KEYS: Alter use of key instantiation link-to-keyring argument

extern void key_fsgid_changed(struct task_struct *tsk);

extern void key_init(void);

#define __install_session_keyring(tsk, keyring)			\

#define __install_session_keyring(keyring)				\

({									\

	struct key *old_session = tsk->signal->session_keyring;	\

	tsk->signal->session_keyring = keyring;			\

	struct key *old_session = current->signal->session_keyring;	\

	current->signal->session_keyring = keyring;			\

	old_session;							\

})

#define key_revoke(k)			do { } while(0)

#define key_put(k)			do { } while(0)

#define key_ref_put(k)			do { } while(0)

#define make_key_ref(k, p)			({ NULL; })

#define key_ref_to_ptr(k)		({ NULL; })

#define make_key_ref(k, p)		NULL

#define key_ref_to_ptr(k)		NULL

#define is_key_possessed(k)		0

#define switch_uid_keyring(u)		do { } while(0)

#define __install_session_keyring(t, k)	({ NULL; })

#define __install_session_keyring(k)	({ NULL; })

#define copy_keys(f,t)			0

#define copy_thread_group_keys(t)	0

#define exit_keys(t)			do { } while(0)

/* keyctl.h: keyctl command IDs

 *

 * Copyright (C) 2004 Red Hat, Inc. All Rights Reserved.

 * Copyright (C) 2004, 2008 Red Hat, Inc. All Rights Reserved.

 * Written by David Howells (dhowells@redhat.com)

 *

 * This program is free software; you can redistribute it and/or

#define KEY_SPEC_USER_SESSION_KEYRING	-5	/* - key ID for UID-session keyring */

#define KEY_SPEC_GROUP_KEYRING		-6	/* - key ID for GID-specific keyring */

#define KEY_SPEC_REQKEY_AUTH_KEY	-7	/* - key ID for assumed request_key auth key */

#define KEY_SPEC_REQUESTOR_KEYRING	-8	/* - key ID for request_key() dest keyring */

/* request-key default keyrings */

#define KEY_REQKEY_DEFL_NO_CHANGE		-1

#define KEY_REQKEY_DEFL_USER_KEYRING		4

#define KEY_REQKEY_DEFL_USER_SESSION_KEYRING	5

#define KEY_REQKEY_DEFL_GROUP_KEYRING		6

#define KEY_REQKEY_DEFL_REQUESTOR_KEYRING	7

/* keyctl commands */

#define KEYCTL_GET_KEYRING_ID		0	/* ask for a keyring's ID */

	/* Unblock all signals and set the session keyring. */

	new_session = key_get(sub_info->ring);

	spin_lock_irq(&current->sighand->siglock);

	old_session = __install_session_keyring(current, new_session);

	old_session = __install_session_keyring(new_session);

	flush_signal_handlers(current, 1);

	sigemptyset(&current->blocked);

	recalc_sigpending();

extern struct key *find_keyring_by_name(const char *name, bool skip_perm_check);

extern int install_thread_keyring(struct task_struct *tsk);

extern int install_process_keyring(struct task_struct *tsk);

extern int install_user_keyrings(void);

extern int install_thread_keyring(void);

extern int install_process_keyring(void);

extern struct key *request_key_and_link(struct key_type *type,

					const char *description,

					struct key *dest_keyring,

					unsigned long flags);

extern key_ref_t lookup_user_key(struct task_struct *context,

				 key_serial_t id, int create, int partial,

extern key_ref_t lookup_user_key(key_serial_t id, int create, int partial,

				 key_perm_t perm);

extern long join_session_keyring(const char *name);

 */

struct request_key_auth {

	struct key		*target_key;

	struct key		*dest_keyring;

	struct task_struct	*context;

	void			*callout_info;

	size_t			callout_len;

extern struct key_type key_type_request_key_auth;

extern struct key *request_key_auth_new(struct key *target,

					const void *callout_info,

					size_t callout_len);

					size_t callout_len,

					struct key *dest_keyring);

extern struct key *key_get_instantiation_authkey(key_serial_t target_id);

	}

	/* find the target keyring (which must be writable) */

	keyring_ref = lookup_user_key(NULL, ringid, 1, 0, KEY_WRITE);

	keyring_ref = lookup_user_key(ringid, 1, 0, KEY_WRITE);

	if (IS_ERR(keyring_ref)) {

		ret = PTR_ERR(keyring_ref);

		goto error3;

	/* get the destination keyring if specified */

	dest_ref = NULL;

	if (destringid) {

		dest_ref = lookup_user_key(NULL, destringid, 1, 0, KEY_WRITE);

		dest_ref = lookup_user_key(destringid, 1, 0, KEY_WRITE);

		if (IS_ERR(dest_ref)) {

			ret = PTR_ERR(dest_ref);

			goto error3;

	key_ref_t key_ref;

	long ret;

	key_ref = lookup_user_key(NULL, id, create, 0, KEY_SEARCH);

	key_ref = lookup_user_key(id, create, 0, KEY_SEARCH);

	if (IS_ERR(key_ref)) {

		ret = PTR_ERR(key_ref);

		goto error;

