1 /*
2  * Check decoding of keyctl syscall.
3  *
4  * Copyright (c) 2016 Eugene Syromyatnikov <evgsyr@gmail.com>
5  * Copyright (c) 2016-2018 The strace developers.
6  * All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer.
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  * 3. The name of the author may not be used to endorse or promote products
17  *    derived from this software without specific prior written permission.
18  *
19  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
20  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
21  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
22  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
23  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
24  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
28  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29  */
30 
31 #include "tests.h"
32 
33 #include <asm/unistd.h>
34 
35 #ifdef __NR_keyctl
36 
37 # include <linux/types.h>
38 # include <linux/keyctl.h>
39 
40 # include <assert.h>
41 # include <errno.h>
42 # include <inttypes.h>
43 # include <stdarg.h>
44 # include <stdio.h>
45 # include <stdlib.h>
46 # include <string.h>
47 # include <unistd.h>
48 # include <sys/uio.h>
49 
50 /* This check should be before #include "xlat/keyctl_commands.h" */
51 # ifndef KEYCTL_DH_COMPUTE
52 struct keyctl_dh_params {
53 	int32_t private;
54 	int32_t prime;
55 	int32_t base;
56 };
57 # endif
58 
59 # ifndef HAVE_STRUCT_KEYCTL_KDF_PARAMS
60 struct keyctl_kdf_params {
61 	char *hashname;
62 	char *otherinfo;
63 	uint32_t otherinfolen;
64 	uint32_t __spare[8];
65 };
66 # endif
67 
68 # include "xlat.h"
69 # include "xlat/keyctl_commands.h"
70 
71 # ifndef KEY_SPEC_REQKEY_AUTH_KEY
72 #  define KEY_SPEC_REQKEY_AUTH_KEY   -7
73 # endif
74 
75 # ifndef KEY_SPEC_REQUESTOR_KEYRING
76 #  define KEY_SPEC_REQUESTOR_KEYRING -8
77 # endif
78 
79 static const size_t limit = 10;
80 
81 /*
82  * Well, this is true for DESCRIBE and GET_SECURITY, and false for READ and
83  * DH_COMPUTE and I see no ability to pass this information without
84  * significantly breaking interface.
85  */
86 bool nul_terminated_buf = true;
87 bool buf_in_arg;
88 
89 /* From ioctl_dm.c */
90 # define STR32 "AbCdEfGhIjKlMnOpQrStUvWxYz012345"
91 
92 #if XLAT_RAW
93 # define XARG_STR(v_) (v_), STRINGIFY(v_)
94 #elif XLAT_VERBOSE
95 # define XARG_STR(v_) (v_), STRINGIFY(v_) " /* " #v_ " */"
96 #else
97 # define XARG_STR ARG_STR
98 #endif
99 
100 /*
101  * When this is called with positive size, the buffer provided is an "out"
102  * argument and rc contains resulting size (globally defined nul_terminated_buf
103  * controls whether it is nul-terminated or not). If size is negative,
104  * it contains "in" argument.
105  */
106 void
print_quoted_string_limit(const char * str,size_t size,long rc)107 print_quoted_string_limit(const char *str, size_t size, long rc)
108 {
109 	size_t print_size = ((rc >= 0) && (size > 0)) ?
110 		((unsigned long) rc > size ? size :
111 		(unsigned long) rc) : size;
112 	size_t limited_size = print_size > limit ? limit : print_size;
113 
114 	if ((rc == -1) && !buf_in_arg) {
115 		printf("%p", str);
116 		return;
117 	}
118 
119 	if (!nul_terminated_buf ||
120 	    (strnlen(str, limited_size) == limited_size)) {
121 		print_quoted_memory(str, limited_size);
122 		if (print_size > limit)
123 			printf("...");
124 	} else
125 		print_quoted_string(str);
126 }
127 
128 static void
print_arg(kernel_ulong_t arg,const char * str,const char * fmt,size_t size,long rc)129 print_arg(kernel_ulong_t arg, const char *str, const char *fmt, size_t size,
130 	long rc)
131 {
132 	if (size == (size_t) -1)
133 		size = 0;
134 
135 	if (str) {
136 		printf("%s", str);
137 	} else {
138 		if (size == sizeof(uint64_t))
139 			printf(fmt, (uint64_t) arg);
140 		else if (size == sizeof(uint32_t))
141 			printf(fmt, (uint32_t) arg);
142 		else
143 			print_quoted_string_limit((void *) (uintptr_t) arg,
144 						  size, rc);
145 	}
146 }
147 
148 /*
149  * Arguments are passed as sz, val, str, fmt. Arguments are read until 4
150  * arguments are retrieved or size of 0 is occurred.
151  *
152  * str == NULL && fmt == NULL && sz not in {4, 8} - print_quoted_string_limit is
153  *   used for argument printing. If sz is negative, in argument is assumed, out
154  *   otherwise.
155  */
156 void
do_keyctl(kernel_ulong_t cmd,const char * cmd_str,...)157 do_keyctl(kernel_ulong_t cmd, const char *cmd_str, ...)
158 {
159 	kernel_ulong_t args[4] = {
160 		(kernel_ulong_t) 0xdeadfee1badc0de5ULL,
161 		(kernel_ulong_t) 0xdeadfee2badc0de6ULL,
162 		(kernel_ulong_t) 0xdeadfee3badc0de7ULL,
163 		(kernel_ulong_t) 0xdeadfee4badc0de8ULL,
164 	};
165 	const char *arg_str[4] = { NULL };
166 	const char *arg_fmt[4] = { "%llu", "%llu", "%llu", "%llu" };
167 	size_t arg_sz[4] = {
168 		sizeof(kernel_ulong_t),
169 		sizeof(kernel_ulong_t),
170 		sizeof(kernel_ulong_t),
171 		sizeof(kernel_ulong_t),
172 	};
173 	unsigned i;
174 	unsigned cnt = 0;
175 
176 	va_list ap;
177 
178 	va_start(ap, cmd_str);
179 
180 	do {
181 		arg_sz[cnt] = va_arg(ap, size_t);
182 		if (!arg_sz[cnt])
183 			break;
184 
185 		if (arg_sz[cnt] == sizeof(uint64_t))
186 			args[cnt] = va_arg(ap, uint64_t);
187 		else if (arg_sz[cnt] == sizeof(uint32_t))
188 			args[cnt] = va_arg(ap, uint32_t);
189 		else
190 			args[cnt] = (uintptr_t) va_arg(ap, void *);
191 
192 		arg_str[cnt] = va_arg(ap, char *);
193 		arg_fmt[cnt] = va_arg(ap, char *);
194 	} while (++cnt < 4);
195 
196 	long rc = syscall(__NR_keyctl, cmd, args[0], args[1], args[2], args[3]);
197 	const char *errstr = sprintrc(rc);
198 #if XLAT_RAW
199 	printf("keyctl(%#x", (unsigned) cmd);
200 #elif XLAT_VERBOSE
201 	printf("keyctl(%#x /* %s */", (unsigned) cmd, cmd_str);
202 #else
203 	printf("keyctl(%s", cmd_str);
204 #endif
205 	for (i = 0; i < cnt; i++) {
206 		printf(", ");
207 		print_arg(args[i], arg_str[i], arg_fmt[i], arg_sz[i], rc);
208 	}
209 	printf(") = %s\n", errstr);
210 }
211 
212 int
append_str(char ** buf,size_t * left,const char * fmt,...)213 append_str(char **buf, size_t *left, const char *fmt, ...)
