diff options
Diffstat (limited to 'Documentation/keys.txt')
| -rw-r--r-- | Documentation/keys.txt | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/Documentation/keys.txt b/Documentation/keys.txt index b82d38de8b89..be424b02437d 100644 --- a/Documentation/keys.txt +++ b/Documentation/keys.txt | |||
| @@ -711,6 +711,27 @@ The keyctl syscall functions are: | |||
| 711 | The assumed authoritative key is inherited across fork and exec. | 711 | The assumed authoritative key is inherited across fork and exec. |
| 712 | 712 | ||
| 713 | 713 | ||
| 714 | (*) Get the LSM security context attached to a key. | ||
| 715 | |||
| 716 | long keyctl(KEYCTL_GET_SECURITY, key_serial_t key, char *buffer, | ||
| 717 | size_t buflen) | ||
| 718 | |||
| 719 | This function returns a string that represents the LSM security context | ||
| 720 | attached to a key in the buffer provided. | ||
| 721 | |||
| 722 | Unless there's an error, it always returns the amount of data it could | ||
| 723 | produce, even if that's too big for the buffer, but it won't copy more | ||
| 724 | than requested to userspace. If the buffer pointer is NULL then no copy | ||
| 725 | will take place. | ||
| 726 | |||
| 727 | A NUL character is included at the end of the string if the buffer is | ||
| 728 | sufficiently big. This is included in the returned count. If no LSM is | ||
| 729 | in force then an empty string will be returned. | ||
| 730 | |||
| 731 | A process must have view permission on the key for this function to be | ||
| 732 | successful. | ||
| 733 | |||
| 734 | |||
| 714 | =============== | 735 | =============== |
| 715 | KERNEL SERVICES | 736 | KERNEL SERVICES |
| 716 | =============== | 737 | =============== |