|
|
@@ -4000,6 +4000,36 @@ static int smack_key_permission(key_ref_t key_ref,
|
|
|
rc = smk_bu_note("key access", tkp, keyp->security, request, rc);
|
|
|
return rc;
|
|
|
}
|
|
|
+
|
|
|
+/*
|
|
|
+ * smack_key_getsecurity - Smack label tagging the key
|
|
|
+ * @key points to the key to be queried
|
|
|
+ * @_buffer points to a pointer that should be set to point to the
|
|
|
+ * resulting string (if no label or an error occurs).
|
|
|
+ * Return the length of the string (including terminating NUL) or -ve if
|
|
|
+ * an error.
|
|
|
+ * May also return 0 (and a NULL buffer pointer) if there is no label.
|
|
|
+ */
|
|
|
+static int smack_key_getsecurity(struct key *key, char **_buffer)
|
|
|
+{
|
|
|
+ struct smack_known *skp = key->security;
|
|
|
+ size_t length;
|
|
|
+ char *copy;
|
|
|
+
|
|
|
+ if (key->security == NULL) {
|
|
|
+ *_buffer = NULL;
|
|
|
+ return 0;
|
|
|
+ }
|
|
|
+
|
|
|
+ copy = kstrdup(skp->smk_known, GFP_KERNEL);
|
|
|
+ if (copy == NULL)
|
|
|
+ return -ENOMEM;
|
|
|
+ length = strlen(copy) + 1;
|
|
|
+
|
|
|
+ *_buffer = copy;
|
|
|
+ return length;
|
|
|
+}
|
|
|
+
|
|
|
#endif /* CONFIG_KEYS */
|
|
|
|
|
|
/*
|
|
|
@@ -4324,6 +4354,7 @@ struct security_operations smack_ops = {
|
|
|
.key_alloc = smack_key_alloc,
|
|
|
.key_free = smack_key_free,
|
|
|
.key_permission = smack_key_permission,
|
|
|
+ .key_getsecurity = smack_key_getsecurity,
|
|
|
#endif /* CONFIG_KEYS */
|
|
|
|
|
|
/* Audit hooks */
|
José Bollo