diff options
Diffstat (limited to 'Documentation/keys.txt')
-rw-r--r-- | Documentation/keys.txt | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/Documentation/keys.txt b/Documentation/keys.txt index 3df40c1fe15a..0321ded4b9ae 100644 --- a/Documentation/keys.txt +++ b/Documentation/keys.txt | |||
@@ -591,6 +591,37 @@ The keyctl syscall functions are: | |||
591 | this case too. | 591 | this case too. |
592 | 592 | ||
593 | 593 | ||
594 | (*) Set the default request-key destination keyring. | ||
595 | |||
596 | long keyctl(KEYCTL_SET_REQKEY_KEYRING, int reqkey_defl); | ||
597 | |||
598 | This sets the default keyring to which implicitly requested keys will be | ||
599 | attached for this thread. reqkey_defl should be one of these constants: | ||
600 | |||
601 | CONSTANT VALUE NEW DEFAULT KEYRING | ||
602 | ====================================== ====== ======================= | ||
603 | KEY_REQKEY_DEFL_NO_CHANGE -1 No change | ||
604 | KEY_REQKEY_DEFL_DEFAULT 0 Default[1] | ||
605 | KEY_REQKEY_DEFL_THREAD_KEYRING 1 Thread keyring | ||
606 | KEY_REQKEY_DEFL_PROCESS_KEYRING 2 Process keyring | ||
607 | KEY_REQKEY_DEFL_SESSION_KEYRING 3 Session keyring | ||
608 | KEY_REQKEY_DEFL_USER_KEYRING 4 User keyring | ||
609 | KEY_REQKEY_DEFL_USER_SESSION_KEYRING 5 User session keyring | ||
610 | KEY_REQKEY_DEFL_GROUP_KEYRING 6 Group keyring | ||
611 | |||
612 | The old default will be returned if successful and error EINVAL will be | ||
613 | returned if reqkey_defl is not one of the above values. | ||
614 | |||
615 | The default keyring can be overridden by the keyring indicated to the | ||
616 | request_key() system call. | ||
617 | |||
618 | Note that this setting is inherited across fork/exec. | ||
619 | |||
620 | [1] The default default is: the thread keyring if there is one, otherwise | ||
621 | the process keyring if there is one, otherwise the session keyring if | ||
622 | there is one, otherwise the user default session keyring. | ||
623 | |||
624 | |||
594 | =============== | 625 | =============== |
595 | KERNEL SERVICES | 626 | KERNEL SERVICES |
596 | =============== | 627 | =============== |
@@ -626,6 +657,9 @@ payload contents" for more information. | |||
626 | Should the function fail error ENOKEY, EKEYEXPIRED or EKEYREVOKED will be | 657 | Should the function fail error ENOKEY, EKEYEXPIRED or EKEYREVOKED will be |
627 | returned. | 658 | returned. |
628 | 659 | ||
660 | If successful, the key will have been attached to the default keyring for | ||
661 | implicitly obtained request-key keys, as set by KEYCTL_SET_REQKEY_KEYRING. | ||
662 | |||
629 | 663 | ||
630 | (*) When it is no longer required, the key should be released using: | 664 | (*) When it is no longer required, the key should be released using: |
631 | 665 | ||