214 {
215 	int ret;
216 	va_list ap;
217 
218 	va_start(ap, fmt);
219 	ret = vsnprintf(*buf, *left, fmt, ap);
220 	va_end(ap);
221 
222 	assert((ret >= 0) && ((unsigned) ret < *left));
223 
224 	*left -= ret;
225 	*buf += ret;
226 
227 	return ret;
228 }
229 
230 const char *
kckdfp_to_str(struct keyctl_kdf_params * kdf,bool deref_hash,bool deref_oi,bool print_spare,const char * hash_str,const char * oi_str)231 kckdfp_to_str(struct keyctl_kdf_params *kdf, bool deref_hash, bool deref_oi,
232 	       bool print_spare, const char *hash_str, const char *oi_str)
233 {
234 	static char buf[4096];
235 
236 	size_t left = sizeof(buf);
237 	char *pos = buf;
238 
239 	append_str(&pos, &left, "{hashname=");
240 
241 	if (deref_hash && hash_str) {
242 		append_str(&pos, &left, "%s", hash_str);
243 	} else if (!kdf->hashname) {
244 		append_str(&pos, &left, "NULL");
245 	} else if (deref_hash) {
246 		append_str(&pos, &left, "\"%.*s\"", limit, kdf->hashname);
247 
248 		if (strnlen(kdf->hashname, limit + 1) > limit)
249 			append_str(&pos, &left, "...");
250 	} else {
251 		append_str(&pos, &left, "%p", kdf->hashname);
252 	}
253 
254 	append_str(&pos, &left, ", otherinfo=");
255 
256 	if (deref_oi && oi_str) {
257 		append_str(&pos, &left, "%s", oi_str);
258 	} else if (!kdf->otherinfo) {
259 		append_str(&pos, &left, "NULL");
260 	} else if (deref_oi) {
261 		append_str(&pos, &left, "\"%.*s\"", limit, kdf->otherinfo);
262 
263 		if (strnlen(kdf->otherinfo, limit + 1) > limit)
264 			append_str(&pos, &left, "...");
265 	} else {
266 		append_str(&pos, &left, "%p", kdf->otherinfo);
267 	}
268 
269 	append_str(&pos, &left, ", otherinfolen=%u", kdf->otherinfolen);
270 
271 	if (print_spare) {
272 		size_t i;
273 
274 		append_str(&pos, &left, ", __spare=[");
275 
276 		for (i = 0; i < ARRAY_SIZE(kdf->__spare); i++) {
277 			if  (i)
278 				append_str(&pos, &left, ", ");
279 
280 			append_str(&pos, &left, "%#x", kdf->__spare[i]);
281 		}
282 
283 		append_str(&pos, &left, "]");
284 	}
285 
286 	append_str(&pos, &left, "}");
287 
288 	return buf;
289 }
290 
291 int
main(void)292 main(void)
293 {
294 	enum { PR_LIMIT = 10, IOV_SIZE = 11, IOV_STR_SIZE = 4096 };
295 
296 	static const char *kulong_fmt =
297 		sizeof(kernel_ulong_t) == sizeof(uint64_t) ? "%#llx" : "%#x";
298 	static const char *ksize_fmt =
299 		sizeof(kernel_ulong_t) == sizeof(uint64_t) ? "%llu" : "%u";
300 	static const char *ptr_fmt =
301 		sizeof(void *) == sizeof(uint64_t) ? "%#llx" : "%#x";
302 	static const char unterminated1[] = { '\1', '\2', '\3', '\4', '\5' };
303 	static const char unterminated2[] = { '\6', '\7', '\10', '\11', '\12' };
304 	static const char short_type_str[] = "shrt type";
305 	static const char short_desc_str[] = "shrt desc";
306 	static const char long_type_str[] = "overly long key type";
307 	static const char long_desc_str[] = "overly long key description";
308 	static const int32_t bogus_key1 = 0xdeadf00d;
309 	static const int32_t bogus_key2 = 0x1eefdead;
310 	static const kernel_ulong_t bogus_key3 =
311 		(kernel_ulong_t) 0xdec0ded1dec0ded2ULL;
312 	static const char *bogus_key3_str = "-557785390";
313 
314 	static const struct keyctl_dh_params kcdhp_data = {
315 		.private = KEY_SPEC_GROUP_KEYRING,
316 		.prime = 1234567890,
317 		.base = 3141592653U
318 	};
319 	static const char *kcdhp_str = "{private="
320 #if XLAT_RAW || XLAT_VERBOSE
321 		"-6"
322 #endif
323 #if XLAT_VERBOSE
324 		" /* "
325 #endif
326 #if !XLAT_RAW
327 		"KEY_SPEC_GROUP_KEYRING"
328 #endif
329 #if XLAT_VERBOSE
330 		" */"
331 #endif
332 		", prime=1234567890, base=-1153374643}";
333 
334 	/*
335 	 * It's bigger than current hash name size limit, but since it's
336 	 * implementation-dependent and totally internal, we do not rely
337 	 * on it much.
338 	 */
339 	static const char long_hash_data[] = STR32 STR32 STR32 STR32 "xxx";
340 	static const char short_hash_data[] = "hmac(aes)";
341 	static const char otherinfo1_data[] = "\1\2 OH HAI THAR\255\0\1";
342 	static const char otherinfo2_data[] = "\1\2\n\255\0\1";
343 	static const struct keyctl_kdf_params kckdfp_data[] = {
344 		[0] = { NULL, NULL, 0, { 0 } },
345 		[1] = { NULL /* Changed to unaccessible address in copy */,
346 			NULL, 0xbadc0dedU, { [7] = 0xdeadfeedU } },
347 		[2] = { NULL /* long_hash_data */,
348 			NULL /* Changed to unaccessible address in copy */,
349 			0, { 0 } },
350 		[3] = { NULL /* unterminated1 */,
351 			NULL /* otherinfo_data */, 0, { 1 } },
352 		[4] = { NULL /* short_hash_data */,
353 			NULL /* otherinfo1_data */, sizeof(otherinfo1_data),
354 			{ 0, 0xfacebeef, 0, 0xba5e1ead } },
355 		[5] = { NULL /* short_hash_data */,
