Add a keyctl command to get the security label on a key

Signed-off-by: David Howells <dhowells@redhat.com>

6 files changed, 225 insertions, 1 deletions

diff --git a/keyctl.1 b/keyctl.1
index 00cb987..b83b78d 100644
--- a/keyctl.1
+++ b/keyctl.1
@@ -72,6 +72,8 @@ keyctl - Key management facility control
 \fBkeyctl\fR negate <key> <timeout> <keyring>
 .br
 \fBkeyctl\fR timeout <key> <timeout>
+.br
+\fBkeyctl\fR security <key>
 .SH DESCRIPTION
 This program is used to control the key management facility in various ways
 using a variety of subcommands.
@@ -579,7 +581,20 @@ into the future.
 .P
 .RS
 testbox>keyctl timeout $1 45
-.RW
+.RE
+.P
+(*) \fBRetrieve a key's security context\fR
+.P
+\fBkeyctl security\fR <key>
+.P
+This command is used to retrieve a key's LSM security context.  The label is
+printed on stdout.
+.P
+.RS
+testbox>keyctl security @s
+.br
+unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
+.RE
 .SH ERRORS
 .P
 There are a number of common errors returned by this program:
diff --git a/keyctl.c b/keyctl.c
index dc11805..6b79542 100644
--- a/keyctl.c
+++ b/keyctl.c
@@ -55,6 +55,7 @@ static int act_keyctl_instantiate(int argc, char *argv[]);
 static int act_keyctl_pinstantiate(int argc, char *argv[]);
 static int act_keyctl_negate(int argc, char *argv[]);
 static int act_keyctl_timeout(int argc, char *argv[]);
+static int act_keyctl_security(int argc, char *argv[]);
 
 const struct command commands[] = {
 	{ act_keyctl_show,	"show",		"" },
@@ -88,6 +89,7 @@ const struct command commands[] = {
 	{ act_keyctl_pinstantiate, "pinstantiate","<key> <keyring>" },
 	{ act_keyctl_negate,	"negate",	"<key> <timeout> <keyring>" },
 	{ act_keyctl_timeout,	"timeout",	"<key> <timeout>" },
+	{ act_keyctl_security,	"security",	"<key>" },
 	{ NULL, NULL, NULL }
 };
 
@@ -1176,6 +1178,30 @@ static int act_keyctl_timeout(int argc, char *argv[])
 
 /*****************************************************************************/
 /*
+ * get a key's security label
+ */
+static int act_keyctl_security(int argc, char *argv[])
+{
+	key_serial_t key;
+	char *buffer;
+	int ret;
+
+	if (argc != 2)
+		format();
+
+	key = get_key_id(argv[1]);
+
+	/* get key description */
+	ret = keyctl_get_security_alloc(key, &buffer);
+	if (ret < 0)
+		error("keyctl_getsecurity");
+
+	printf("%s\n", buffer);
+	return 0;
+}
+
+/*****************************************************************************/
+/*
  * parse a key identifier
  */
 static key_serial_t get_key_id(const char *arg)
diff --git a/keyctl_security.3 b/keyctl_security.3
new file mode 100644
index 0000000..2da7ea8
--- /dev/null
+++ b/keyctl_security.3
@@ -0,0 +1,136 @@
+.\"
+.\" Copyright (C) 2010 Red Hat, Inc. All Rights Reserved.
+.\" Written by David Howells (dhowells@redhat.com)
+.\"
+.\" This program is free software; you can redistribute it and/or
+.\" modify it under the terms of the GNU General Public License
+.\" as published by the Free Software Foundation; either version
+.\" 2 of the License, or (at your option) any later version.
+.\"
+.TH KEYCTL_SECURITY 3 "26 Feb 2010" Linux "Linux Key Management Calls"
+.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
+.SH NAME
+keyctl_security \- Retrieve a key's security context
+.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
+.SH SYNOPSIS
+.nf
+.B #include <keyutils.h>
+.sp
+.BI "long keyctl_security(key_serial_t " key ", char *" buffer ,
+.BI "size_t " buflen ");"
+.sp
+.BI "long keyctl_security_alloc(key_serial_t " key ", char **" _buffer ");"
+.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
+.SH DESCRIPTION
+.BR keyctl_security ()
+retrieves the security context of a key as a NUL-terminated string.  This will
+be rendered in a form appropriate to the LSM in force - for instance, with
+SELinux, it may look like
+.IP
+.B "unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023"
+.P
+The caller must have
+.B view
+permission on a key to be able to get its security context.
+.P
+.I buffer
+and
+.I buflen
+specify the buffer into which the string will be placed.  If the buffer is too
+small, the full size of the string will be returned, and no copy will take
+place.
+.P
+.BR keyctl_security_alloc ()
+is similar to
+.BR keyctl_security ()
+except that it allocates a buffer big enough to hold the string and copies the
+string into it.  If successful, A pointer to the buffer is placed in
+.IR *_buffer .
+The caller must free the buffer.
+.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
+.SH RETURN VALUE
+On success
+.BR keyctl_security ()
+returns the amount of data placed into the buffer.  If the buffer was too
+small, then the size of buffer required will be returned, but no data will be
+transferred.  On error, the value
+.B -1
+will be returned and errno will have been set to an appropriate error.
+.P
+On success
+.BR keyctl_security_alloc ()
+returns the amount of data in the buffer, less the NUL terminator.  On error, the value
+.B -1
+will be returned and errno will have been set to an appropriate error.
+.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
+.SH ERRORS
+.TP
+.B ENOKEY
+The key specified is invalid.
+.TP
+.B EKEYEXPIRED
+The key specified has expired.
+.TP
+.B EKEYREVOKED
+The key specified had been revoked.
+.TP
+.B EACCES
+The key exists, but is not
+.B viewable
+by the calling process.
+.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
+.SH LINKING
+This is a library function that can be found in
+.IR libkeyutils .
+When linking,
+.B -lkeyutils
+should be specified to the linker.
+.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
+.SH SEE ALSO
+.BR keyctl (1),
+.br
+.BR add_key (2),
+.br
+.BR keyctl (2),
+.br
+.BR request_key (2),
+.br
+.BR keyctl_get_keyring_ID (3),
+.br
+.BR keyctl_join_session_keyring (3),
+.br
+.BR keyctl_update (3),
+.br
+.BR keyctl_revoke (3),
+.br
+.BR keyctl_chown (3),
+.br
+.BR keyctl_setperm (3),
+.br
+.BR keyctl_describe (3),
+.br
+.BR keyctl_clear (3),
+.br
+.BR keyctl_link (3),
+.br
+.BR keyctl_unlink (3),
+.br
+.BR keyctl_search (3),
+.br
+.BR keyctl_read (3),
+.br
+.BR keyctl_instantiate (3),
+.br
+.BR keyctl_negate (3),
+.br
+.BR keyctl_set_reqkey_keyring (3),
+.br
+.BR keyctl_set_timeout (3),
+.br
+.BR keyctl_assume_authority (3),
+.br
+.BR keyctl_describe_alloc (3),
+.br
+.BR keyctl_read_alloc (3),
+.br
+.BR request-key (8)
diff --git a/keyutils.c b/keyutils.c
index 891fee4..7c8cea6 100644
--- a/keyutils.c
+++ b/keyutils.c
@@ -165,6 +165,11 @@ long keyctl_assume_authority(key_serial_t id)
 	return keyctl(KEYCTL_ASSUME_AUTHORITY, id);
 }
 
