1 files changed, 16 insertions, 11 deletions
diff --git a/Documentation/keys.txt b/Documentation/keys.txt
index 70e83cf664ae..61c0fad2fe2f 100644
--- a/Documentation/keys.txt
+++ b/Documentation/keys.txt
@@ -241,25 +241,30 @@ The security class "key" has been added to SELinux so that mandatory access
 controls can be applied to keys created within various contexts.  This support
 is preliminary, and is likely to change quite significantly in the near future.
 Currently, all of the basic permissions explained above are provided in SELinux
-as well; SE Linux is simply invoked after all basic permission checks have been
+as well; SELinux is simply invoked after all basic permission checks have been
 performed.
-Each key is labeled with the same context as the task to which it belongs.
+The value of the file /proc/self/attr/keycreate influences the labeling of
-Typically, this is the same task that was running when the key was created.
+newly-created keys.  If the contents of that file correspond to an SELinux
-The default keyrings are handled differently, but in a way that is very
+security context, then the key will be assigned that context.  Otherwise, the
-intuitive:
+key will be assigned the current context of the task that invoked the key
+creation request.  Tasks must be granted explicit permission to assign a
+particular context to newly-created keys, using the "create" permission in the
+key security class.
- (*) The user and user session keyrings that are created when the user logs in
+The default keyrings associated with users will be labeled with the default
-     are currently labeled with the context of the login manager.
+context of the user if and only if the login programs have been instrumented to
+properly initialize keycreate during the login process.  Otherwise, they will
- (*) The keyrings associated with new threads are each labeled with the context
+be labeled with the context of the login program itself.
-     of their associated thread, and both session and process keyrings are
-     handled similarly.
 Note, however, that the default keyrings associated with the root user are
 labeled with the default kernel context, since they are created early in the
 boot process, before root has a chance to log in.
+The keyrings associated with new threads are each labeled with the context of
+their associated thread, and both session and process keyrings are handled
+similarly.
 ================
 NEW PROCFS FILES

diff --git a/Documentation/keys.txt b/Documentation/keys.txt index 70e83cf664ae..61c0fad2fe2f 100644 --- a/Documentation/keys.txt +++ b/Documentation/keys.txt
@@ -241,25 +241,30 @@ The security class "key" has been added to SELinux so that mandatory access
241	controls can be applied to keys created within various contexts. This support	241	controls can be applied to keys created within various contexts. This support
242	is preliminary, and is likely to change quite significantly in the near future.	242	is preliminary, and is likely to change quite significantly in the near future.
243	Currently, all of the basic permissions explained above are provided in SELinux	243	Currently, all of the basic permissions explained above are provided in SELinux
244	as well; SE Linux is simply invoked after all basic permission checks have been	244	as well; SELinux is simply invoked after all basic permission checks have been
245	performed.	245	performed.
246		246
247	Each key is labeled with the same context as the task to which it belongs.	247	The value of the file /proc/self/attr/keycreate influences the labeling of
248	Typically, this is the same task that was running when the key was created.	248	newly-created keys. If the contents of that file correspond to an SELinux
249	The default keyrings are handled differently, but in a way that is very	249	security context, then the key will be assigned that context. Otherwise, the
250	intuitive:	250	key will be assigned the current context of the task that invoked the key
		251	creation request. Tasks must be granted explicit permission to assign a
		252	particular context to newly-created keys, using the "create" permission in the
		253	key security class.
251		254
252	(*) The user and user session keyrings that are created when the user logs in	255	The default keyrings associated with users will be labeled with the default
253	are currently labeled with the context of the login manager.	256	context of the user if and only if the login programs have been instrumented to
254		257	properly initialize keycreate during the login process. Otherwise, they will
255	(*) The keyrings associated with new threads are each labeled with the context	258	be labeled with the context of the login program itself.
256	of their associated thread, and both session and process keyrings are
257	handled similarly.
258		259
259	Note, however, that the default keyrings associated with the root user are	260	Note, however, that the default keyrings associated with the root user are
260	labeled with the default kernel context, since they are created early in the	261	labeled with the default kernel context, since they are created early in the
261	boot process, before root has a chance to log in.	262	boot process, before root has a chance to log in.
262		263
		264	The keyrings associated with new threads are each labeled with the context of
		265	their associated thread, and both session and process keyrings are handled
		266	similarly.
		267
263		268
264	================	269	================
265	NEW PROCFS FILES	270	NEW PROCFS FILES