From: David Howells <dhowells@redhat.com>
To: Jarkko Sakkinen <jarkko@kernel.org>
Cc: David Howells <dhowells@redhat.com>,
keyrings@vger.kernel.org, linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: [PATCH 5/7] keys: Use key_get() instead of __key_get()
Date: Wed, 21 Aug 2024 13:36:13 +0100 [thread overview]
Message-ID: <20240821123616.60401-6-dhowells@redhat.com> (raw)
In-Reply-To: <20240821123616.60401-1-dhowells@redhat.com>
Switch users of __key_get() over to key_get() so that they benefit from the
future tracepointage thereof also and remove __key_get().
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Jarkko Sakkinen <jarkko@kernel.org>
cc: keyrings@vger.kernel.org
cc: linux-security-module@vger.kernel.org
---
Documentation/security/keys/core.rst | 1 -
crypto/asymmetric_keys/restrict.c | 6 +++---
include/linux/key.h | 6 ------
security/keys/keyring.c | 4 ++--
security/keys/process_keys.c | 15 ++++++---------
5 files changed, 11 insertions(+), 21 deletions(-)
diff --git a/Documentation/security/keys/core.rst b/Documentation/security/keys/core.rst
index 326b8a973828..0b179540d885 100644
--- a/Documentation/security/keys/core.rst
+++ b/Documentation/security/keys/core.rst
@@ -1217,7 +1217,6 @@ payload contents" for more information.
* Extra references can be made to a key by calling one of the following
functions::
- struct key *__key_get(struct key *key);
struct key *key_get(struct key *key);
Keys so references will need to be disposed of by calling key_put() when
diff --git a/crypto/asymmetric_keys/restrict.c b/crypto/asymmetric_keys/restrict.c
index afcd4d101ac5..1ea7bfd4e5d7 100644
--- a/crypto/asymmetric_keys/restrict.c
+++ b/crypto/asymmetric_keys/restrict.c
@@ -267,20 +267,20 @@ static int key_or_keyring_common(struct key *dest_keyring,
if (!sig->auth_ids[0] && !sig->auth_ids[1]) {
if (asymmetric_key_id_same(signer_ids[2],
sig->auth_ids[2]))
- key = __key_get(trusted);
+ key = key_get(trusted);
} else if (!sig->auth_ids[0] || !sig->auth_ids[1]) {
const struct asymmetric_key_id *auth_id;
auth_id = sig->auth_ids[0] ?: sig->auth_ids[1];
if (match_either_id(signer_ids, auth_id))
- key = __key_get(trusted);
+ key = key_get(trusted);
} else if (asymmetric_key_id_same(signer_ids[1],
sig->auth_ids[1]) &&
match_either_id(signer_ids,
sig->auth_ids[0])) {
- key = __key_get(trusted);
+ key = key_get(trusted);
}
} else {
return -EOPNOTSUPP;
diff --git a/include/linux/key.h b/include/linux/key.h
index 50a19e5f9e45..80d736813b89 100644
--- a/include/linux/key.h
+++ b/include/linux/key.h
@@ -304,12 +304,6 @@ extern void key_put(struct key *key);
extern bool key_put_tag(struct key_tag *tag);
extern void key_remove_domain(struct key_tag *domain_tag);
-static inline struct key *__key_get(struct key *key)
-{
- refcount_inc(&key->usage);
- return key;
-}
-
static inline void key_ref_put(key_ref_t key_ref)
{
key_put(key_ref_to_ptr(key_ref));
diff --git a/security/keys/keyring.c b/security/keys/keyring.c
index 7f02b913c560..e77d927f1d4d 100644
--- a/security/keys/keyring.c
+++ b/security/keys/keyring.c
@@ -1122,7 +1122,7 @@ key_ref_t find_key_to_update(key_ref_t keyring_ref,
kleave(" = NULL [x]");
return NULL;
}
- __key_get(key);
+ key_get(key);
kleave(" = {%d}", key->serial);
