1 // SPDX-License-Identifier: GPL-2.0
2 /* Use watch_queue API to watch for notifications.
3 *
4 * Copyright (C) 2020 Red Hat, Inc. All Rights Reserved.
5 * Written by David Howells (dhowells@redhat.com)
6 */
7
8 #define _GNU_SOURCE
9 #include <stdbool.h>
10 #include <stdarg.h>
11 #include <stdio.h>
12 #include <stdlib.h>
13 #include <string.h>
14 #include <signal.h>
15 #include <unistd.h>
16 #include <errno.h>
17 #include <sys/ioctl.h>
18 #include <limits.h>
19 #include <linux/watch_queue.h>
20 #include <linux/unistd.h>
21 #include <linux/keyctl.h>
22
23 #ifndef KEYCTL_WATCH_KEY
24 #define KEYCTL_WATCH_KEY -1
25 #endif
26 #ifndef __NR_keyctl
27 #define __NR_keyctl -1
28 #endif
29
30 #define BUF_SIZE 256
31
keyctl_watch_key(int key,int watch_fd,int watch_id)32 static long keyctl_watch_key(int key, int watch_fd, int watch_id)
33 {
34 return syscall(__NR_keyctl, KEYCTL_WATCH_KEY, key, watch_fd, watch_id);
35 }
36
37 static const char *key_subtypes[256] = {
38 [NOTIFY_KEY_INSTANTIATED] = "instantiated",
39 [NOTIFY_KEY_UPDATED] = "updated",
40 [NOTIFY_KEY_LINKED] = "linked",
41 [NOTIFY_KEY_UNLINKED] = "unlinked",
42 [NOTIFY_KEY_CLEARED] = "cleared",
43 [NOTIFY_KEY_REVOKED] = "revoked",
44 [NOTIFY_KEY_INVALIDATED] = "invalidated",
45 [NOTIFY_KEY_SETATTR] = "setattr",
46 };
47
saw_key_change(struct watch_notification * n,size_t len)48 static void saw_key_change(struct watch_notification *n, size_t len)
49 {
50 struct key_notification *k = (struct key_notification *)n;
51
52 if (len != sizeof(struct key_notification)) {
53 fprintf(stderr, "Incorrect key message length\n");
54 return;
55 }
56
57 printf("KEY %08x change=%u[%s] aux=%u\n",
58 k->key_id, n->subtype, key_subtypes[n->subtype], k->aux);
59 }
60
61 /*
62 * Consume and display events.
63 */
consumer(int fd)64 static void consumer(int fd)
65 {
66 unsigned char buffer[433], *p, *end;
67 union {
68 struct watch_notification n;
69 unsigned char buf1[128];
70 } n;
71 ssize_t buf_len;
72
73 for (;;) {
74 buf_len = read(fd, buffer, sizeof(buffer));
75 if (buf_len == -1) {
76 perror("read");
77 exit(1);
78 }
79
80 if (buf_len == 0) {
81 printf("-- END --\n");
82 return;
83 }
84
85 if (buf_len > sizeof(buffer)) {
86 fprintf(stderr, "Read buffer overrun: %zd\n", buf_len);
87 return;
88 }
89
90 printf("read() = %zd\n", buf_len);
91
92 p = buffer;
93 end = buffer + buf_len;
94 while (p < end) {
95 size_t largest, len;
96
97 largest = end - p;
98 if (largest > 128)
99 largest = 128;
100 if (largest < sizeof(struct watch_notification)) {
101 fprintf(stderr, "Short message header: %zu\n", largest);
102 return;
103 }
104 memcpy(&n, p, largest);
105
106 printf("NOTIFY[%03zx]: ty=%06x sy=%02x i=%08x\n",
107 p - buffer, n.n.type, n.n.subtype, n.n.info);
108
109 len = n.n.info & WATCH_INFO_LENGTH;
110 if (len < sizeof(n.n) || len > largest) {
111 fprintf(stderr, "Bad message length: %zu/%zu\n", len, largest);
112 exit(1);
113 }
114
115 switch (n.n.type) {
116 case WATCH_TYPE_META:
117 switch (n.n.subtype) {
118 case WATCH_META_REMOVAL_NOTIFICATION:
119 printf("REMOVAL of watchpoint %08x\n",
120 (n.n.info & WATCH_INFO_ID) >>
121 WATCH_INFO_ID__SHIFT);
122 break;
123 case WATCH_META_LOSS_NOTIFICATION:
124 printf("-- LOSS --\n");
125 break;
126 default:
127 printf("other meta record\n");
128 break;
129 }
130 break;
131 case WATCH_TYPE_KEY_NOTIFY:
132 saw_key_change(&n.n, len);
133 break;
134 default:
135 printf("other type\n");
136 break;
137 }
138
139 p += len;
140 }
141 }
142 }
143
144 static struct watch_notification_filter filter = {
145 .nr_filters = 1,
146 .filters = {
147 [0] = {
148 .type = WATCH_TYPE_KEY_NOTIFY,
149 .subtype_filter[0] = UINT_MAX,
150 },
151 },
152 };
153
main(int argc,char ** argv)154 int main(int argc, char **argv)
155 {
156 int pipefd[2], fd;
157
158 if (pipe2(pipefd, O_NOTIFICATION_PIPE) == -1) {
159 perror("pipe2");
160 exit(1);
161 }
162 fd = pipefd[0];
163
164 if (ioctl(fd, IOC_WATCH_QUEUE_SET_SIZE, BUF_SIZE) == -1) {
165 perror("watch_queue(size)");
166 exit(1);
167 }
168
169 if (ioctl(fd, IOC_WATCH_QUEUE_SET_FILTER, &filter) == -1) {
170 perror("watch_queue(filter)");
171 exit(1);
172 }
173
174 if (keyctl_watch_key(KEY_SPEC_SESSION_KEYRING, fd, 0x01) == -1) {
175 perror("keyctl");
176 exit(1);
177 }
178
179 if (keyctl_watch_key(KEY_SPEC_USER_KEYRING, fd, 0x02) == -1) {
180 perror("keyctl");
181 exit(1);
182 }
183
184 consumer(fd);
185 exit(0);
186 }
187