356 			NULL /* otherinfo2_data */, sizeof(otherinfo2_data),
357 			{ 0 } },
358 	};
359 
360 	char *bogus_str = tail_memdup(unterminated1, sizeof(unterminated1));
361 	char *bogus_desc = tail_memdup(unterminated2, sizeof(unterminated2));
362 	char *short_type = tail_memdup(short_type_str, sizeof(short_type_str));
363 	char *short_desc = tail_memdup(short_desc_str, sizeof(short_desc_str));
364 	char *long_type = tail_memdup(long_type_str, sizeof(long_type_str));
365 	char *long_desc = tail_memdup(long_desc_str, sizeof(long_desc_str));
366 	char *kcdhp = tail_memdup(&kcdhp_data, sizeof(kcdhp_data));
367 	char *kckdfp_long_hash = tail_memdup(long_hash_data,
368 					     sizeof(long_hash_data));
369 	char *kckdfp_short_hash = tail_memdup(short_hash_data,
370 					      sizeof(short_hash_data));
371 	char *kckdfp_otherinfo1 = tail_memdup(otherinfo1_data,
372 					      sizeof(otherinfo1_data));
373 	char *kckdfp_otherinfo2 = tail_memdup(otherinfo2_data,
374 					      sizeof(otherinfo2_data));
375 	char *kckdfp_char = tail_alloc(sizeof(kckdfp_data[0]));
376 	struct iovec *key_iov = tail_alloc(sizeof(*key_iov) * IOV_SIZE);
377 	char *bogus_buf1 = tail_alloc(9);
378 	char *bogus_buf2 = tail_alloc(256);
379 	char *key_iov_str1;
380 	char *key_iov_str2 = tail_alloc(4096);
381 	ssize_t ret;
382 	ssize_t kis_size = 0;
383 	size_t i;
384 
385 	key_iov[0].iov_base = short_type;
386 	key_iov[0].iov_len = sizeof(short_type_str);
387 	key_iov[1].iov_base = long_type;
388 	key_iov[1].iov_len = sizeof(long_type_str);
389 	key_iov[2].iov_base = short_desc;
390 	key_iov[2].iov_len = sizeof(short_desc_str);
391 	key_iov[3].iov_base = long_desc;
392 	key_iov[3].iov_len = sizeof(long_desc_str);
393 	key_iov[4].iov_base = bogus_str;
394 	key_iov[4].iov_len = 32;
395 
396 	for (i = 5; i < IOV_SIZE; i++) {
397 		key_iov[i].iov_base =
398 			(void *) (uintptr_t) (0xfffffacefffff00dULL +
399 			0x100000001ULL * i);
400 		key_iov[i].iov_len = (size_t) (0xcaffeeeddefaced7ULL +
401 			0x100000001ULL * i);
402 	}
403 
404 	ret = asprintf(&key_iov_str1, "[{iov_base=%p, iov_len=%zu}, "
405 		       "{iov_base=%p, iov_len=%zu}, "
406 		       "{iov_base=%p, iov_len=%zu}, "
407 		       "{iov_base=%p, iov_len=%zu}]",
408 		       key_iov[IOV_SIZE - 4].iov_base,
409 		       key_iov[IOV_SIZE - 4].iov_len,
410 		       key_iov[IOV_SIZE - 3].iov_base,
411 		       key_iov[IOV_SIZE - 3].iov_len,
412 		       key_iov[IOV_SIZE - 2].iov_base,
413 		       key_iov[IOV_SIZE - 2].iov_len,
414 		       key_iov[IOV_SIZE - 1].iov_base,
415 		       key_iov[IOV_SIZE - 1].iov_len);
416 
417 	if (ret < 0)
418 		error_msg_and_fail("asprintf");
419 
420 	ret = snprintf(key_iov_str2, IOV_STR_SIZE,
421 		       "[{iov_base=\"%s\\0\", iov_len=%zu}, "
422 		       "{iov_base=\"%.10s\"..., iov_len=%zu}, "
423 		       "{iov_base=\"%s\\0\", iov_len=%zu}, "
424 		       "{iov_base=\"%.10s\"..., iov_len=%zu}, ",
425 		       (char *) key_iov[0].iov_base, key_iov[0].iov_len,
426 		       (char *) key_iov[1].iov_base, key_iov[1].iov_len,
427 		       (char *) key_iov[2].iov_base, key_iov[2].iov_len,
428 		       (char *) key_iov[3].iov_base, key_iov[3].iov_len);
429 
430 	if ((ret < 0) || (ret >= IOV_STR_SIZE))
431 		error_msg_and_fail("snprintf");
432 
433 	for (i = 4; i < PR_LIMIT; i++) {
434 		kis_size += ret;
435 
436 		ret = snprintf(key_iov_str2 + kis_size, IOV_STR_SIZE - kis_size,
437 			       "{iov_base=%p, iov_len=%zu}, ",
438 			       key_iov[i].iov_base, key_iov[i].iov_len);
439 
440 		if ((ret < 0) || (ret >= (IOV_STR_SIZE - kis_size)))
441 			error_msg_and_fail("snprintf");
442 	}
443 
444 	kis_size += ret;
445 	snprintf(key_iov_str2 + kis_size, IOV_STR_SIZE - kis_size, "...]");
446 
447 
448 	/* Invalid command */
449 	do_keyctl((kernel_ulong_t) 0xbadc0dedfacefeedULL,
450 #if XLAT_VERBOSE
451 		  "KEYCTL_???"
452 #else
453 		  "0xfacefeed"
454 # if !XLAT_RAW
455 		  " /* KEYCTL_??? */"
456 # endif
457 #endif
458 		  ,
459 		  sizeof(kernel_ulong_t),
460 			(kernel_ulong_t) 0xdeadfee1badc0de5ULL, NULL,
461 			kulong_fmt,
462 		  sizeof(kernel_ulong_t),
463 			(kernel_ulong_t) 0xdeadfee2badc0de6ULL, NULL,
464 			kulong_fmt,
465 		  sizeof(kernel_ulong_t),
466 			(kernel_ulong_t) 0xdeadfee3badc0de7ULL, NULL,
467 			kulong_fmt,
468 		  sizeof(kernel_ulong_t),
469 			(kernel_ulong_t) 0xdeadfee4badc0de8ULL, NULL,
470 			kulong_fmt);
471 
472 
473 	/* GET_KEYRING_ID */
474 	do_keyctl(ARG_STR(KEYCTL_GET_KEYRING_ID),
475 		  sizeof(kernel_ulong_t), bogus_key3, bogus_key3_str, NULL,
476 		  sizeof(kernel_ulong_t),
477 			(kernel_ulong_t) 0xbadc0dedffffffffLLU, "-1", NULL,
478 		  0UL);