return make_key_ref(key, is_key_possessed(keyring_ref));
}
@@ -1367,7 +1367,7 @@ int __key_link_check_live_key(struct key *keyring, struct key *key)
void __key_link(struct key *keyring, struct key *key,
struct assoc_array_edit **_edit)
{
- __key_get(key);
+ key_get(key);
assoc_array_insert_set_object(*_edit, keyring_key_to_ptr(key));
assoc_array_apply_edit(*_edit);
*_edit = NULL;
diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c
index b5d5333ab330..01291b2d0888 100644
--- a/security/keys/process_keys.c
+++ b/security/keys/process_keys.c
@@ -333,7 +333,7 @@ int install_session_keyring_to_cred(struct cred *cred, struct key *keyring)
if (IS_ERR(keyring))
return PTR_ERR(keyring);
} else {
- __key_get(keyring);
+ key_get(keyring);
}
/* install the keyring */
@@ -641,7 +641,7 @@ key_ref_t lookup_user_key(key_serial_t id, unsigned long lflags,
}
key = ctx.cred->thread_keyring;
- __key_get(key);
+ key_get(key);
key_ref = make_key_ref(key, 1);
break;
@@ -658,8 +658,7 @@ key_ref_t lookup_user_key(key_serial_t id, unsigned long lflags,
goto reget_creds;
}
- key = ctx.cred->process_keyring;
- __key_get(key);
+ key = key_get(ctx.cred->process_keyring);
key_ref = make_key_ref(key, 1);
break;
@@ -688,8 +687,7 @@ key_ref_t lookup_user_key(key_serial_t id, unsigned long lflags,
goto reget_creds;
}
- key = ctx.cred->session_keyring;
- __key_get(key);
+ key = key_get(ctx.cred->session_keyring);
key_ref = make_key_ref(key, 1);
break;
@@ -717,7 +715,7 @@ key_ref_t lookup_user_key(key_serial_t id, unsigned long lflags,
if (!key)
goto error;
- __key_get(key);
+ key_get(key);
key_ref = make_key_ref(key, 1);
break;
@@ -732,8 +730,7 @@ key_ref_t lookup_user_key(key_serial_t id, unsigned long lflags,
key = NULL;
} else {
rka = ctx.cred->request_key_auth->payload.data[0];
- key = rka->dest_keyring;
- __key_get(key);
+ key = key_get(rka->dest_keyring);
}
up_read(&ctx.cred->request_key_auth->sem);
if (!key)
next prev parent reply other threads:[~2024-08-21 12:36 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-08-21 12:36 [PATCH 0/7] keys: Add tracepoints David Howells
2024-08-21 12:36 ` [PATCH 1/7] keys: Out of line key_is_dead() so it can have tracepoints added in David Howells
2024-08-27 18:22 ` Jarkko Sakkinen
2024-08-21 12:36 ` [PATCH 2/7] keys: Extract struct key_user to its own header for tracing purposes David Howells
2024-08-27 18:23 ` Jarkko Sakkinen
2024-08-21 12:36 ` [PATCH 3/7] keys: Move key_get() out of line so a tracepoint can be added David Howells
2024-08-27 18:23 ` Jarkko Sakkinen
2024-08-21 12:36 ` [PATCH 4/7] keys: Add a key_ref_get() wrapper David Howells
2024-08-27 18:23 ` Jarkko Sakkinen
2024-08-21 12:36 ` David Howells [this message]
2024-08-27 18:24 ` [PATCH 5/7] keys: Use key_get() instead of __key_get() Jarkko Sakkinen
2024-08-21 12:36 ` [PATCH 6/7] keys: Provide a key_try_get() function and use it David Howells
2024-08-27 18:24 ` Jarkko Sakkinen
2024-08-21 12:36 ` [PATCH 7/7] keys: Add tracepoints for the keyrings facility David Howells
2024-08-27 18:27 ` Jarkko Sakkinen
2024-09-28 2:03 ` Justin Stitt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240821123616.60401-6-dhowells@redhat.com \
--to=dhowells@redhat.com \
--cc=jarkko@kernel.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).