Lib: Support keyctl(KEYCTL_REJECT)

Support the negate key with specific rejection error keyctl op, providing it
as keyctl_reject().

Signed-off-by: David Howells <dhowells@redhat.com>

10 files changed, 105 insertions, 11 deletions

diff --git a/Makefile b/Makefile
index b680536..ec56710 100644
--- a/Makefile
+++ b/Makefile
@@ -157,6 +157,7 @@ endif
 	$(INSTALL) -D -m 0644 keyctl_get_security.3 $(DESTDIR)$(MAN3)/keyctl_get_security.3
 	$(LNS) keyctl_get_security.3 $(DESTDIR)$(MAN3)/keyctl_get_security_alloc.3
 	$(INSTALL) -D -m 0644 keyctl_instantiate.3 $(DESTDIR)$(MAN3)/keyctl_instantiate.3
+	$(LNS) keyctl_instantiate.3 $(DESTDIR)$(MAN3)/keyctl_reject.3
 	$(LNS) keyctl_instantiate.3 $(DESTDIR)$(MAN3)/keyctl_negate.3
 	$(LNS) keyctl_instantiate.3 $(DESTDIR)$(MAN3)/keyctl_assume_authority.3
 	$(INSTALL) -D -m 0644 keyctl_join_session_keyring.3 $(DESTDIR)$(MAN3)/keyctl_join_session_keyring.3
diff --git a/keyctl.1 b/keyctl.1
index ee8e982..6e08702 100644
--- a/keyctl.1
+++ b/keyctl.1
@@ -71,6 +71,8 @@ keyctl - Key management facility control
 .br
 \fBkeyctl\fR negate <key> <timeout> <keyring>
 .br
+\fBkeyctl\fR reject <key> <timeout> <error> <keyring>
+.br
 \fBkeyctl\fR timeout <key> <timeout>
 .br
 \fBkeyctl\fR security <key>
@@ -542,14 +544,20 @@ keyring;4043;4043;3f1f0000;fish
 \fBkeyctl pinstantiate\fR <key> <keyring>
 .br
 \fBkeyctl negate\fR <key> <timeout> <keyring>
+.br
+\fBkeyctl reject\fR <key> <timeout> <error> <keyring>
 .P
 These commands are used to attach data to a partially set up key (as created by
-the kernel and passed to /sbin/request-key). "instantiate" marks a key as being
-valid and attaches the data as the payload. "negate" marks a key as invalid and
-sets a timeout on it so that it'll go away after a while. This prevents a lot
-of quickly sequential requests from slowing the system down overmuch when they
-all fail, as all subsequent requests will then fail with error "Requested key
-not found" until the negative key has expired.
+the kernel and passed to /sbin/request-key).  "instantiate" marks a key as
+being valid and attaches the data as the payload.  "negate" and "reject" mark a
+key as invalid and sets a timeout on it so that it'll go away after a while.
+This prevents a lot of quickly sequential requests from slowing the system down
+overmuch when they all fail, as all subsequent requests will then fail with
+error "Requested key not found" (if negated) or the specified error (if
+rejected) until the negative key has expired.
+.P
+Reject's error argument can either be a UNIX error number or one of
+.BR "" "'" rejected "', '" expired "' or '" revoked "'."
 .P
 The newly instantiated key will be attached to the specified keyring.
 .P
@@ -562,6 +570,8 @@ has been instantiated one way or another.
 testbox>keyctl instantiate $1 "Debug $3" $4
 .br
 testbox>keyctl negate $1 30 $4
+.br
+testbox>keyctl reject $1 30 64 $4
 .RE
 .P
 The \fBpinstantiate\fR variant of the command reads the data from stdin rather
diff --git a/keyctl.3 b/keyctl.3
index 4ed4693..ebb0c58 100644
--- a/keyctl.3
+++ b/keyctl.3
@@ -55,6 +55,8 @@ and then telling the linker it should link in the library:
 .br
 .BR keyctl_read_alloc (3)
 .br
+.BR keyctl_reject (3)
+.br
 .BR keyctl_revoke (3)
 .br
 .BR keyctl_search (3)
diff --git a/keyctl.c b/keyctl.c
index c21d0de..80092ad 100644
--- a/keyctl.c
+++ b/keyctl.c
@@ -57,6 +57,7 @@ static int act_keyctl_negate(int argc, char *argv[]);
 static int act_keyctl_timeout(int argc, char *argv[]);
 static int act_keyctl_security(int argc, char *argv[]);
 static int act_keyctl_new_session(int argc, char *argv[]);
+static int act_keyctl_reject(int argc, char *argv[]);
 
