#include <linux/fcntl.h>
#include <linux/cdev.h>
#include <linux/syscalls.h>
-#include <asm/system.h>
-#include <asm/uaccess.h>
+#include <linux/uaccess.h>
#include <linux/list.h>
#include <linux/err.h>
#include <linux/mm.h>
#include <linux/crypto.h>
#include <linux/sched.h>
#include <linux/cred.h>
+#include <asm/system.h>
#ifndef CAP_MAJOR
#define CAP_MAJOR 0
struct cdev cdev;
};
-int cap_trim(struct cap_dev *);
-ssize_t cap_write(struct file *, const char __user *, size_t, loff_t *);
-char *cap_hash(char *plain_text, unsigned int plain_text_size, char *key, unsigned int key_size);
-void hex_dump(unsigned char * buf, unsigned int len);
+char *cap_hash(char *plain_text, unsigned int plain_text_size, char *key,
+ unsigned int key_size);
int cap_major = CAP_MAJOR;
-int cap_minor = 0;
+int cap_minor;
int cap_nr_devs = CAP_NR_DEVS;
int cap_node_size = CAP_NODE_SIZE;
}
/* initialise the head if it is NULL */
if (dev->head == NULL) {
- dev->head =
- (struct cap_node *) kmalloc(sizeof(struct cap_node),
- GFP_KERNEL);
+ dev->head = kmalloc(sizeof(struct cap_node), GFP_KERNEL);
INIT_LIST_HEAD(&(dev->head->list));
}
return 0;
return 0;
}
-ssize_t
-cap_write(struct file * filp, const char __user * buf,
- size_t count, loff_t * f_pos)
+ssize_t cap_write(struct file *filp, const char __user *buf, size_t count,
+ loff_t *f_pos)
{
struct cap_node *node_ptr, *tmp;
struct list_head *pos;
if (down_interruptible(&dev->sem))
return -ERESTARTSYS;
- node_ptr =
- (struct cap_node *) kmalloc(sizeof(struct cap_node),
- GFP_KERNEL);
- user_buf = (char *) kmalloc(count, GFP_KERNEL);
+ node_ptr = kmalloc(sizeof(struct cap_node), GFP_KERNEL);
+ user_buf = kmalloc(count, GFP_KERNEL);
memset(user_buf, 0, count);
if (copy_from_user(user_buf, buf, count)) {
goto out;
}
- /* If the minor number is 0 ( /dev/caphash ) then simply add the
+ /*
+ * If the minor number is 0 ( /dev/caphash ) then simply add the
* hashed capability supplied by the user to the list of hashes
*/
if (0 == iminor(filp->f_dentry->d_inode)) {
memcpy(node_ptr->data, user_buf, count);
list_add(&(node_ptr->list), &(dev->head->list));
} else {
- /* break the supplied string into tokens with @ as the delimiter
- If the string is "user1@user2@randomstring" we need to split it
- and hash 'user1@user2' using 'randomstring' as the key
+ /*
+ * break the supplied string into tokens with @ as the
+ * delimiter If the string is "user1@user2@randomstring" we
+ * need to split it and hash 'user1@user2' using 'randomstring'
+ * as the key.
*/
user_buf_running = kstrdup(user_buf, GFP_KERNEL);
source_user = strsep(&user_buf_running, "@");
/* hash the string user1@user2 with rand_str as the key */
len = strlen(source_user) + strlen(target_user) + 1;
- hash_str = (char *) kmalloc(len, GFP_KERNEL);
+ hash_str = kmalloc(len, GFP_KERNEL);
memset(hash_str, 0, len);
strcat(hash_str, source_user);
strcat(hash_str, "@");
* list of hashes
*/
list_for_each(pos, &(cap_devices->head->list)) {
- /* Change the user id of the process if the hashes match */
+ /*
+ * Change the user id of the process if the hashes
+ * match
+ */
if (0 ==
memcmp(result,
list_entry(pos, struct cap_node,
simple_strtol(source_user, NULL, 0);
flag = 1;
- /* Check whether the process writing to capuse is actually owned by
- * the source owner
+ /*
+ * Check whether the process writing to capuse
+ * is actually owned by the source owner
*/
if (source_int != current_uid()) {
printk(KERN_ALERT
retval = -EFAULT;
goto out;
}
- /* What all id's need to be changed here? uid, euid, fsid, savedids ??
- * Currently I am changing the effective user id
- * since most of the authorisation decisions are based on it
+ /*
+ * What all id's need to be changed here? uid,
+ * euid, fsid, savedids ?? Currently I am
+ * changing the effective user id since most of
+ * the authorisation decisions are based on it
*/
new = prepare_creds();
if (!new) {
if (retval)
goto out;
- /* Remove the capability from the list and break */
- tmp =
- list_entry(pos, struct cap_node, list);
+ /*
+ * Remove the capability from the list and
+ * break
+ */
+ tmp = list_entry(pos, struct cap_node, list);
list_del(pos);
kfree(tmp);
break;
}
}
if (0 == flag) {
- /* The capability is not present in the list of the hashes stored, hence return failure */
+ /*
+ * The capability is not present in the list of the
+ * hashes stored, hence return failure
+ */
printk(KERN_ALERT
"Invalid capabiliy written to /dev/capuse \n");
retval = -EFAULT;
if (dev->size < *f_pos)
dev->size = *f_pos;
- out:
+out:
up(&dev->sem);
return retval;
}
-struct file_operations cap_fops = {
+const struct file_operations cap_fops = {
.owner = THIS_MODULE,
.write = cap_write,
.open = cap_open,
return 0;
- fail:
+fail:
cap_cleanup_module();
return result;
}
char *key, unsigned int key_size)
{
struct scatterlist sg;
- char *result = (char *) kmalloc(MAX_DIGEST_SIZE, GFP_KERNEL);
+ char *result = kmalloc(MAX_DIGEST_SIZE, GFP_KERNEL);
struct crypto_hash *tfm;
struct hash_desc desc;
int ret;
tfm = crypto_alloc_hash("hmac(sha1)", 0, CRYPTO_ALG_ASYNC);
if (IS_ERR(tfm)) {
- printk("failed to load transform for hmac(sha1): %ld\n",
+ printk(KERN_ERR
+ "failed to load transform for hmac(sha1): %ld\n",
PTR_ERR(tfm));
kfree(result);
return NULL;
ret = crypto_hash_setkey(tfm, key, key_size);
if (ret) {
- printk("setkey() failed ret=%d\n", ret);
+ printk(KERN_ERR "setkey() failed ret=%d\n", ret);
kfree(result);
result = NULL;
goto out;
ret = crypto_hash_digest(&desc, &sg, plain_text_size, result);
if (ret) {
- printk("digest () failed ret=%d\n", ret);
+ printk(KERN_ERR "digest () failed ret=%d\n", ret);
kfree(result);
result = NULL;
goto out;
}
- printk("crypto hash digest size %d\n",
+ printk(KERN_DEBUG "crypto hash digest size %d\n",
crypto_hash_digestsize(tfm));
hexdump(result, MAX_DIGEST_SIZE);
- out:
+out:
crypto_free_hash(tfm);
return result;
}