diff options
| author | David Howells <dhowells@redhat.com> | 2014-09-16 12:36:09 -0400 |
|---|---|---|
| committer | David Howells <dhowells@redhat.com> | 2014-09-16 12:36:09 -0400 |
| commit | f93b3cc7b1e6f16aedd745a8edba64355383184c (patch) | |
| tree | 2bf5d5bf4e4115c5f0aae22a058ddf3ab05a74c6 | |
| parent | 0c903ab64feb0fe83eac9f67a06e2f5b9508de16 (diff) | |
KEYS: Update the keyrings documentation for match changes
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Vivek Goyal <vgoyal@redhat.com>
| -rw-r--r-- | Documentation/security/keys.txt | 65 |
1 files changed, 52 insertions, 13 deletions
diff --git a/Documentation/security/keys.txt b/Documentation/security/keys.txt index 8727c194ca16..821c936e1a63 100644 --- a/Documentation/security/keys.txt +++ b/Documentation/security/keys.txt | |||
| @@ -888,11 +888,11 @@ payload contents" for more information. | |||
| 888 | const char *callout_info); | 888 | const char *callout_info); |
| 889 | 889 | ||
| 890 | This is used to request a key or keyring with a description that matches | 890 | This is used to request a key or keyring with a description that matches |
| 891 | the description specified according to the key type's match function. This | 891 | the description specified according to the key type's match_preparse() |
| 892 | permits approximate matching to occur. If callout_string is not NULL, then | 892 | method. This permits approximate matching to occur. If callout_string is |
| 893 | /sbin/request-key will be invoked in an attempt to obtain the key from | 893 | not NULL, then /sbin/request-key will be invoked in an attempt to obtain |
| 894 | userspace. In that case, callout_string will be passed as an argument to | 894 | the key from userspace. In that case, callout_string will be passed as an |
| 895 | the program. | 895 | argument to the program. |
| 896 | 896 | ||
| 897 | Should the function fail error ENOKEY, EKEYEXPIRED or EKEYREVOKED will be | 897 | Should the function fail error ENOKEY, EKEYEXPIRED or EKEYREVOKED will be |
| 898 | returned. | 898 | returned. |
| @@ -1170,7 +1170,7 @@ The structure has a number of fields, some of which are mandatory: | |||
| 1170 | The method should return 0 if successful or a negative error code | 1170 | The method should return 0 if successful or a negative error code |
| 1171 | otherwise. | 1171 | otherwise. |
| 1172 | 1172 | ||
| 1173 | 1173 | ||
| 1174 | (*) void (*free_preparse)(struct key_preparsed_payload *prep); | 1174 | (*) void (*free_preparse)(struct key_preparsed_payload *prep); |
| 1175 | 1175 | ||
| 1176 | This method is only required if the preparse() method is provided, | 1176 | This method is only required if the preparse() method is provided, |
| @@ -1225,16 +1225,55 @@ The structure has a number of fields, some of which are mandatory: | |||
| 1225 | It is safe to sleep in this method. | 1225 | It is safe to sleep in this method. |
| 1226 | 1226 | ||
| 1227 | 1227 | ||
| 1228 | (*) int (*match)(const struct key *key, const void *desc); | 1228 | (*) int (*match_preparse)(struct key_match_data *match_data); |
| 1229 | |||
| 1230 | This method is optional. It is called when a key search is about to be | ||
| 1231 | performed. It is given the following structure: | ||
| 1229 | 1232 | ||
| 1230 | This method is called to match a key against a description. It should | 1233 | struct key_match_data { |
| 1231 | return non-zero if the two match, zero if they don't. | 1234 | bool (*cmp)(const struct key *key, |
| 1235 | const struct key_match_data *match_data); | ||
| 1236 | const void *raw_data; | ||
| 1237 | void *preparsed; | ||
| 1238 | unsigned lookup_type; | ||
| 1239 | }; | ||
| 1232 | 1240 | ||
| 1233 | This method should not need to lock the key in any way. The type and | 1241 | On entry, raw_data will be pointing to the criteria to be used in matching |
| 1234 | description can be considered invariant, and the payload should not be | 1242 | a key by the caller and should not be modified. (*cmp)() will be pointing |
| 1235 | accessed (the key may not yet be instantiated). | 1243 | to the default matcher function (which does an exact description match |
| 1244 | against raw_data) and lookup_type will be set to indicate a direct lookup. | ||
| 1236 | 1245 | ||
| 1237 | It is not safe to sleep in this method; the caller may hold spinlocks. | 1246 | The following lookup_type values are available: |
| 1247 | |||
| 1248 | [*] KEYRING_SEARCH_LOOKUP_DIRECT - A direct lookup hashes the type and | ||
| 1249 | description to narrow down the search to a small number of keys. | ||
| 1250 | |||
| 1251 | [*] KEYRING_SEARCH_LOOKUP_ITERATE - An iterative lookup walks all the | ||
| 1252 | keys in the keyring until one is matched. This must be used for any | ||
| 1253 | search that's not doing a simple direct match on the key description. | ||
| 1254 | |||
| 1255 | The method may set cmp to point to a function of its choice that does some | ||
| 1256 | other form of match, may set lookup_type to KEYRING_SEARCH_LOOKUP_ITERATE | ||
| 1257 | and may attach something to the preparsed pointer for use by (*cmp)(). | ||
| 1258 | (*cmp)() should return true if a key matches and false otherwise. | ||
| 1259 | |||
| 1260 | If preparsed is set, it may be necessary to use the match_free() method to | ||
| 1261 | clean it up. | ||
| 1262 | |||
| 1263 | The method should return 0 if successful or a negative error code | ||
| 1264 | otherwise. | ||
| 1265 | |||
| 1266 | It is permitted to sleep in this method, but (*cmp)() may not sleep as | ||
| 1267 | locks will be held over it. | ||
| 1268 | |||
| 1269 | If match_preparse() is not provided, keys of this type will be matched | ||
| 1270 | exactly by their description. | ||
| 1271 | |||
| 1272 | |||
| 1273 | (*) void (*match_free)(struct key_match_data *match_data); | ||
| 1274 | |||
| 1275 | This method is optional. If given, it called to clean up | ||
| 1276 | match_data->preparsed after a successful call to match_preparse(). | ||
| 1238 | 1277 | ||
| 1239 | 1278 | ||
| 1240 | (*) void (*revoke)(struct key *key); | 1279 | (*) void (*revoke)(struct key *key); |