 const struct command commands[] = {
 	{ act_keyctl_show,	"show",		"" },
@@ -92,6 +93,7 @@ const struct command commands[] = {
 	{ act_keyctl_timeout,	"timeout",	"<key> <timeout>" },
 	{ act_keyctl_security,	"security",	"<key>" },
 	{ act_keyctl_new_session, "new_session",	"" },
+	{ act_keyctl_reject,	"reject",	"<key> <timeout> <error> <keyring>" },
 	{ NULL, NULL, NULL }
 };
 
@@ -1230,6 +1232,50 @@ static int act_keyctl_new_session(int argc, char *argv[])
 
 /*****************************************************************************/
 /*
+ * reject a key that's under construction
+ */
+static int act_keyctl_reject(int argc, char *argv[])
+{
+	unsigned long timeout;
+	key_serial_t key, dest;
+	unsigned long rejerr;
+	char *q;
+
+	if (argc != 5)
+		format();
+
+	key = get_key_id(argv[1]);
+
+	timeout = strtoul(argv[2], &q, 10);
+	if (*q) {
+		fprintf(stderr, "Unparsable timeout: '%s'\n", argv[2]);
+		exit(2);
+	}
+
+	if (strcmp(argv[3], "rejected") == 0) {
+		rejerr = EKEYREJECTED;
+	} else if (strcmp(argv[3], "revoked") == 0) {
+		rejerr = EKEYREVOKED;
+	} else if (strcmp(argv[3], "expired") == 0) {
+		rejerr = EKEYEXPIRED;
+	} else {
+		rejerr = strtoul(argv[3], &q, 10);
+		if (*q) {
+			fprintf(stderr, "Unparsable error: '%s'\n", argv[3]);
+			exit(2);
+		}
+	}
+
+	dest = get_key_id(argv[4]);
+
+	if (keyctl_reject(key, timeout, rejerr, dest) < 0)
+		error("keyctl_negate");
+
+	return 0;
+}
+
+/*****************************************************************************/
+/*
  * parse a key identifier
  */
 static key_serial_t get_key_id(const char *arg)
diff --git a/keyctl_instantiate.3 b/keyctl_instantiate.3
index f20701d..4829bd6 100644
--- a/keyctl_instantiate.3
+++ b/keyctl_instantiate.3
@@ -11,7 +11,11 @@
 .\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
 .SH NAME
 keyctl_assume_authority \- Assume the authority to instantiate a key
+.br
 keyctl_instantiate \- Instantiate a key
+.br
+keyctl_reject \- Negatively instantiate a key specifying search error
+.br
 keyctl_negate \- Negatively instantiate a key
 .\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
 .SH SYNOPSIS
@@ -25,6 +29,9 @@ keyctl_negate \- Negatively instantiate a key
 .sp
 .BI "long keyctl_negate(key_serial_t " key ", unsigned " timeout ,
 .BI "key_serial_t " keyring ");"
+.sp
+.BI "long keyctl_reject(key_serial_t " key ", unsigned " timeout ,
+.BI "unsigned " error ", key_serial_t " keyring ");"
 .\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
 .SH DESCRIPTION
 .BR keyctl_assume_authority ()
@@ -72,10 +79,20 @@ may be NULL and
 may be zero if the key type permits that.  The key type may reject the data if
 it's in the wrong format or in some other way invalid.
 .P
-.BR keyctl_negate ()
+.BR keyctl_reject ()
 marks a key as negatively instantiated and sets the expiration timer on it.
 .I timeout
 specifies the lifetime of the key in seconds.
+.I error
+specifies the error to be returned when a search hits the key (this is
+typically
+.IR EKEYREJECTED ", " EKEYREVOKED " or " EKEYEXPIRED ")."
+.P
+.BR keyctl_negate ()
+as
+.IR keyctl_reject ()
+with an error code of
+.IB ENOKEY .
 .P
 Only a key for which authority has been assumed may be instantiated or
 negatively instantiated, and once instantiated, the authorisation key will be
diff --git a/keyutils.c b/keyutils.c
index 21d0ab0..c20c707 100644
--- a/keyutils.c
+++ b/keyutils.c
@@ -1,6 +1,6 @@
 /* keyutils.c: key utility library
  *
- * Copyright (C) 2005 Red Hat, Inc. All Rights Reserved.
+ * Copyright (C) 2005,2011 Red Hat, Inc. All Rights Reserved.
  * Written by David Howells (dhowells@redhat.com)
  *
  * This program is free software; you can redistribute it and/or
@@ -175,6 +175,12 @@ long keyctl_session_to_parent(void)
 	return keyctl(KEYCTL_SESSION_TO_PARENT);
 }
 
