aboutsummaryrefslogtreecommitdiffstats
path: root/Documentation/security/keys.txt
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2012-10-02 14:24:56 -0400
committerDavid Howells <dhowells@redhat.com>2012-10-02 14:24:56 -0400
commitf8aa23a55f813c9bddec2a6176e0e67274e6e7c1 (patch)
tree1b1927cedb4f1d769fac19242f3a365c84e40cec /Documentation/security/keys.txt
parent96b5c8fea6c0861621051290d705ec2e971963f1 (diff)
KEYS: Use keyring_alloc() to create special keyrings
Use keyring_alloc() to create special keyrings now that it has a permissions parameter rather than using key_alloc() + key_instantiate_and_link(). Also document and export keyring_alloc() so that modules can use it too. Signed-off-by: David Howells <dhowells@redhat.com>
Diffstat (limited to 'Documentation/security/keys.txt')
-rw-r--r--Documentation/security/keys.txt17
1 files changed, 17 insertions, 0 deletions
diff --git a/Documentation/security/keys.txt b/Documentation/security/keys.txt
index aa0dbd74b71b..a4f9125c0333 100644
--- a/Documentation/security/keys.txt
+++ b/Documentation/security/keys.txt
@@ -990,6 +990,23 @@ payload contents" for more information.
990 reference pointer if successful. 990 reference pointer if successful.
991 991
992 992
993(*) A keyring can be created by:
994
995 struct key *keyring_alloc(const char *description, uid_t uid, gid_t gid,
996 const struct cred *cred,
997 key_perm_t perm,
998 unsigned long flags,
999 struct key *dest);
1000
1001 This creates a keyring with the given attributes and returns it. If dest
1002 is not NULL, the new keyring will be linked into the keyring to which it
1003 points. No permission checks are made upon the destination keyring.
1004
1005 Error EDQUOT can be returned if the keyring would overload the quota (pass
1006 KEY_ALLOC_NOT_IN_QUOTA in flags if the keyring shouldn't be accounted
1007 towards the user's quota). Error ENOMEM can also be returned.
1008
1009
993(*) To check the validity of a key, this function can be called: 1010(*) To check the validity of a key, this function can be called:
994 1011
995 int validate_key(struct key *key); 1012 int validate_key(struct key *key);