	}

	/* find the target key (which must be writable) */

	key_ref = lookup_user_key(NULL, id, 0, 0, KEY_WRITE);

	key_ref = lookup_user_key(id, 0, 0, KEY_WRITE);

	if (IS_ERR(key_ref)) {

		ret = PTR_ERR(key_ref);

		goto error2;

	key_ref_t key_ref;

	long ret;

	key_ref = lookup_user_key(NULL, id, 0, 0, KEY_WRITE);

	key_ref = lookup_user_key(id, 0, 0, KEY_WRITE);

	if (IS_ERR(key_ref)) {

		ret = PTR_ERR(key_ref);

		goto error;

	key_ref_t keyring_ref;

	long ret;

	keyring_ref = lookup_user_key(NULL, ringid, 1, 0, KEY_WRITE);

	keyring_ref = lookup_user_key(ringid, 1, 0, KEY_WRITE);

	if (IS_ERR(keyring_ref)) {

		ret = PTR_ERR(keyring_ref);

		goto error;

	key_ref_t keyring_ref, key_ref;

	long ret;

	keyring_ref = lookup_user_key(NULL, ringid, 1, 0, KEY_WRITE);

	keyring_ref = lookup_user_key(ringid, 1, 0, KEY_WRITE);

	if (IS_ERR(keyring_ref)) {

		ret = PTR_ERR(keyring_ref);

		goto error;

	}

	key_ref = lookup_user_key(NULL, id, 1, 0, KEY_LINK);

	key_ref = lookup_user_key(id, 1, 0, KEY_LINK);

	if (IS_ERR(key_ref)) {

		ret = PTR_ERR(key_ref);

		goto error2;

	key_ref_t keyring_ref, key_ref;

	long ret;

	keyring_ref = lookup_user_key(NULL, ringid, 0, 0, KEY_WRITE);

	keyring_ref = lookup_user_key(ringid, 0, 0, KEY_WRITE);

	if (IS_ERR(keyring_ref)) {

		ret = PTR_ERR(keyring_ref);

		goto error;

	}

	key_ref = lookup_user_key(NULL, id, 0, 0, 0);

	key_ref = lookup_user_key(id, 0, 0, 0);

	if (IS_ERR(key_ref)) {

		ret = PTR_ERR(key_ref);

		goto error2;

	char *tmpbuf;

	long ret;

	key_ref = lookup_user_key(NULL, keyid, 0, 1, KEY_VIEW);

	key_ref = lookup_user_key(keyid, 0, 1, KEY_VIEW);

	if (IS_ERR(key_ref)) {

		/* viewing a key under construction is permitted if we have the

		 * authorisation token handy */

			instkey = key_get_instantiation_authkey(keyid);

			if (!IS_ERR(instkey)) {

				key_put(instkey);

				key_ref = lookup_user_key(NULL, keyid,

				key_ref = lookup_user_key(keyid,

							  0, 1, 0);

				if (!IS_ERR(key_ref))

					goto okay;

	}

	/* get the keyring at which to begin the search */

	keyring_ref = lookup_user_key(NULL, ringid, 0, 0, KEY_SEARCH);

	keyring_ref = lookup_user_key(ringid, 0, 0, KEY_SEARCH);

	if (IS_ERR(keyring_ref)) {

		ret = PTR_ERR(keyring_ref);

		goto error2;

	/* get the destination keyring if specified */

	dest_ref = NULL;

	if (destringid) {

		dest_ref = lookup_user_key(NULL, destringid, 1, 0, KEY_WRITE);

		dest_ref = lookup_user_key(destringid, 1, 0, KEY_WRITE);

		if (IS_ERR(dest_ref)) {

			ret = PTR_ERR(dest_ref);

			goto error3;

	long ret;

	/* find the key first */

	key_ref = lookup_user_key(NULL, keyid, 0, 0, 0);

	key_ref = lookup_user_key(keyid, 0, 0, 0);

	if (IS_ERR(key_ref)) {

		ret = -ENOKEY;

		goto error;

	if (uid == (uid_t) -1 && gid == (gid_t) -1)

		goto error;

	key_ref = lookup_user_key(NULL, id, 1, 1, KEY_SETATTR);

	key_ref = lookup_user_key(id, 1, 1, KEY_SETATTR);

	if (IS_ERR(key_ref)) {

		ret = PTR_ERR(key_ref);

		goto error;

	if (perm & ~(KEY_POS_ALL | KEY_USR_ALL | KEY_GRP_ALL | KEY_OTH_ALL))

		goto error;

	key_ref = lookup_user_key(NULL, id, 1, 1, KEY_SETATTR);

	key_ref = lookup_user_key(id, 1, 1, KEY_SETATTR);

	if (IS_ERR(key_ref)) {

		ret = PTR_ERR(key_ref);

		goto error;

