diff options
Diffstat (limited to 'Documentation/keys.txt')
| -rw-r--r-- | Documentation/keys.txt | 61 |
1 files changed, 42 insertions, 19 deletions
diff --git a/Documentation/keys.txt b/Documentation/keys.txt index 31154882000a..aaa01b0e3ee9 100644 --- a/Documentation/keys.txt +++ b/Documentation/keys.txt | |||
| @@ -308,6 +308,8 @@ process making the call: | |||
| 308 | KEY_SPEC_USER_KEYRING -4 UID-specific keyring | 308 | KEY_SPEC_USER_KEYRING -4 UID-specific keyring |
| 309 | KEY_SPEC_USER_SESSION_KEYRING -5 UID-session keyring | 309 | KEY_SPEC_USER_SESSION_KEYRING -5 UID-session keyring |
| 310 | KEY_SPEC_GROUP_KEYRING -6 GID-specific keyring | 310 | KEY_SPEC_GROUP_KEYRING -6 GID-specific keyring |
| 311 | KEY_SPEC_REQKEY_AUTH_KEY -7 assumed request_key() | ||
| 312 | authorisation key | ||
| 311 | 313 | ||
| 312 | 314 | ||
| 313 | The main syscalls are: | 315 | The main syscalls are: |
| @@ -498,7 +500,11 @@ The keyctl syscall functions are: | |||
| 498 | keyring is full, error ENFILE will result. | 500 | keyring is full, error ENFILE will result. |
| 499 | 501 | ||
| 500 | The link procedure checks the nesting of the keyrings, returning ELOOP if | 502 | The link procedure checks the nesting of the keyrings, returning ELOOP if |
| 501 | it appears to deep or EDEADLK if the link would introduce a cycle. | 503 | it appears too deep or EDEADLK if the link would introduce a cycle. |
| 504 | |||
| 505 | Any links within the keyring to keys that match the new key in terms of | ||
| 506 | type and description will be discarded from the keyring as the new one is | ||
| 507 | added. | ||
| 502 | 508 | ||
| 503 | 509 | ||
| 504 | (*) Unlink a key or keyring from another keyring: | 510 | (*) Unlink a key or keyring from another keyring: |
| @@ -628,6 +634,41 @@ The keyctl syscall functions are: | |||
| 628 | there is one, otherwise the user default session keyring. | 634 | there is one, otherwise the user default session keyring. |
| 629 | 635 | ||
| 630 | 636 | ||
| 637 | (*) Set the timeout on a key. | ||
| 638 | |||
| 639 | long keyctl(KEYCTL_SET_TIMEOUT, key_serial_t key, unsigned timeout); | ||
| 640 | |||
| 641 | This sets or clears the timeout on a key. The timeout can be 0 to clear | ||
| 642 | the timeout or a number of seconds to set the expiry time that far into | ||
| 643 | the future. | ||
| 644 | |||
| 645 | The process must have attribute modification access on a key to set its | ||
| 646 | timeout. Timeouts may not be set with this function on negative, revoked | ||
| 647 | or expired keys. | ||
| 648 | |||
| 649 | |||
| 650 | (*) Assume the authority granted to instantiate a key | ||
| 651 | |||
| 652 | long keyctl(KEYCTL_ASSUME_AUTHORITY, key_serial_t key); | ||
| 653 | |||
| 654 | This assumes or divests the authority required to instantiate the | ||
| 655 | specified key. Authority can only be assumed if the thread has the | ||
| 656 | authorisation key associated with the specified key in its keyrings | ||
| 657 | somewhere. | ||
| 658 | |||
| 659 | Once authority is assumed, searches for keys will also search the | ||
| 660 | requester's keyrings using the requester's security label, UID, GID and | ||
| 661 | groups. | ||
| 662 | |||
| 663 | If the requested authority is unavailable, error EPERM will be returned, | ||
| 664 | likewise if the authority has been revoked because the target key is | ||
| 665 | already instantiated. | ||
| 666 | |||
| 667 | If the specified key is 0, then any assumed authority will be divested. | ||
| 668 | |||
| 669 | The assumed authorititive key is inherited across fork and exec. | ||
| 670 | |||
| 671 | |||
| 631 | =============== | 672 | =============== |
| 632 | KERNEL SERVICES | 673 | KERNEL SERVICES |
| 633 | =============== | 674 | =============== |
| @@ -860,24 +901,6 @@ The structure has a number of fields, some of which are mandatory: | |||
| 860 | It is safe to sleep in this method. | 901 | It is safe to sleep in this method. |
| 861 | 902 | ||
| 862 | 903 | ||
| 863 | (*) int (*duplicate)(struct key *key, const struct key *source); | ||
| 864 | |||
| 865 | If this type of key can be duplicated, then this method should be | ||
| 866 | provided. It is called to copy the payload attached to the source into the | ||
| 867 | new key. The data length on the new key will have been updated and the | ||
| 868 | quota adjusted already. | ||
| 869 | |||
| 870 | This method will be called with the source key's semaphore read-locked to | ||
| 871 | prevent its payload from being changed, thus RCU constraints need not be | ||
| 872 | applied to the source key. | ||
| 873 | |||
| 874 | This method does not have to lock the destination key in order to attach a | ||
| 875 | payload. The fact that KEY_FLAG_INSTANTIATED is not set in key->flags | ||
| 876 | prevents anything else from gaining access to the key. | ||
| 877 | |||
| 878 | It is safe to sleep in this method. | ||
| 879 | |||
| 880 | |||
| 881 | (*) int (*update)(struct key *key, const void *data, size_t datalen); | 904 | (*) int (*update)(struct key *key, const void *data, size_t datalen); |
| 882 | 905 | ||
| 883 | If this type of key can be updated, then this method should be provided. | 906 | If this type of key can be updated, then this method should be provided. |