[PATCH] x86: Add the check for all the cores in a package in cache information
[linux-2.6/next.git] / include / linux / key.h
blob970bbd916cf44a4b32bf5b1ea0005483b1f52c32
1 /* key.h: authentication token and access key management
3 * Copyright (C) 2004 Red Hat, Inc. All Rights Reserved.
4 * Written by David Howells (dhowells@redhat.com)
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
12 * See Documentation/keys.txt for information on keys/keyrings.
15 #ifndef _LINUX_KEY_H
16 #define _LINUX_KEY_H
18 #include <linux/types.h>
19 #include <linux/list.h>
20 #include <linux/rbtree.h>
21 #include <linux/rcupdate.h>
22 #include <asm/atomic.h>
24 #ifdef __KERNEL__
26 /* key handle serial number */
27 typedef int32_t key_serial_t;
29 /* key handle permissions mask */
30 typedef uint32_t key_perm_t;
32 struct key;
34 #ifdef CONFIG_KEYS
36 #undef KEY_DEBUGGING
38 #define KEY_USR_VIEW 0x00010000 /* user can view a key's attributes */
39 #define KEY_USR_READ 0x00020000 /* user can read key payload / view keyring */
40 #define KEY_USR_WRITE 0x00040000 /* user can update key payload / add link to keyring */
41 #define KEY_USR_SEARCH 0x00080000 /* user can find a key in search / search a keyring */
42 #define KEY_USR_LINK 0x00100000 /* user can create a link to a key/keyring */
43 #define KEY_USR_ALL 0x001f0000
45 #define KEY_GRP_VIEW 0x00000100 /* group permissions... */
46 #define KEY_GRP_READ 0x00000200
47 #define KEY_GRP_WRITE 0x00000400
48 #define KEY_GRP_SEARCH 0x00000800
49 #define KEY_GRP_LINK 0x00001000
50 #define KEY_GRP_ALL 0x00001f00
52 #define KEY_OTH_VIEW 0x00000001 /* third party permissions... */
53 #define KEY_OTH_READ 0x00000002
54 #define KEY_OTH_WRITE 0x00000004
55 #define KEY_OTH_SEARCH 0x00000008
56 #define KEY_OTH_LINK 0x00000010
57 #define KEY_OTH_ALL 0x0000001f
59 struct seq_file;
60 struct user_struct;
61 struct signal_struct;
63 struct key_type;
64 struct key_owner;
65 struct keyring_list;
66 struct keyring_name;
68 /*****************************************************************************/
70 * authentication token / access credential / keyring
71 * - types of key include:
72 * - keyrings
73 * - disk encryption IDs
74 * - Kerberos TGTs and tickets
76 struct key {
77 atomic_t usage; /* number of references */
78 key_serial_t serial; /* key serial number */
79 struct rb_node serial_node;
80 struct key_type *type; /* type of key */
81 struct rw_semaphore sem; /* change vs change sem */
82 struct key_user *user; /* owner of this key */
83 time_t expiry; /* time at which key expires (or 0) */
84 uid_t uid;
85 gid_t gid;
86 key_perm_t perm; /* access permissions */
87 unsigned short quotalen; /* length added to quota */
88 unsigned short datalen; /* payload data length
89 * - may not match RCU dereferenced payload
90 * - payload should contain own length
93 #ifdef KEY_DEBUGGING
94 unsigned magic;
95 #define KEY_DEBUG_MAGIC 0x18273645u
96 #define KEY_DEBUG_MAGIC_X 0xf8e9dacbu
97 #endif
99 unsigned long flags; /* status flags (change with bitops) */
100 #define KEY_FLAG_INSTANTIATED 0 /* set if key has been instantiated */
101 #define KEY_FLAG_DEAD 1 /* set if key type has been deleted */
102 #define KEY_FLAG_REVOKED 2 /* set if key had been revoked */
103 #define KEY_FLAG_IN_QUOTA 3 /* set if key consumes quota */
104 #define KEY_FLAG_USER_CONSTRUCT 4 /* set if key is being constructed in userspace */
105 #define KEY_FLAG_NEGATIVE 5 /* set if key is negative */
107 /* the description string
108 * - this is used to match a key against search criteria
109 * - this should be a printable string
110 * - eg: for krb5 AFS, this might be "afs@REDHAT.COM"
112 char *description;
114 /* type specific data
115 * - this is used by the keyring type to index the name
117 union {
118 struct list_head link;
119 } type_data;
121 /* key data
122 * - this is used to hold the data actually used in cryptography or
123 * whatever
125 union {
126 unsigned long value;
127 void *data;
128 struct keyring_list *subscriptions;
129 } payload;
132 /*****************************************************************************/
134 * kernel managed key type definition
136 struct key_type {
137 /* name of the type */
138 const char *name;
140 /* default payload length for quota precalculation (optional)
141 * - this can be used instead of calling key_payload_reserve(), that
142 * function only needs to be called if the real datalen is different
144 size_t def_datalen;
146 /* instantiate a key of this type
147 * - this method should call key_payload_reserve() to determine if the
148 * user's quota will hold the payload
150 int (*instantiate)(struct key *key, const void *data, size_t datalen);
152 /* duplicate a key of this type (optional)
153 * - the source key will be locked against change
154 * - the new description will be attached