+long keyctl_reject(key_serial_t id, unsigned timeout, unsigned error,
+		   key_serial_t ringid)
+{
+	return keyctl(KEYCTL_REJECT, id, timeout, error, ringid);
+}
+
 /*****************************************************************************/
 /*
  * fetch key description into an allocated buffer
diff --git a/keyutils.h b/keyutils.h
index e581a01..4e7b909 100644
--- a/keyutils.h
+++ b/keyutils.h
@@ -1,6 +1,6 @@
 /* keyutils.h: key utility library interface
  *
- * Copyright (C) 2005 Red Hat, Inc. All Rights Reserved.
+ * Copyright (C) 2005,2011 Red Hat, Inc. All Rights Reserved.
  * Written by David Howells (dhowells@redhat.com)
  *
  * This program is free software; you can redistribute it and/or
@@ -91,6 +91,7 @@ typedef uint32_t key_perm_t;
 #define KEYCTL_ASSUME_AUTHORITY		16	/* assume authority to instantiate key */
 #define KEYCTL_GET_SECURITY		17	/* get key security label */
 #define KEYCTL_SESSION_TO_PARENT	18	/* set my session keyring on my parent process */
+#define KEYCTL_REJECT			19	/* reject a partially constructed key */
 
 /*
  * syscall wrappers
@@ -136,6 +137,8 @@ extern long keyctl_set_timeout(key_serial_t key, unsigned timeout);
 extern long keyctl_assume_authority(key_serial_t key);
 extern long keyctl_get_security(key_serial_t key, char *buffer, size_t buflen);
 extern long keyctl_session_to_parent(void);
+extern long keyctl_reject(key_serial_t id, unsigned timeout, unsigned error,
+			  key_serial_t ringid);
 
 /*
  * utilities
diff --git a/keyutils.spec b/keyutils.spec
index bd41219..a34f5cf 100644
--- a/keyutils.spec
+++ b/keyutils.spec
@@ -4,12 +4,12 @@
 %define libdir /%{_lib}
 %define usrlibdir %{_prefix}/%{_lib}
 %define libapivermajor 1
-%define libapiversion %{libapivermajor}.3
+%define libapiversion %{libapivermajor}.4
 
 Summary: Linux Key Management Utilities
 Name: keyutils
 Version: %{version}
-Release: 4%{?dist}
+Release: 4.dev%{?dist}
 License: GPLv2+ and LGPLv2+
 Group: System Environment/Base
 ExclusiveOS: Linux
diff --git a/request-key.conf b/request-key.conf
index e482c96..549185e 100644
--- a/request-key.conf
+++ b/request-key.conf
@@ -32,6 +32,9 @@
 #OP	TYPE	DESCRIPTION	CALLOUT INFO	PROGRAM ARG1 ARG2 ARG3 ...
 #======	=======	===============	===============	===============================
 create	user	debug:*		negate		/bin/keyctl negate %k 30 %S
+create  user    debug:*         rejected        /bin/keyctl reject %k 30 %c %S
+create  user    debug:*         expired         /bin/keyctl reject %k 30 %c %S
+create  user    debug:*         revoked         /bin/keyctl reject %k 30 %c %S
 create	user	debug:loop:*	*		|/bin/cat
 create	user	debug:*		*		/usr/share/keyutils/request-key-debug.sh %k %d %c %S
 negate	*	*		*		/bin/keyctl negate %k 30 %S
diff --git a/version.lds b/version.lds
index 33d6d51..cd19814 100644
--- a/version.lds
+++ b/version.lds
@@ -40,3 +40,9 @@ KEYUTILS_1.3 {
 	keyctl_session_to_parent;
 
 } KEYUTILS_1.0;
+
+KEYUTILS_1.4 {
+	/* management functions */
+	keyctl_reject;
+
+} KEYUTILS_1.3;