = user_update,
.match = user_match,
.revoke = user_revoke, .revoke = user_revoke,
.destroy = user_destroy, .destroy = user_destroy,
.describe = user_describe, .describe = user_describe,
...@@ -136,16 +134,6 @@ int user_update(struct key *key, struct key_preparsed_payload *prep) ...@@ -136,16 +134,6 @@ int user_update(struct key *key, struct key_preparsed_payload *prep)
EXPORT_SYMBOL_GPL(user_update); EXPORT_SYMBOL_GPL(user_update);
/*
* match users on their name
*/
int user_match(const struct key *key, const struct key_match_data *match_data)
{
return strcmp(key->description, match_data->raw_data) == 0;
}
EXPORT_SYMBOL_GPL(user_match);
/* /*
* dispose of the links from a revoked keyring * dispose of the links from a revoked keyring
* - called with the key sem write-locked * - called with the key sem write-locked
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment