diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-06-16 22:57:16 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-06-17 20:49:05 +0200 |
commit | 6b060c1dc5486cbf51f13d168c442e7df116b26c (patch) | |
tree | 45ab36ae9f4a405c22dc082b226c361e886fe726 /ncr.c | |
parent | 5797051e8b1f3ac4d6cc5edf181a04536b496d3d (diff) | |
download | cryptodev-linux-6b060c1dc5486cbf51f13d168c442e7df116b26c.tar.gz cryptodev-linux-6b060c1dc5486cbf51f13d168c442e7df116b26c.tar.xz cryptodev-linux-6b060c1dc5486cbf51f13d168c442e7df116b26c.zip |
Use current_euid() and task_pid_nr(current) to get identifiers for owners (for imposed limits).
Diffstat (limited to 'ncr.c')
-rw-r--r-- | ncr.c | 16 |
1 files changed, 14 insertions, 2 deletions
@@ -27,6 +27,8 @@ #include <asm/uaccess.h> #include <asm/ioctl.h> #include <linux/scatterlist.h> +#include <linux/cred.h> +#include <linux/capability.h> #include "ncr.h" #include "ncr_int.h" @@ -76,6 +78,12 @@ void ncr_master_key_reset(void) static int ncr_master_key_set(void* __user arg) { struct ncr_master_key_st st; + + if (current_euid() != 0 && !capable(CAP_SYS_ADMIN)) { + err(); + return -EPERM; + } + copy_from_user(&st, arg, sizeof(st)); if (st.key_size > sizeof(master_key.key.secret.data)) { @@ -83,6 +91,10 @@ struct ncr_master_key_st st; return -EINVAL; } + if (master_key.type != NCR_KEY_TYPE_INVALID) { + dprintk(0, KERN_DEBUG, "Master key was previously initialized.\n"); + } + master_key.type = NCR_KEY_TYPE_SECRET; memcpy(master_key.key.secret.data, st.key, st.key_size); @@ -101,7 +113,7 @@ ncr_ioctl(struct ncr_lists* lst, struct file *filp, switch (cmd) { case NCRIO_DATA_INIT: - return ncr_data_init(filp, &lst->data, (void*)arg); + return ncr_data_init(&lst->data, (void*)arg); case NCRIO_DATA_GET: return ncr_data_get(&lst->data, (void*)arg); case NCRIO_DATA_SET: @@ -110,7 +122,7 @@ ncr_ioctl(struct ncr_lists* lst, struct file *filp, return ncr_data_deinit(&lst->data, (void*)arg); case NCRIO_KEY_INIT: - return ncr_key_init(filp, &lst->key, (void*)arg); + return ncr_key_init(&lst->key, (void*)arg); case NCRIO_KEY_DEINIT: return ncr_key_deinit(&lst->key, (void*)arg); case NCRIO_KEY_GENERATE: |