diff options
author | David Howells <dhowells@redhat.com> | 2012-10-02 14:24:56 -0400 |
---|---|---|
committer | David Howells <dhowells@redhat.com> | 2012-10-02 14:24:56 -0400 |
commit | f8aa23a55f813c9bddec2a6176e0e67274e6e7c1 (patch) | |
tree | 1b1927cedb4f1d769fac19242f3a365c84e40cec /Documentation/security/keys.txt | |
parent | 96b5c8fea6c0861621051290d705ec2e971963f1 (diff) |
KEYS: Use keyring_alloc() to create special keyrings
Use keyring_alloc() to create special keyrings now that it has a permissions
parameter rather than using key_alloc() + key_instantiate_and_link().
Also document and export keyring_alloc() so that modules can use it too.
Signed-off-by: David Howells <dhowells@redhat.com>
Diffstat (limited to 'Documentation/security/keys.txt')
-rw-r--r-- | Documentation/security/keys.txt | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/Documentation/security/keys.txt b/Documentation/security/keys.txt index aa0dbd74b71b..a4f9125c0333 100644 --- a/Documentation/security/keys.txt +++ b/Documentation/security/keys.txt | |||
@@ -990,6 +990,23 @@ payload contents" for more information. | |||
990 | reference pointer if successful. | 990 | reference pointer if successful. |
991 | 991 | ||
992 | 992 | ||
993 | (*) A keyring can be created by: | ||
994 | |||
995 | struct key *keyring_alloc(const char *description, uid_t uid, gid_t gid, | ||
996 | const struct cred *cred, | ||
997 | key_perm_t perm, | ||
998 | unsigned long flags, | ||
999 | struct key *dest); | ||
1000 | |||
1001 | This creates a keyring with the given attributes and returns it. If dest | ||
1002 | is not NULL, the new keyring will be linked into the keyring to which it | ||
1003 | points. No permission checks are made upon the destination keyring. | ||
1004 | |||
1005 | Error EDQUOT can be returned if the keyring would overload the quota (pass | ||
1006 | KEY_ALLOC_NOT_IN_QUOTA in flags if the keyring shouldn't be accounted | ||
1007 | towards the user's quota). Error ENOMEM can also be returned. | ||
1008 | |||
1009 | |||
993 | (*) To check the validity of a key, this function can be called: | 1010 | (*) To check the validity of a key, this function can be called: |
994 | 1011 | ||
995 | int validate_key(struct key *key); | 1012 | int validate_key(struct key *key); |