479 	do_keyctl(ARG_STR(KEYCTL_GET_KEYRING_ID),
480 		  sizeof(int32_t), XARG_STR(KEY_SPEC_THREAD_KEYRING), "%d",
481 		  sizeof(int), 3141592653U, NULL, "%d", NULL,
482 		  0UL);
483 
484 
485 	/* KEYCTL_JOIN_SESSION_KEYRING */
486 	do_keyctl(ARG_STR(KEYCTL_JOIN_SESSION_KEYRING),
487 		  sizeof(char *), ARG_STR(NULL), NULL,
488 		  0UL);
489 	do_keyctl(ARG_STR(KEYCTL_JOIN_SESSION_KEYRING),
490 		  sizeof(char *), (char *) 0xfffffacefffffeedULL, NULL, ptr_fmt,
491 		  0UL);
492 	do_keyctl(ARG_STR(KEYCTL_JOIN_SESSION_KEYRING),
493 		  sizeof(char *), bogus_str, NULL, ptr_fmt,
494 		  0UL);
495 	do_keyctl(ARG_STR(KEYCTL_JOIN_SESSION_KEYRING),
496 		  sizeof(char *), ARG_STR("bogus name"), NULL,
497 		  0UL);
498 	do_keyctl(ARG_STR(KEYCTL_JOIN_SESSION_KEYRING),
499 		  sizeof(char *), "very long keyring name", "\"very long \"...",
500 			NULL,
501 		  0UL);
502 
503 
504 	/* KEYCTL_UPDATE */
505 
506 	buf_in_arg = true;
507 
508 	do_keyctl(ARG_STR(KEYCTL_UPDATE),
509 		  sizeof(int32_t), XARG_STR(KEY_SPEC_REQUESTOR_KEYRING), NULL,
510 		  sizeof(char *), ARG_STR(NULL), NULL,
511 		  sizeof(kernel_ulong_t), (kernel_ulong_t) 0, NULL, ksize_fmt,
512 		  0UL);
513 	do_keyctl(ARG_STR(KEYCTL_UPDATE),
514 		  sizeof(int32_t), bogus_key1, NULL, "%d",
515 		  sizeof(char *), (char *) 0xfffffacefffffeedULL, NULL, ptr_fmt,
516 		  sizeof(kernel_ulong_t),
517 			(kernel_ulong_t) 0xdeadfee4badc0de8ULL, NULL, ksize_fmt,
518 		  0UL);
519 	do_keyctl(ARG_STR(KEYCTL_UPDATE),
520 		  sizeof(int32_t), bogus_key2, NULL, "%d",
521 		  sizeof(char *), bogus_str, NULL, ptr_fmt,
522 		  sizeof(kernel_ulong_t),
523 			(kernel_ulong_t) 0xdeadfee4badc0de8ULL, NULL, ksize_fmt,
524 		  0UL);
525 	do_keyctl(ARG_STR(KEYCTL_UPDATE),
526 		  sizeof(kernel_ulong_t), bogus_key3, bogus_key3_str, NULL,
527 		  sizeof(short_desc_str), short_desc, NULL, NULL,
528 		  sizeof(kernel_ulong_t),
529 		  (kernel_ulong_t) sizeof(short_desc_str) - 1, NULL,
530 			  ksize_fmt,
531 		  0UL);
532 
533 	buf_in_arg = false;
534 
535 
536 	/* KEYCTL_REVOKE */
537 	do_keyctl(ARG_STR(KEYCTL_REVOKE),
538 		  sizeof(int32_t), XARG_STR(KEY_SPEC_GROUP_KEYRING), NULL,
539 		  0UL);
540 	do_keyctl(ARG_STR(KEYCTL_REVOKE),
541 		  sizeof(int32_t), bogus_key1, NULL, "%d",
542 		  0UL);
543 	do_keyctl(ARG_STR(KEYCTL_REVOKE),
544 		  sizeof(int32_t), bogus_key2, NULL, "%d",
545 		  0UL);
546 	do_keyctl(ARG_STR(KEYCTL_REVOKE),
547 		  sizeof(kernel_ulong_t), bogus_key3, bogus_key3_str, NULL,
548 		  0UL);
549 
550 
551 	/* KEYCTL_CHOWN */
552 	do_keyctl(ARG_STR(KEYCTL_CHOWN),
553 		  sizeof(int32_t), XARG_STR(KEY_SPEC_REQUESTOR_KEYRING), NULL,
554 		  sizeof(uid_t), ARG_STR(-1), NULL,
555 		  sizeof(gid_t), ARG_STR(-1), NULL,
556 		  0UL);
557 	do_keyctl(ARG_STR(KEYCTL_CHOWN),
558 		  sizeof(int32_t), bogus_key1, NULL, "%d",
559 		  sizeof(uid_t), 2718281828U, NULL, "%u",
560 		  sizeof(gid_t), 3141592653U, NULL, "%u",
561 		  0UL);
562 
563 
564 	/* KEYCTL_SETPERM */
565 	do_keyctl(ARG_STR(KEYCTL_SETPERM),
566 		  sizeof(int32_t), XARG_STR(KEY_SPEC_REQKEY_AUTH_KEY), NULL,
567 		  sizeof(uint32_t), 0xffffffffU,
568 #if XLAT_RAW || XLAT_VERBOSE
569 			"0xffffffff"
570 #endif
571 #if XLAT_VERBOSE
572 			" /* "
573 #endif
574 #if !XLAT_RAW
575 			"KEY_POS_VIEW|KEY_POS_READ|KEY_POS_WRITE|"
576 			"KEY_POS_SEARCH|KEY_POS_LINK|KEY_POS_SETATTR|"
577 			"KEY_USR_VIEW|KEY_USR_READ|KEY_USR_WRITE|"
578 			"KEY_USR_SEARCH|KEY_USR_LINK|KEY_USR_SETATTR|"
579 			"KEY_GRP_VIEW|KEY_GRP_READ|KEY_GRP_WRITE|"
580 			"KEY_GRP_SEARCH|KEY_GRP_LINK|KEY_GRP_SETATTR|"
581 			"KEY_OTH_VIEW|KEY_OTH_READ|KEY_OTH_WRITE|"
582 			"KEY_OTH_SEARCH|KEY_OTH_LINK|KEY_OTH_SETATTR|"
583 			"0xc0c0c0c0"
584 #endif
585 #if XLAT_VERBOSE
586 			" */"
587 #endif
588 			, NULL,
589 		  0UL);
590 	do_keyctl(ARG_STR(KEYCTL_SETPERM),
591 		  sizeof(int32_t), bogus_key1, NULL, "%d",
592 		  sizeof(uint32_t), 0, NULL, "%#x",
593 		  0UL);
594 	do_keyctl(ARG_STR(KEYCTL_SETPERM),
595 		  sizeof(kernel_ulong_t), bogus_key3, bogus_key3_str, NULL,
596 		  sizeof(uint32_t), 0xc0c0c0c0,
597 			  "0xc0c0c0c0"
598 #if !XLAT_RAW
599 			  " /* KEY_??? */"
600 #endif
601 			  ,
602 			  NULL,
603 		  0UL);
604 
605 
606 	/* KEYCTL_DESCRIBE */
607 	do_keyctl(ARG_STR(KEYCTL_DESCRIBE),
608 		  sizeof(int32_t), bogus_key1, NULL, "%d",
609 		  sizeof(char *), ARG_STR(NULL), ptr_fmt,
610 		  sizeof(kernel_ulong_t),
611 			(kernel_ulong_t) 0xfeedf157badc0dedLLU, NULL, ksize_fmt,
612 		  0UL);
613 	do_keyctl(ARG_STR(KEYCTL_DESCRIBE),
614 		  sizeof(kernel_ulong_t), bogus_key3, bogus_key3_str, NULL,
615 		  sizeof(char *), ARG_STR(NULL), ptr_fmt,
616 		  sizeof(kernel_ulong_t),