155 * - the quota will have been adjusted automatically from
156 * source->quotalen
158 int (*duplicate)(struct key *key, const struct key *source);
160 /* update a key of this type (optional)
161 * - this method should call key_payload_reserve() to recalculate the
162 * quota consumption
163 * - the key must be locked against read when modifying
165 int (*update)(struct key *key, const void *data, size_t datalen);
167 /* match a key against a description */
168 int (*match)(const struct key *key, const void *desc);
170 /* clear the data from a key (optional) */
171 void (*destroy)(struct key *key);
173 /* describe a key */
174 void (*describe)(const struct key *key, struct seq_file *p);
176 /* read a key's data (optional)
177 * - permission checks will be done by the caller
178 * - the key's semaphore will be readlocked by the caller
179 * - should return the amount of data that could be read, no matter how
180 * much is copied into the buffer
181 * - shouldn't do the copy if the buffer is NULL
183 long (*read)(const struct key *key, char __user *buffer, size_t buflen);
185 /* internal fields */
186 struct list_head link; /* link in types list */
189 extern struct key_type key_type_keyring;
191 extern int register_key_type(struct key_type *ktype);
192 extern void unregister_key_type(struct key_type *ktype);
194 extern struct key *key_alloc(struct key_type *type,
195 const char *desc,
196 uid_t uid, gid_t gid, key_perm_t perm,
197 int not_in_quota);
198 extern int key_payload_reserve(struct key *key, size_t datalen);
199 extern int key_instantiate_and_link(struct key *key,
200 const void *data,
201 size_t datalen,
202 struct key *keyring,
203 struct key *instkey);
204 extern int key_negate_and_link(struct key *key,
205 unsigned timeout,
206 struct key *keyring,
207 struct key *instkey);
208 extern void key_revoke(struct key *key);
209 extern void key_put(struct key *key);
211 static inline struct key *key_get(struct key *key)
213 if (key)
214 atomic_inc(&key->usage);
215 return key;
218 extern struct key *request_key(struct key_type *type,
219 const char *description,
220 const char *callout_info);
222 extern int key_validate(struct key *key);
224 extern struct key *key_create_or_update(struct key *keyring,
225 const char *type,
226 const char *description,
227 const void *payload,
228 size_t plen,
229 int not_in_quota);
231 extern int key_update(struct key *key,
232 const void *payload,
233 size_t plen);
235 extern int key_link(struct key *keyring,
236 struct key *key);
238 extern int key_unlink(struct key *keyring,
239 struct key *key);
241 extern struct key *keyring_alloc(const char *description, uid_t uid, gid_t gid,
242 int not_in_quota, struct key *dest);
244 extern int keyring_clear(struct key *keyring);
246 extern struct key *keyring_search(struct key *keyring,
247 struct key_type *type,
248 const char *description);
250 extern int keyring_add_key(struct key *keyring,
251 struct key *key);
253 extern struct key *key_lookup(key_serial_t id);
255 extern void keyring_replace_payload(struct key *key, void *replacement);
257 #define key_serial(key) ((key) ? (key)->serial : 0)
260 * the userspace interface
262 extern struct key root_user_keyring, root_session_keyring;
263 extern int alloc_uid_keyring(struct user_struct *user);
264 extern void switch_uid_keyring(struct user_struct *new_user);
265 extern int copy_keys(unsigned long clone_flags, struct task_struct *tsk);
266 extern int copy_thread_group_keys(struct task_struct *tsk);
267 extern void exit_keys(struct task_struct *tsk);
268 extern void exit_thread_group_keys(struct signal_struct *tg);
269 extern int suid_keys(struct task_struct *tsk);
270 extern int exec_keys(struct task_struct *tsk);
271 extern void key_fsuid_changed(struct task_struct *tsk);
272 extern void key_fsgid_changed(struct task_struct *tsk);
273 extern void key_init(void);
275 #define __install_session_keyring(tsk, keyring) \
276 ({ \
277 struct key *old_session = tsk->signal->session_keyring; \
278 tsk->signal->session_keyring = keyring; \
279 old_session; \
282 #else /* CONFIG_KEYS */
284 #define key_validate(k) 0
285 #define key_serial(k) 0
286 #define key_get(k) ({ NULL; })
287 #define key_put(k) do { } while(0)
288 #define alloc_uid_keyring(u) 0
289 #define switch_uid_keyring(u) do { } while(0)
290 #define __install_session_keyring(t, k) ({ NULL; })
291 #define copy_keys(f,t) 0
292 #define copy_thread_group_keys(t) 0
293 #define exit_keys(t) do { } while(0)
294 #define exit_thread_group_keys(tg) do { } while(0)
295 #define suid_keys(t) do { } while(0)
296 #define exec_keys(t) do { } while(0)
297 #define key_fsuid_changed(t) do { } while(0)
298 #define key_fsgid_changed(t) do { } while(0)
299 #define key_init() do { } while(0)
301 #endif /* CONFIG_KEYS */
302 #endif /* __KERNEL__ */
303 #endif /* _LINUX_KEY_H */