keys: Fix dependency loop between construction record and auth key

#include <linux/keyctl.h>

#include <linux/key-type.h>

#include <keys/user-type.h>

#include <keys/request_key_auth-type.h>

#include <linux/module.h>

#include "internal.h"

struct idmap_legacy_upcalldata {

	struct rpc_pipe_msg pipe_msg;

	struct idmap_msg idmap_msg;

	struct key_construction	*key_cons;

	struct key	*authkey;

	struct idmap *idmap;

};

	{ Opt_find_err, NULL }

};

static int nfs_idmap_legacy_upcall(struct key_construction *, const char *, void *);

static int nfs_idmap_legacy_upcall(struct key *, void *);

static ssize_t idmap_pipe_downcall(struct file *, const char __user *,

				   size_t);

static void idmap_release_pipe(struct inode *);

static void

nfs_idmap_complete_pipe_upcall_locked(struct idmap *idmap, int ret)

{

	struct key_construction *cons = idmap->idmap_upcall_data->key_cons;

	struct key *authkey = idmap->idmap_upcall_data->authkey;

	kfree(idmap->idmap_upcall_data);

	idmap->idmap_upcall_data = NULL;

	complete_request_key(cons, ret);

	complete_request_key(authkey, ret);

	key_put(authkey);

}

static void

		nfs_idmap_complete_pipe_upcall_locked(idmap, ret);

}

static int nfs_idmap_legacy_upcall(struct key_construction *cons,

				   const char *op,

				   void *aux)

static int nfs_idmap_legacy_upcall(struct key *authkey, void *aux)

{

	struct idmap_legacy_upcalldata *data;

	struct request_key_auth *rka = get_request_key_auth(authkey);

	struct rpc_pipe_msg *msg;

	struct idmap_msg *im;

	struct idmap *idmap = (struct idmap *)aux;

	struct key *key = cons->key;

	struct key *key = rka->target_key;

	int ret = -ENOKEY;

	if (!aux)

	msg = &data->pipe_msg;

	im = &data->idmap_msg;

	data->idmap = idmap;

	data->key_cons = cons;

	data->authkey = key_get(authkey);

	ret = nfs_idmap_prepare_message(key->description, idmap, im, msg);

	if (ret < 0)

out2:

	kfree(data);

out1:

	complete_request_key(cons, ret);

	complete_request_key(authkey, ret);

	return ret;

}

static ssize_t

idmap_pipe_downcall(struct file *filp, const char __user *src, size_t mlen)

{

	struct request_key_auth *rka;

	struct rpc_inode *rpci = RPC_I(file_inode(filp));

	struct idmap *idmap = (struct idmap *)rpci->private;

	struct key_construction *cons;

	struct key *authkey;

	struct idmap_msg im;

	size_t namelen_in;

	int ret = -ENOKEY;

	if (idmap->idmap_upcall_data == NULL)

		goto out_noupcall;

	cons = idmap->idmap_upcall_data->key_cons;

	authkey = idmap->idmap_upcall_data->authkey;

	rka = get_request_key_auth(authkey);

	if (mlen != sizeof(im)) {

		ret = -ENOSPC;

	ret = nfs_idmap_read_and_verify_message(&im,

			&idmap->idmap_upcall_data->idmap_msg,

			cons->key, cons->authkey);

			rka->target_key, authkey);

	if (ret >= 0) {

		key_set_timeout(cons->key, nfs_idmap_cache_timeout);

		key_set_timeout(rka->target_key, nfs_idmap_cache_timeout);

		ret = mlen;

	}

/* request_key authorisation token key type

 *

 * Copyright (C) 2005 Red Hat, Inc. All Rights Reserved.

 * Written by David Howells (dhowells@redhat.com)

 *

 * This program is free software; you can redistribute it and/or

 * modify it under the terms of the GNU General Public Licence

 * as published by the Free Software Foundation; either version

 * 2 of the Licence, or (at your option) any later version.

 */

#ifndef _KEYS_REQUEST_KEY_AUTH_TYPE_H

#define _KEYS_REQUEST_KEY_AUTH_TYPE_H

#include <linux/key.h>

/*

 * Authorisation record for request_key().

 */

struct request_key_auth {

	struct key		*target_key;

	struct key		*dest_keyring;

	const struct cred	*cred;

	void			*callout_info;

	size_t			callout_len;

	pid_t			pid;

	char			op[8];

} __randomize_layout;

static inline struct request_key_auth *get_request_key_auth(const struct key *key)

{

	return key->payload.data[0];

}

#endif /* _KEYS_REQUEST_KEY_AUTH_TYPE_H */

struct kernel_pkey_query;

struct kernel_pkey_params;

/*

 * key under-construction record

 * - passed to the request_key actor if supplied

 */

struct key_construction {

	struct key	*key;	/* key being constructed */

	struct key	*authkey;/* authorisation for key being constructed */

};

/*

 * Pre-parsed payload, used by key add, update and instantiate.

 *

	time64_t	expiry;		/* Expiry time of key */

} __randomize_layout;

typedef int (*request_key_actor_t)(struct key_construction *key,

				   const char *op, void *aux);

typedef int (*request_key_actor_t)(struct key *auth_key, void *aux);

/*

 * Preparsed matching criterion.

				    const void *data,

				    size_t datalen,

				    struct key *keyring,

				    struct key *instkey);

				    struct key *authkey);

extern int key_reject_and_link(struct key *key,

			       unsigned timeout,

			       unsigned error,

			       struct key *keyring,

			       struct key *instkey);

extern void complete_request_key(struct key_construction *cons, int error);

			       struct key *authkey);

extern void complete_request_key(struct key *authkey, int error);

static inline int key_negate_and_link(struct key *key,

				      unsigned timeout,

				      struct key *keyring,

				      struct key *instkey)

				      struct key *authkey)

{

	return key_reject_and_link(key, timeout, ENOKEY, keyring, instkey);

	return key_reject_and_link(key, timeout, ENOKEY, keyring, authkey);

}

extern int generic_key_instantiate(struct key *key, struct key_preparsed_payload *prep);

	return key_task_permission(key_ref, current_cred(), perm);

}

/*

 * Authorisation record for request_key().

 */

struct request_key_auth {

	struct key		*target_key;

	struct key		*dest_keyring;

	const struct cred	*cred;

	void			*callout_info;

	size_t			callout_len;

	pid_t			pid;

} __randomize_layout;

extern struct key_type key_type_request_key_auth;

extern struct key *request_key_auth_new(struct key *target,

					const char *op,

					const void *callout_info,

					size_t callout_len,

					struct key *dest_keyring);

#include <linux/security.h>

#include <linux/uio.h>

#include <linux/uaccess.h>

#include <keys/request_key_auth-type.h>

#include "internal.h"

#define KEY_MAX_DESC_SIZE 4096