} /* end keyctl_setperm_key() */

/*

 * get the destination keyring for instantiation

 */

static long get_instantiation_keyring(key_serial_t ringid,

				      struct request_key_auth *rka,

				      struct key **_dest_keyring)

{

	key_ref_t dkref;

	/* just return a NULL pointer if we weren't asked to make a link */

	if (ringid == 0) {

		*_dest_keyring = NULL;

		return 0;

	}

	/* if a specific keyring is nominated by ID, then use that */

	if (ringid > 0) {

		dkref = lookup_user_key(ringid, 1, 0, KEY_WRITE);

		if (IS_ERR(dkref))

			return PTR_ERR(dkref);

		*_dest_keyring = key_ref_to_ptr(dkref);

		return 0;

	}

	if (ringid == KEY_SPEC_REQKEY_AUTH_KEY)

		return -EINVAL;

	/* otherwise specify the destination keyring recorded in the

	 * authorisation key (any KEY_SPEC_*_KEYRING) */

	if (ringid >= KEY_SPEC_REQUESTOR_KEYRING) {

		*_dest_keyring = rka->dest_keyring;

		return 0;

	}

	return -ENOKEY;

}

/*****************************************************************************/

/*

 * instantiate the key with the specified payload, and, if one is given, link

			    key_serial_t ringid)

{

	struct request_key_auth *rka;

	struct key *instkey;

	key_ref_t keyring_ref;

	struct key *instkey, *dest_keyring;

	void *payload;

	long ret;

	bool vm = false;

	/* find the destination keyring amongst those belonging to the

	 * requesting task */

	keyring_ref = NULL;

	if (ringid) {

		keyring_ref = lookup_user_key(rka->context, ringid, 1, 0,

					      KEY_WRITE);

		if (IS_ERR(keyring_ref)) {

			ret = PTR_ERR(keyring_ref);

	ret = get_instantiation_keyring(ringid, rka, &dest_keyring);

	if (ret < 0)

		goto error2;

		}

	}

	/* instantiate the key and link it into a keyring */

	ret = key_instantiate_and_link(rka->target_key, payload, plen,

				       key_ref_to_ptr(keyring_ref), instkey);

				       dest_keyring, instkey);

	key_ref_put(keyring_ref);

	key_put(dest_keyring);

	/* discard the assumed authority if it's just been disabled by

	 * instantiation of the key */

long keyctl_negate_key(key_serial_t id, unsigned timeout, key_serial_t ringid)

{

	struct request_key_auth *rka;

	struct key *instkey;

	key_ref_t keyring_ref;

	struct key *instkey, *dest_keyring;

	long ret;

	/* the appropriate instantiation authorisation key must have been

	/* find the destination keyring if present (which must also be

	 * writable) */

	keyring_ref = NULL;

	if (ringid) {

		keyring_ref = lookup_user_key(NULL, ringid, 1, 0, KEY_WRITE);

		if (IS_ERR(keyring_ref)) {

			ret = PTR_ERR(keyring_ref);

	ret = get_instantiation_keyring(ringid, rka, &dest_keyring);

	if (ret < 0)

		goto error;

		}

	}

	/* instantiate the key and link it into a keyring */

	ret = key_negate_and_link(rka->target_key, timeout,

				  key_ref_to_ptr(keyring_ref), instkey);

				  dest_keyring, instkey);

	key_ref_put(keyring_ref);

	key_put(dest_keyring);

	/* discard the assumed authority if it's just been disabled by

	 * instantiation of the key */

	switch (reqkey_defl) {

	case KEY_REQKEY_DEFL_THREAD_KEYRING:

		ret = install_thread_keyring(current);

		ret = install_thread_keyring();

		if (ret < 0)

			return ret;

		goto set;

	case KEY_REQKEY_DEFL_PROCESS_KEYRING:

		ret = install_process_keyring(current);

		ret = install_process_keyring();

		if (ret < 0)

			return ret;

	time_t expiry;

	long ret;

	key_ref = lookup_user_key(NULL, id, 1, 1, KEY_SETATTR);

	key_ref = lookup_user_key(id, 1, 1, KEY_SETATTR);

	if (IS_ERR(key_ref)) {

		ret = PTR_ERR(key_ref);

		goto error;

	char *context;

	long ret;

	key_ref = lookup_user_key(NULL, keyid, 0, 1, KEY_VIEW);

	key_ref = lookup_user_key(keyid, 0, 1, KEY_VIEW);

	if (IS_ERR(key_ref)) {

		if (PTR_ERR(key_ref) != -EACCES)

			return PTR_ERR(key_ref);

			return PTR_ERR(key_ref);

		key_put(instkey);

		key_ref = lookup_user_key(NULL, keyid, 0, 1, 0);

		key_ref = lookup_user_key(keyid, 0, 1, 0);

		if (IS_ERR(key_ref))

			return PTR_ERR(key_ref);

	}