617 			(kernel_ulong_t) 0xfeedf157badc0dedLLU, NULL, ksize_fmt,
618 		  0UL);
619 	do_keyctl(ARG_STR(KEYCTL_DESCRIBE),
620 		  sizeof(int32_t), XARG_STR(KEY_SPEC_THREAD_KEYRING), NULL,
621 		  (size_t) 9, (uintptr_t) bogus_buf1, NULL, NULL,
622 		  sizeof(kernel_ulong_t), (kernel_ulong_t) 9, NULL, ksize_fmt,
623 		  0UL);
624 	do_keyctl(ARG_STR(KEYCTL_DESCRIBE),
625 		  sizeof(int32_t), XARG_STR(KEY_SPEC_THREAD_KEYRING), NULL,
626 		  (size_t) 256, (uintptr_t) bogus_buf2, NULL, NULL,
627 		  sizeof(kernel_ulong_t), (kernel_ulong_t) 256, NULL, ksize_fmt,
628 		  0UL);
629 	do_keyctl(ARG_STR(KEYCTL_DESCRIBE),
630 		  sizeof(int32_t), XARG_STR(KEY_SPEC_THREAD_KEYRING), NULL,
631 		  (size_t) -4, (uintptr_t) bogus_buf2, NULL, NULL,
632 		  sizeof(kernel_ulong_t), (kernel_ulong_t) -4, NULL, ksize_fmt,
633 		  0UL);
634 
635 
636 	/* KEYCTL_CLEAR */
637 	do_keyctl(ARG_STR(KEYCTL_CLEAR),
638 		  sizeof(int32_t), XARG_STR(KEY_SPEC_GROUP_KEYRING), NULL,
639 		  0UL);
640 	do_keyctl(ARG_STR(KEYCTL_CLEAR),
641 		  sizeof(int32_t), bogus_key1, NULL, "%d",
642 		  0UL);
643 	do_keyctl(ARG_STR(KEYCTL_CLEAR),
644 		  sizeof(int32_t), bogus_key2, NULL, "%d",
645 		  0UL);
646 	do_keyctl(ARG_STR(KEYCTL_CLEAR),
647 		  sizeof(kernel_ulong_t), bogus_key3, bogus_key3_str, NULL,
648 		  0UL);
649 
650 
651 	/* KEYCTL_LINK */
652 	do_keyctl(ARG_STR(KEYCTL_LINK),
653 		  sizeof(int32_t), bogus_key1, NULL, "%d",
654 		  sizeof(int32_t), XARG_STR(KEY_SPEC_GROUP_KEYRING), NULL,
655 		  0UL);
656 	do_keyctl(ARG_STR(KEYCTL_LINK),
657 		  sizeof(int32_t), XARG_STR(KEY_SPEC_REQUESTOR_KEYRING), NULL,
658 		  sizeof(int32_t), bogus_key2, NULL, "%d",
659 		  0UL);
660 	do_keyctl(ARG_STR(KEYCTL_LINK),
661 		  sizeof(int32_t), XARG_STR(KEY_SPEC_REQUESTOR_KEYRING), NULL,
662 		  sizeof(kernel_ulong_t), bogus_key3, bogus_key3_str, NULL,
663 		  0UL);
664 
665 
666 	/* KEYCTL_UNLINK */
667 	do_keyctl(ARG_STR(KEYCTL_UNLINK),
668 		  sizeof(int32_t), bogus_key1, NULL, "%d",
669 		  sizeof(int32_t), XARG_STR(KEY_SPEC_GROUP_KEYRING), NULL,
670 		  0UL);
671 	do_keyctl(ARG_STR(KEYCTL_UNLINK),
672 		  sizeof(int32_t), XARG_STR(KEY_SPEC_REQUESTOR_KEYRING), NULL,
673 		  sizeof(int32_t), bogus_key2, NULL, "%d",
674 		  0UL);
675 	do_keyctl(ARG_STR(KEYCTL_UNLINK),
676 		  sizeof(int32_t), XARG_STR(KEY_SPEC_REQUESTOR_KEYRING), NULL,
677 		  sizeof(kernel_ulong_t), bogus_key3, bogus_key3_str, NULL,
678 		  0UL);
679 
680 
681 	/* KEYCTL_SEARCH */
682 	buf_in_arg = true;
683 
684 	do_keyctl(ARG_STR(KEYCTL_SEARCH),
685 		  sizeof(int32_t), XARG_STR(KEY_SPEC_REQUESTOR_KEYRING), NULL,
686 		  sizeof(char *), ARG_STR(NULL), NULL,
687 		  sizeof(char *), ARG_STR(NULL), NULL,
688 		  sizeof(int32_t), 0, NULL, "%d");
689 	do_keyctl(ARG_STR(KEYCTL_SEARCH),
690 		  sizeof(int32_t), bogus_key1, NULL, "%d",
691 		  sizeof(char *), (char *) 0xfffffacefffffeedULL, NULL, ptr_fmt,
692 		  sizeof(char *), (char *) 0xfffff00dfffff157ULL, NULL, ptr_fmt,
693 		  sizeof(int32_t), XARG_STR(KEY_SPEC_USER_SESSION_KEYRING),
694 			  NULL);
695 	do_keyctl(ARG_STR(KEYCTL_SEARCH),
696 		  sizeof(int32_t), bogus_key2, NULL, "%d",
697 		  sizeof(char *), bogus_str, NULL, ptr_fmt,
698 		  sizeof(char *), bogus_desc, NULL, ptr_fmt,
699 		  sizeof(int32_t), bogus_key1, NULL, "%d");
700 	do_keyctl(ARG_STR(KEYCTL_SEARCH),
701 		  sizeof(kernel_ulong_t), bogus_key3, bogus_key3_str, NULL,
702 		  sizeof(short_type_str), short_type, NULL, NULL,
703 		  sizeof(short_desc_str), short_desc, NULL, NULL,
704 		  sizeof(int32_t), bogus_key2, NULL, "%d");
705 	do_keyctl(ARG_STR(KEYCTL_SEARCH),
706 		  sizeof(int32_t), 0, NULL, "%d",
707 		  sizeof(long_type_str), long_type, NULL, NULL,
708 		  sizeof(long_type_str), long_desc, NULL, NULL,
709 		  sizeof(kernel_ulong_t), bogus_key3, bogus_key3_str, NULL);
710 
711 	/* KEYCTL_RESTRICT_KEYRING */
712 
713 	do_keyctl(ARG_STR(KEYCTL_RESTRICT_KEYRING),
714 		  sizeof(int32_t), XARG_STR(KEY_SPEC_REQUESTOR_KEYRING), NULL,
715 		  sizeof(char *), ARG_STR(NULL), NULL,
716 		  sizeof(char *), ARG_STR(NULL), NULL,
717 			  NULL);
718 	do_keyctl(ARG_STR(KEYCTL_RESTRICT_KEYRING),
719 		  sizeof(int32_t), bogus_key1, NULL, "%d",
720 		  sizeof(char *), (char *) 0xfffffacefffffeedULL, NULL, ptr_fmt,
721 		  sizeof(char *), (char *) 0xfffff00dfffff157ULL, NULL, ptr_fmt,
722 			  NULL);
723 	do_keyctl(ARG_STR(KEYCTL_RESTRICT_KEYRING),
724 		  sizeof(int32_t), bogus_key2, NULL, "%d",
725 		  sizeof(char *), bogus_str, NULL, ptr_fmt,
726 		  sizeof(char *), bogus_desc, NULL, ptr_fmt,
727 			  NULL);
728 	do_keyctl(ARG_STR(KEYCTL_RESTRICT_KEYRING),
729 		  sizeof(kernel_ulong_t), bogus_key3, bogus_key3_str, NULL,
