diff options
Diffstat (limited to 'Documentation/security/keys.txt')
| -rw-r--r-- | Documentation/security/keys.txt | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/Documentation/security/keys.txt b/Documentation/security/keys.txt index d389acd31e19..aa0dbd74b71b 100644 --- a/Documentation/security/keys.txt +++ b/Documentation/security/keys.txt | |||
| @@ -805,6 +805,23 @@ The keyctl syscall functions are: | |||
| 805 | kernel and resumes executing userspace. | 805 | kernel and resumes executing userspace. |
| 806 | 806 | ||
| 807 | 807 | ||
| 808 | (*) Invalidate a key. | ||
| 809 | |||
| 810 | long keyctl(KEYCTL_INVALIDATE, key_serial_t key); | ||
| 811 | |||
| 812 | This function marks a key as being invalidated and then wakes up the | ||
| 813 | garbage collector. The garbage collector immediately removes invalidated | ||
| 814 | keys from all keyrings and deletes the key when its reference count | ||
| 815 | reaches zero. | ||
| 816 | |||
| 817 | Keys that are marked invalidated become invisible to normal key operations | ||
| 818 | immediately, though they are still visible in /proc/keys until deleted | ||
| 819 | (they're marked with an 'i' flag). | ||
| 820 | |||
| 821 | A process must have search permission on the key for this function to be | ||
| 822 | successful. | ||
| 823 | |||
| 824 | |||
| 808 | =============== | 825 | =============== |
| 809 | KERNEL SERVICES | 826 | KERNEL SERVICES |
| 810 | =============== | 827 | =============== |