diff options
author | David Howells <dhowells@redhat.com> | 2011-03-07 10:06:20 -0500 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2011-03-07 19:17:22 -0500 |
commit | ee009e4a0d4555ed522a631bae9896399674f064 (patch) | |
tree | ee309fb4a98d9e7792cec99935c2d33652b3f440 /Documentation | |
parent | fdd1b94581782a2ddf9124414e5b7a5f48ce2f9c (diff) |
KEYS: Add an iovec version of KEYCTL_INSTANTIATE
Add a keyctl op (KEYCTL_INSTANTIATE_IOV) that is like KEYCTL_INSTANTIATE, but
takes an iovec array and concatenates the data in-kernel into one buffer.
Since the KEYCTL_INSTANTIATE copies the data anyway, this isn't too much of a
problem.
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'Documentation')
-rw-r--r-- | Documentation/keys.txt | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/Documentation/keys.txt b/Documentation/keys.txt index a6a97fdfaddd..6523a9e6f293 100644 --- a/Documentation/keys.txt +++ b/Documentation/keys.txt | |||
@@ -637,6 +637,9 @@ The keyctl syscall functions are: | |||
637 | long keyctl(KEYCTL_INSTANTIATE, key_serial_t key, | 637 | long keyctl(KEYCTL_INSTANTIATE, key_serial_t key, |
638 | const void *payload, size_t plen, | 638 | const void *payload, size_t plen, |
639 | key_serial_t keyring); | 639 | key_serial_t keyring); |
640 | long keyctl(KEYCTL_INSTANTIATE_IOV, key_serial_t key, | ||
641 | const struct iovec *payload_iov, unsigned ioc, | ||
642 | key_serial_t keyring); | ||
640 | 643 | ||
641 | If the kernel calls back to userspace to complete the instantiation of a | 644 | If the kernel calls back to userspace to complete the instantiation of a |
642 | key, userspace should use this call to supply data for the key before the | 645 | key, userspace should use this call to supply data for the key before the |
@@ -652,6 +655,9 @@ The keyctl syscall functions are: | |||
652 | 655 | ||
653 | The payload and plen arguments describe the payload data as for add_key(). | 656 | The payload and plen arguments describe the payload data as for add_key(). |
654 | 657 | ||
658 | The payload_iov and ioc arguments describe the payload data in an iovec | ||
659 | array instead of a single buffer. | ||
660 | |||
655 | 661 | ||
656 | (*) Negatively instantiate a partially constructed key. | 662 | (*) Negatively instantiate a partially constructed key. |
657 | 663 | ||
@@ -1244,10 +1250,11 @@ hand the request off to (perhaps a path held in placed in another key by, for | |||
1244 | example, the KDE desktop manager). | 1250 | example, the KDE desktop manager). |
1245 | 1251 | ||
1246 | The program (or whatever it calls) should finish construction of the key by | 1252 | The program (or whatever it calls) should finish construction of the key by |
1247 | calling KEYCTL_INSTANTIATE, which also permits it to cache the key in one of | 1253 | calling KEYCTL_INSTANTIATE or KEYCTL_INSTANTIATE_IOV, which also permits it to |
1248 | the keyrings (probably the session ring) before returning. Alternatively, the | 1254 | cache the key in one of the keyrings (probably the session ring) before |
1249 | key can be marked as negative with KEYCTL_NEGATE or KEYCTL_REJECT; this also | 1255 | returning. Alternatively, the key can be marked as negative with KEYCTL_NEGATE |
1250 | permits the key to be cached in one of the keyrings. | 1256 | or KEYCTL_REJECT; this also permits the key to be cached in one of the |
1257 | keyrings. | ||
1251 | 1258 | ||
1252 | If it returns with the key remaining in the unconstructed state, the key will | 1259 | If it returns with the key remaining in the unconstructed state, the key will |
1253 | be marked as being negative, it will be added to the session keyring, and an | 1260 | be marked as being negative, it will be added to the session keyring, and an |