+long keyctl_get_security(key_serial_t id, char *buffer, size_t buflen)
+{
+	return keyctl(KEYCTL_GET_SECURITY, id, buffer, buflen);
+}
+
 /*****************************************************************************/
 /*
  * fetch key description into an allocated buffer
@@ -244,6 +249,44 @@ int keyctl_read_alloc(key_serial_t id, void **_buffer)
 
 } /* end keyctl_read_alloc() */
 
+/*****************************************************************************/
+/*
+ * fetch key security label into an allocated buffer
+ * - resulting string is NUL terminated
+ * - returns count not including NUL
+ */
+int keyctl_get_security_alloc(key_serial_t id, char **_buffer)
+{
+	char *buf;
+	long buflen, ret;
+
+	ret = keyctl_get_security(id, NULL, 0);
+	if (ret < 0)
+		return -1;
+
+	buflen = ret;
+	buf = malloc(buflen);
+	if (!buf)
+		return -1;
+
+	for (;;) {
+		ret = keyctl_get_security(id, buf, buflen);
+		if (ret < 0)
+			return -1;
+
+		if (buflen >= ret)
+			break;
+
+		buflen = ret;
+		buf = realloc(buf, buflen);
+		if (!buf)
+			return -1;
+	}
+
+	*_buffer = buf;
+	return buflen - 1;
+}
+
 #ifdef NO_GLIBC_KEYERR
 /*****************************************************************************/
 /*
diff --git a/keyutils.h b/keyutils.h
index 29faa81..35f12a9 100644
--- a/keyutils.h
+++ b/keyutils.h
@@ -89,6 +89,7 @@ typedef uint32_t key_perm_t;
 #define KEYCTL_SET_REQKEY_KEYRING	14	/* set default request-key keyring */
 #define KEYCTL_SET_TIMEOUT		15	/* set timeout on a key */
 #define KEYCTL_ASSUME_AUTHORITY		16	/* assume authority to instantiate key */
+#define KEYCTL_GET_SECURITY		17	/* get key security label */
 
 /*
  * syscall wrappers
@@ -132,12 +133,14 @@ extern long keyctl_negate(key_serial_t id, unsigned timeout, key_serial_t ringid
 extern long keyctl_set_reqkey_keyring(int reqkey_defl);
 extern long keyctl_set_timeout(key_serial_t key, unsigned timeout);
 extern long keyctl_assume_authority(key_serial_t key);
+extern long keyctl_get_security(key_serial_t key, char *buffer, size_t buflen);
 
 /*
  * utilities
  */
 extern int keyctl_describe_alloc(key_serial_t id, char **_buffer);
 extern int keyctl_read_alloc(key_serial_t id, void **_buffer);
+extern int keyctl_get_security_alloc(key_serial_t id, char **_buffer);
 
 
 #endif /* KEYUTILS_H */
diff --git a/keyutils.spec b/keyutils.spec
index 361bf17..152a600 100644
--- a/keyutils.spec
+++ b/keyutils.spec
@@ -91,6 +91,7 @@ rm -rf $RPM_BUILD_ROOT
 %changelog
 * Fri Feb 26 2010 David Howells <dhowells@redhat.com>
 - Fix compiler warnings in request-key.
+- Expose the kernel function to get a key's security context.
 
 * Tue Aug 22 2006 David Howells <dhowells@redhat.com> - 1.2-1
 - Remove syscall manual pages (section 2) to man-pages package [BZ 203582]