730 		  sizeof(short_type_str), short_type, NULL, NULL,
731 		  sizeof(short_desc_str), short_desc, NULL, NULL,
732 			  NULL);
733 	do_keyctl(ARG_STR(KEYCTL_RESTRICT_KEYRING),
734 		  sizeof(int32_t), 0, NULL, "%d",
735 		  sizeof(long_type_str), long_type, NULL, NULL,
736 		  sizeof(long_type_str), long_desc, NULL, NULL,
737 			  NULL);
738 
739 	buf_in_arg = false;
740 
741 
742 	/* KEYCTL_READ */
743 	nul_terminated_buf = false;
744 
745 	/* Empty result is expected for these */
746 	bogus_buf1[0] = '\377';
747 	bogus_buf2[0] = '\377';
748 
749 	do_keyctl(ARG_STR(KEYCTL_READ),
750 		  sizeof(int32_t), bogus_key1, NULL, "%d",
751 		  sizeof(char *), ARG_STR(NULL), ptr_fmt,
752 		  sizeof(kernel_ulong_t),
753 		  (kernel_ulong_t) 0xfeedf157badc0dedLLU, NULL, ksize_fmt,
754 		  0UL);
755 	do_keyctl(ARG_STR(KEYCTL_READ),
756 		  sizeof(kernel_ulong_t), bogus_key3, bogus_key3_str, NULL,
757 		  sizeof(char *), ARG_STR(NULL), ptr_fmt,
758 		  sizeof(kernel_ulong_t),
759 			(kernel_ulong_t) 0xfeedf157badc0dedLLU, NULL, ksize_fmt,
760 		  0UL);
761 	do_keyctl(ARG_STR(KEYCTL_READ),
762 		  sizeof(int32_t), XARG_STR(KEY_SPEC_THREAD_KEYRING), NULL,
763 		  (size_t) 9, (uintptr_t) bogus_buf1, NULL, NULL,
764 		  sizeof(kernel_ulong_t), (kernel_ulong_t) 9, NULL, ksize_fmt,
765 		  0UL);
766 	do_keyctl(ARG_STR(KEYCTL_READ),
767 		  sizeof(int32_t), XARG_STR(KEY_SPEC_THREAD_KEYRING), NULL,
768 		  (size_t) 256, (uintptr_t) bogus_buf2, NULL, NULL,
769 		  sizeof(kernel_ulong_t), (kernel_ulong_t) 256, NULL, ksize_fmt,
770 		  0UL);
771 	do_keyctl(ARG_STR(KEYCTL_READ),
772 		  sizeof(int32_t), XARG_STR(KEY_SPEC_THREAD_KEYRING), NULL,
773 		  (size_t) -4, (uintptr_t) bogus_buf2, NULL, NULL,
774 		  sizeof(kernel_ulong_t), (kernel_ulong_t) -4, NULL, ksize_fmt,
775 		  0UL);
776 
777 	nul_terminated_buf = true;
778 
779 	/* KEYCTL_INSTANTIATE */
780 	buf_in_arg = true;
781 
782 	do_keyctl(ARG_STR(KEYCTL_INSTANTIATE),
783 		  sizeof(int32_t), 0, NULL, "%d",
784 		  sizeof(char *), ARG_STR(NULL), ptr_fmt,
785 		  sizeof(kernel_ulong_t),
786 			(kernel_ulong_t) 0xfeedf157badc0dedLLU, NULL, ksize_fmt,
787 		  sizeof(int32_t), 0, NULL, "%d");
788 	do_keyctl(ARG_STR(KEYCTL_INSTANTIATE),
789 		  sizeof(int32_t), bogus_key1, NULL, "%d",
790 		  sizeof(char *), (char *) 0xfffffacefffffeedULL, NULL, ptr_fmt,
791 		  sizeof(kernel_ulong_t),
792 			(kernel_ulong_t) 0xdeadfeedLLU, NULL, ksize_fmt,
793 		  sizeof(int32_t), bogus_key1, NULL, "%d");
794 	do_keyctl(ARG_STR(KEYCTL_INSTANTIATE),
795 		  sizeof(int32_t), bogus_key2, NULL, "%d",
796 		  sizeof(char *), bogus_str, NULL, ptr_fmt,
797 		  sizeof(kernel_ulong_t),
798 			(kernel_ulong_t) 32LLU, NULL, ksize_fmt,
799 		  sizeof(int32_t), bogus_key2, NULL, "%d");
800 	do_keyctl(ARG_STR(KEYCTL_INSTANTIATE),
801 		  sizeof(kernel_ulong_t), bogus_key3, bogus_key3_str, NULL,
802 		  sizeof(short_type_str), short_desc, NULL, NULL,
803 		  sizeof(kernel_ulong_t),
804 			(kernel_ulong_t) sizeof(short_type_str) - 1, NULL,
805 			ksize_fmt,
806 		  sizeof(kernel_ulong_t), bogus_key3, bogus_key3_str, NULL);
807 	do_keyctl(ARG_STR(KEYCTL_INSTANTIATE),
808 		  sizeof(int32_t), XARG_STR(KEY_SPEC_GROUP_KEYRING), NULL,
809 		  sizeof(long_type_str), long_desc, NULL, NULL,
810 		  sizeof(kernel_ulong_t),
811 			(kernel_ulong_t) sizeof(long_type_str), NULL, ksize_fmt,
812 		  sizeof(int32_t), XARG_STR(KEY_SPEC_GROUP_KEYRING), NULL);
813 
814 	buf_in_arg = false;
815 
816 
817 	/* KEYCTL_NEGATE */
818 	do_keyctl(ARG_STR(KEYCTL_NEGATE),
819 		  sizeof(int32_t), 0, NULL, "%d",
820 		  sizeof(uint32_t), 0, NULL, "%u",
821 		  sizeof(int32_t), 0, NULL, "%d",
822 		  0UL);
823 	do_keyctl(ARG_STR(KEYCTL_NEGATE),
824 		  sizeof(int32_t), bogus_key1, NULL, "%d",
825 		  sizeof(uint32_t), 3141592653U, NULL, "%u",
826 		  sizeof(int32_t), bogus_key1, NULL, "%d",
827 		  0UL);
828 	do_keyctl(ARG_STR(KEYCTL_NEGATE),
829 		  sizeof(int32_t), bogus_key2, NULL, "%d",
830 		  sizeof(kernel_ulong_t),
831 			(kernel_ulong_t) 0xfeedf157badc0dedLLU, "3134983661",
832 			NULL,
833 		  sizeof(int32_t), bogus_key2, NULL, "%d",
834 		  0UL);
835 	do_keyctl(ARG_STR(KEYCTL_NEGATE),
836 		  sizeof(kernel_ulong_t), bogus_key3, bogus_key3_str, NULL,
837 		  sizeof(kernel_ulong_t),
838 		  (kernel_ulong_t) 0xfeedf157badc0dedLLU, "3134983661", NULL,
839 		  sizeof(kernel_ulong_t), bogus_key3, bogus_key3_str, NULL,
840 		  0UL);
841 
842 
843 	/* KEYCTL_SET_REQKEY_KEYRING */
844 	do_keyctl(ARG_STR(KEYCTL_SET_REQKEY_KEYRING),
845 		  sizeof(int32_t), XARG_STR(KEY_REQKEY_DEFL_NO_CHANGE), NULL,
846 		  0UL);
847 	/*
848 	 * Keep it commented out until proper way of faking syscalls is not
849 	 * implemented.
