security/keys/user_defined.c
Source file repositories/reference/linux-study-clean/security/keys/user_defined.c
File Facts
- System
- Linux kernel
- Corpus path
security/keys/user_defined.c- Extension
.c- Size
- 4724 bytes
- Lines
- 208
- Domain
- Core OS
- Bucket
- Security And Isolation
- Inferred role
- Core OS: exported/initcall integration point
- Status
- integration implementation candidate
Why This File Exists
Core operating-system implementation surface: boot, tasks, memory, VFS, syscall-facing interfaces, synchronization, credentials, and isolation.
- Core operating-system implementation surface: boot, tasks, memory, VFS, syscall-facing interfaces, synchronization, credentials, and isolation.
- Exports symbols or registers init work; inspect boot/module ordering and who consumes the exported contract.
- Allocates kernel memory; connect allocation flags and lifetime to context constraints.
- Defines or uses C structs; map object ownership, embedded links, reference counts, and lock ownership.
Dependency Surface
linux/export.hlinux/init.hlinux/slab.hlinux/seq_file.hlinux/err.hkeys/user-type.hlinux/uaccess.hinternal.h
Detected Declarations
function user_preparsefunction user_free_preparsefunction user_free_payload_rcufunction user_updatefunction user_revokefunction user_destroyfunction user_describefunction user_readfunction logon_vet_descriptionexport key_type_userexport key_type_logonexport user_preparseexport user_free_preparseexport user_updateexport user_revokeexport user_destroyexport user_describeexport user_read
Annotated Snippet
// SPDX-License-Identifier: GPL-2.0-or-later
/* user_defined.c: user defined key type
*
* Copyright (C) 2004 Red Hat, Inc. All Rights Reserved.
* Written by David Howells (dhowells@redhat.com)
*/
#include <linux/export.h>
#include <linux/init.h>
#include <linux/slab.h>
#include <linux/seq_file.h>
#include <linux/err.h>
#include <keys/user-type.h>
#include <linux/uaccess.h>
#include "internal.h"
static int logon_vet_description(const char *desc);
/*
* user defined keys take an arbitrary string as the description and an
* arbitrary blob of data as the payload
*/
struct key_type key_type_user = {
.name = "user",
.preparse = user_preparse,
.free_preparse = user_free_preparse,
.instantiate = generic_key_instantiate,
.update = user_update,
.revoke = user_revoke,
.destroy = user_destroy,
.describe = user_describe,
.read = user_read,
};
EXPORT_SYMBOL_GPL(key_type_user);
/*
* This key type is essentially the same as key_type_user, but it does
* not define a .read op. This is suitable for storing username and
* password pairs in the keyring that you do not want to be readable
* from userspace.
*/
struct key_type key_type_logon = {
.name = "logon",
.preparse = user_preparse,
.free_preparse = user_free_preparse,
.instantiate = generic_key_instantiate,
.update = user_update,
.revoke = user_revoke,
.destroy = user_destroy,
.describe = user_describe,
.vet_description = logon_vet_description,
};
EXPORT_SYMBOL_GPL(key_type_logon);
/*
* Preparse a user defined key payload
*/
int user_preparse(struct key_preparsed_payload *prep)
{
struct user_key_payload *upayload;
size_t datalen = prep->datalen;
if (datalen == 0 || datalen > 32767 || !prep->data)
return -EINVAL;
upayload = kmalloc_flex(*upayload, data, datalen);
if (!upayload)
return -ENOMEM;
/* attach the data */
prep->quotalen = datalen;
prep->payload.data[0] = upayload;
upayload->datalen = datalen;
memcpy(upayload->data, prep->data, datalen);
return 0;
}
EXPORT_SYMBOL_GPL(user_preparse);
/*
* Free a preparse of a user defined key payload
*/
void user_free_preparse(struct key_preparsed_payload *prep)
{
kfree_sensitive(prep->payload.data[0]);
}
EXPORT_SYMBOL_GPL(user_free_preparse);
static void user_free_payload_rcu(struct rcu_head *head)
{
Annotation
- Immediate include surface: `linux/export.h`, `linux/init.h`, `linux/slab.h`, `linux/seq_file.h`, `linux/err.h`, `keys/user-type.h`, `linux/uaccess.h`, `internal.h`.
- Detected declarations: `function user_preparse`, `function user_free_preparse`, `function user_free_payload_rcu`, `function user_update`, `function user_revoke`, `function user_destroy`, `function user_describe`, `function user_read`, `function logon_vet_description`, `export key_type_user`.
- Atlas domain: Core OS / Security And Isolation.
- Implementation status: integration implementation candidate.
Implementation Notes
- This generated page is the file-by-file coverage layer; curated subsystem chapters should link here when they synthesize a multi-file control flow.
- Core OS pages should be promoted from atlas-only to deep-reviewed when they explain data structures, invariants, locking, lifecycle, and C implementation snippets.
- Driver-family pages are intentionally pattern-oriented unless they are part of the selected PCIe/NVMe representative device path.