850 	 */
851 	/* do_keyctl(ARG_STR(KEYCTL_SET_REQKEY_KEYRING),
852 		  sizeof(int32_t),
853 		  XARG_STR(KEY_REQKEY_DEFL_REQUESTOR_KEYRING), NULL, 0UL); */
854 	do_keyctl(ARG_STR(KEYCTL_SET_REQKEY_KEYRING),
855 		  sizeof(kernel_ulong_t),
856 		  (kernel_ulong_t) 0xfeedf157badc0dedLLU,
857 		  "-1159983635"
858 #if !XLAT_RAW
859 		  " /* KEY_REQKEY_DEFL_??? */"
860 #endif
861 		  , NULL, 0UL);
862 
863 
864 	/* KEYCTL_SET_TIMEOUT */
865 	do_keyctl(ARG_STR(KEYCTL_SET_TIMEOUT),
866 		  sizeof(int32_t), 0, NULL, "%d",
867 		  sizeof(uint32_t), 0, NULL, "%u",
868 		  0UL);
869 	do_keyctl(ARG_STR(KEYCTL_SET_TIMEOUT),
870 		  sizeof(int32_t), bogus_key1, NULL, "%d",
871 		  sizeof(uint32_t), 3141592653U, NULL, "%u",
872 		  0UL);
873 	do_keyctl(ARG_STR(KEYCTL_SET_TIMEOUT),
874 		  sizeof(kernel_ulong_t), bogus_key3, bogus_key3_str, NULL,
875 		  sizeof(kernel_ulong_t),
876 			(kernel_ulong_t) 0xfeedf157badc0dedLLU, "3134983661",
877 			NULL,
878 		  0UL);
879 
880 
881 	/* KEYCTL_ASSUME_AUTHORITY */
882 	do_keyctl(ARG_STR(KEYCTL_ASSUME_AUTHORITY),
883 		  sizeof(int32_t), XARG_STR(KEY_SPEC_GROUP_KEYRING), NULL,
884 		  0UL);
885 	do_keyctl(ARG_STR(KEYCTL_ASSUME_AUTHORITY),
886 		  sizeof(int32_t), bogus_key1, NULL, "%d",
887 		  0UL);
888 	do_keyctl(ARG_STR(KEYCTL_ASSUME_AUTHORITY),
889 		  sizeof(int32_t), bogus_key2, NULL, "%d",
890 		  0UL);
891 	do_keyctl(ARG_STR(KEYCTL_ASSUME_AUTHORITY),
892 		  sizeof(kernel_ulong_t), bogus_key3, bogus_key3_str, NULL,
893 		  0UL);
894 
895 
896 	/* KEYCTL_GET_SECURITY */
897 	do_keyctl(ARG_STR(KEYCTL_GET_SECURITY),
898 		  sizeof(int32_t), bogus_key1, NULL, "%d",
899 		  sizeof(char *), ARG_STR(NULL), ptr_fmt,
900 		  sizeof(uint32_t), 0xbadc0dedU, NULL, "%u",
901 		  0UL);
902 	do_keyctl(ARG_STR(KEYCTL_GET_SECURITY),
903 		  sizeof(kernel_ulong_t), bogus_key3, bogus_key3_str, NULL,
904 		  sizeof(char *), ARG_STR(NULL), ptr_fmt,
905 		  sizeof(kernel_ulong_t),
906 			(kernel_ulong_t) 0xfeedf157badc0dedLLU, NULL, ksize_fmt,
907 		  0UL);
908 	do_keyctl(ARG_STR(KEYCTL_GET_SECURITY),
909 		  sizeof(int32_t), XARG_STR(KEY_SPEC_THREAD_KEYRING), NULL,
910 		  (size_t) 9, (uintptr_t) bogus_buf1, NULL, NULL,
911 		  sizeof(kernel_ulong_t), (kernel_ulong_t) 9, NULL, ksize_fmt,
912 		  0UL);
913 	do_keyctl(ARG_STR(KEYCTL_GET_SECURITY),
914 		  sizeof(int32_t), XARG_STR(KEY_SPEC_THREAD_KEYRING), NULL,
915 		  (size_t) 256, (uintptr_t) bogus_buf2, NULL, NULL,
916 		  sizeof(kernel_ulong_t), (kernel_ulong_t) 256, NULL, ksize_fmt,
917 		  0UL);
918 	do_keyctl(ARG_STR(KEYCTL_GET_SECURITY),
919 		  sizeof(int32_t), XARG_STR(KEY_SPEC_THREAD_KEYRING), NULL,
920 		  (size_t) -4, (uintptr_t) bogus_buf2, NULL, NULL,
921 		  sizeof(kernel_ulong_t), (kernel_ulong_t) -4, NULL, ksize_fmt,
922 		  0UL);
923 
924 
925 	/* KEYCTL_SESSION_TO_PARENT */
926 	do_keyctl(ARG_STR(KEYCTL_SESSION_TO_PARENT), 0UL);
927 
928 
929 	/* KEYCTL_REJECT */
930 	do_keyctl(ARG_STR(KEYCTL_REJECT),
931 		  sizeof(int32_t), 0, NULL, "%d",
932 		  sizeof(uint32_t), 0, NULL, "%u",
933 		  sizeof(uint32_t), 0, NULL, "%u",
934 		  sizeof(int32_t), 0, NULL, "%d");
935 	do_keyctl(ARG_STR(KEYCTL_REJECT),
936 		  sizeof(int32_t), bogus_key1, NULL, "%d",
937 		  sizeof(uint32_t), 3141592653U, NULL, "%u",
938 		  sizeof(uint32_t), 2718281828U, NULL, "%u",
939 		  sizeof(int32_t), bogus_key1, NULL, "%d");
940 	do_keyctl(ARG_STR(KEYCTL_REJECT),
941 		  sizeof(int32_t), bogus_key2, NULL, "%d",
942 		  sizeof(kernel_ulong_t),
943 			(kernel_ulong_t) 0xdeadca75facef157LLU, "4207866199",
944 			NULL,
945 		  sizeof(kernel_ulong_t),
946 			(kernel_ulong_t) 0xfeedf157badc0dedLLU, "3134983661",
947 			NULL,
948 		  sizeof(int32_t), bogus_key2, NULL, "%d");
949 	do_keyctl(ARG_STR(KEYCTL_REJECT),
950 		  sizeof(kernel_ulong_t), bogus_key3, bogus_key3_str, NULL,
951 		  sizeof(kernel_ulong_t),
952 			(kernel_ulong_t) 0xfeedf157badc0dedLLU, "3134983661",
953 			NULL,
954 		  sizeof(uint32_t), XARG_STR(ENODEV), NULL,
955 		  sizeof(kernel_ulong_t), bogus_key3, bogus_key3_str, NULL);
956 
957 
958 	/* KEYCTL_INSTANTIATE_IOV */
959 	do_keyctl(ARG_STR(KEYCTL_INSTANTIATE_IOV),
960 		  sizeof(int32_t), 0, NULL, "%d",
961 		  sizeof(char *), ARG_STR(NULL), ptr_fmt,
962 		  sizeof(kernel_ulong_t),
963 			(kernel_ulong_t) 0xfeedf157badc0dedLLU, NULL, ksize_fmt,
964 		  sizeof(int32_t), 0, NULL, "%d");
965 	do_keyctl(ARG_STR(KEYCTL_INSTANTIATE_IOV),
966 		  sizeof(int32_t), bogus_key1, NULL, "%d",
967 		  sizeof(char *), (char *) 0xfffffacefffffeedULL, NULL, ptr_fmt,
968 		  sizeof(kernel_ulong_t), (kernel_ulong_t) 0xdeadfeedLLU, NULL,
969 			ksize_fmt,
970 		  sizeof(int32_t), bogus_key1, NULL, "%d");
971 	do_keyctl(ARG_STR(KEYCTL_INSTANTIATE_IOV),
972 		  sizeof(int32_t), bogus_key2, NULL, "%d",
973 		  sizeof(char *), key_iov + IOV_SIZE, NULL, ptr_fmt,
974 		  sizeof(kernel_ulong_t), (kernel_ulong_t) 32LLU, NULL,
975 			ksize_fmt,
976 		  sizeof(int32_t), bogus_key2, NULL, "%d");
977 	do_keyctl(ARG_STR(KEYCTL_INSTANTIATE_IOV),
978 		  sizeof(kernel_ulong_t), bogus_key3, bogus_key3_str, NULL,
979 		  sizeof(key_iov), key_iov + IOV_SIZE - 4, key_iov_str1, NULL,
980 		  sizeof(kernel_ulong_t), (kernel_ulong_t) 4, NULL,
981 			  ksize_fmt,
982 		  sizeof(kernel_ulong_t), bogus_key3, bogus_key3_str, NULL);
983 	do_keyctl(ARG_STR(KEYCTL_INSTANTIATE_IOV),
984 		  sizeof(int32_t), XARG_STR(KEY_SPEC_GROUP_KEYRING), NULL,
985 		  sizeof(key_iov), key_iov, key_iov_str2, NULL,
986 		  sizeof(kernel_ulong_t), (kernel_ulong_t) IOV_SIZE, NULL,
987 			ksize_fmt,
988 		  sizeof(int32_t), XARG_STR(KEY_SPEC_GROUP_KEYRING), NULL);
989 
990 
991 	/* KEYCTL_INVALIDATE */
992 	do_keyctl(ARG_STR(KEYCTL_INVALIDATE),
993 		  sizeof(int32_t), XARG_STR(KEY_SPEC_GROUP_KEYRING), NULL,
994 		  0UL);
995 	do_keyctl(ARG_STR(KEYCTL_INVALIDATE),
996 		  sizeof(int32_t), bogus_key1, NULL, "%d",
997 		  0UL);
998 	do_keyctl(ARG_STR(KEYCTL_INVALIDATE),
999 		  sizeof(int32_t), bogus_key2, NULL, "%d",
1000 		  0UL);
1001 	do_keyctl(ARG_STR(KEYCTL_INVALIDATE),
1002 		  sizeof(kernel_ulong_t), bogus_key3, bogus_key3_str, NULL,
1003 		  0UL);
1004 
1005 
1006 	/* KEYCTL_GET_PERSISTENT */
1007 	do_keyctl(ARG_STR(KEYCTL_GET_PERSISTENT),
1008 		  sizeof(uid_t), ARG_STR(-1), NULL,
1009 		  sizeof(int32_t), XARG_STR(KEY_SPEC_GROUP_KEYRING), NULL,
1010 		  0UL);
1011 	do_keyctl(ARG_STR(KEYCTL_GET_PERSISTENT),
1012 		  sizeof(uid_t), 2718281828U, NULL, "%u",
1013 		  sizeof(int32_t), bogus_key1, NULL, "%d",
1014 		  0UL);
1015 	do_keyctl(ARG_STR(KEYCTL_GET_PERSISTENT),
1016 		  sizeof(uid_t), 2718281828U, NULL, "%u",
1017 		  sizeof(kernel_ulong_t), bogus_key3, bogus_key3_str, NULL,
1018 		  0UL);
1019 
1020 
1021 	/* KEYCTL_DH_COMPUTE */
1022 	nul_terminated_buf = false;
1023 
1024 	/* Empty result is expected for these */
1025 	bogus_buf1[0] = '\377';
1026 	bogus_buf2[0] = '\377';
1027 
1028 	do_keyctl(ARG_STR(KEYCTL_DH_COMPUTE),
1029 		  sizeof(char *), ARG_STR(NULL), ptr_fmt,
1030 		  sizeof(char *), ARG_STR(NULL), ptr_fmt,
1031 		  sizeof(kernel_ulong_t),
1032 			(kernel_ulong_t) 0xfeedf157badc0dedLLU, NULL, ksize_fmt,
1033 		  sizeof(char *), ARG_STR(NULL), ptr_fmt);
1034 	do_keyctl(ARG_STR(KEYCTL_DH_COMPUTE),
1035 		  sizeof(char *), kcdhp + 1, NULL, ptr_fmt,
1036 		  sizeof(char *), (char *) 0xfffff157ffffdeadULL, NULL, ptr_fmt,
1037 		  sizeof(kernel_ulong_t),
1038 			(kernel_ulong_t) 0xfeedf157badc0dedLLU, NULL, ksize_fmt,
1039 		  sizeof(char *), ARG_STR(NULL), ptr_fmt);
1040 	do_keyctl(ARG_STR(KEYCTL_DH_COMPUTE),
1041 		  sizeof(kcdhp), kcdhp, kcdhp_str, NULL,
1042 		  (size_t) 9, (uintptr_t) bogus_buf1, NULL, NULL,
1043 		  sizeof(kernel_ulong_t), (kernel_ulong_t) 9, NULL, ksize_fmt,
1044 		  sizeof(char *), ARG_STR(NULL), ptr_fmt);
1045 	do_keyctl(ARG_STR(KEYCTL_DH_COMPUTE),
1046 		  sizeof(kcdhp), kcdhp, kcdhp_str, NULL,
1047 		  (size_t) 256, (uintptr_t) bogus_buf2, NULL, NULL,
1048 		  sizeof(kernel_ulong_t), (kernel_ulong_t) 256, NULL, ksize_fmt,
1049 		  sizeof(char *), ARG_STR(NULL), ptr_fmt);
1050 	do_keyctl(ARG_STR(KEYCTL_DH_COMPUTE),
1051 		  sizeof(kcdhp), kcdhp, kcdhp_str, NULL,
1052 		  (size_t) -1, (uintptr_t) bogus_buf2, NULL, NULL,
1053 		  sizeof(kernel_ulong_t), (kernel_ulong_t) -1, NULL, ksize_fmt,
1054 		  sizeof(char *), kckdfp_char + 1, NULL, ptr_fmt);
1055 
1056 	/* KEYCTL_DH_COMPUTE + KDF */
1057 
1058 	for (i = 0; i < ARRAY_SIZE(kckdfp_data); i++) {
1059 		struct keyctl_kdf_params *kckdfp =
1060 			(struct keyctl_kdf_params *) kckdfp_char;
1061 		bool deref_hash = true;
1062 		bool deref_opts = true;
1063 		bool print_spare = false;
1064 		const char *hash_str = NULL;
1065 		const char *oi_str = NULL;
1066 
1067 		memcpy(kckdfp, kckdfp_data + i, sizeof(kckdfp_data[i]));
1068 
1069 		switch (i) {
1070 		case 1:
1071 			deref_hash = false;
1072 			print_spare = true;
1073 			kckdfp->hashname =
1074 				kckdfp_short_hash + sizeof(short_hash_data);
1075 			break;
1076 		case 2:
1077 			deref_opts = false;
1078 			kckdfp->hashname = kckdfp_long_hash;
1079 			kckdfp->otherinfo =
1080 				kckdfp_otherinfo1 + sizeof(otherinfo1_data);
1081 			break;
1082 		case 3:
1083 			deref_opts = false;
1084 			deref_hash = false;
1085 			print_spare = true;
1086 			kckdfp->hashname = bogus_str;
1087 			kckdfp->otherinfo = kckdfp_otherinfo1;
1088 			break;
1089 		case 4:
1090 			oi_str = "\"\\1\\2 OH HAI \"...";
1091 			print_spare = true;
1092 			kckdfp->hashname = kckdfp_short_hash;
1093 			kckdfp->otherinfo = kckdfp_otherinfo1;
1094 			break;
1095 		case 5:
1096 			oi_str = "\"\\1\\2\\n\\255\\0\\1\\0\"";
1097 			kckdfp->hashname = kckdfp_short_hash;
1098 			kckdfp->otherinfo = kckdfp_otherinfo2;
1099 			break;
1100 		}
1101 
1102 		do_keyctl(ARG_STR(KEYCTL_DH_COMPUTE),
1103 			  sizeof(kcdhp), kcdhp, kcdhp_str, NULL,
1104 			  (size_t) -1, (uintptr_t) bogus_buf2, NULL, NULL,
1105 			  sizeof(kernel_ulong_t), (kernel_ulong_t) -1, NULL,
1106 				ksize_fmt,
1107 			  sizeof(kckdfp), kckdfp_char,
1108 				kckdfp_to_str(kckdfp, deref_hash, deref_opts,
1109 					      print_spare, hash_str, oi_str),
1110 				NULL);
1111 	}
1112 
1113 	nul_terminated_buf = true;
1114 
1115 	puts("+++ exited with 0 +++");
1116 
1117 	return 0;
1118 }
1119 
1120 #else
1121 
1122 SKIP_MAIN_UNDEFINED("__NR_keyctl");
1123 
1124 #endif
1125