diff options
Diffstat (limited to 'Documentation')
-rw-r--r-- | Documentation/keys.txt | 74 |
1 files changed, 55 insertions, 19 deletions
diff --git a/Documentation/keys.txt b/Documentation/keys.txt index 0321ded4b9ae..b22e7c8d059a 100644 --- a/Documentation/keys.txt +++ b/Documentation/keys.txt | |||
@@ -195,8 +195,8 @@ KEY ACCESS PERMISSIONS | |||
195 | ====================== | 195 | ====================== |
196 | 196 | ||
197 | Keys have an owner user ID, a group access ID, and a permissions mask. The mask | 197 | Keys have an owner user ID, a group access ID, and a permissions mask. The mask |
198 | has up to eight bits each for user, group and other access. Only five of each | 198 | has up to eight bits each for possessor, user, group and other access. Only |
199 | set of eight bits are defined. These permissions granted are: | 199 | five of each set of eight bits are defined. These permissions granted are: |
200 | 200 | ||
201 | (*) View | 201 | (*) View |
202 | 202 | ||
@@ -241,16 +241,16 @@ about the status of the key service: | |||
241 | type, description and permissions. The payload of the key is not available | 241 | type, description and permissions. The payload of the key is not available |
242 | this way: | 242 | this way: |
243 | 243 | ||
244 | SERIAL FLAGS USAGE EXPY PERM UID GID TYPE DESCRIPTION: SUMMARY | 244 | SERIAL FLAGS USAGE EXPY PERM UID GID TYPE DESCRIPTION: SUMMARY |
245 | 00000001 I----- 39 perm 1f0000 0 0 keyring _uid_ses.0: 1/4 | 245 | 00000001 I----- 39 perm 1f1f0000 0 0 keyring _uid_ses.0: 1/4 |
246 | 00000002 I----- 2 perm 1f0000 0 0 keyring _uid.0: empty | 246 | 00000002 I----- 2 perm 1f1f0000 0 0 keyring _uid.0: empty |
247 | 00000007 I----- 1 perm 1f0000 0 0 keyring _pid.1: empty | 247 | 00000007 I----- 1 perm 1f1f0000 0 0 keyring _pid.1: empty |
248 | 0000018d I----- 1 perm 1f0000 0 0 keyring _pid.412: empty | 248 | 0000018d I----- 1 perm 1f1f0000 0 0 keyring _pid.412: empty |
249 | 000004d2 I--Q-- 1 perm 1f0000 32 -1 keyring _uid.32: 1/4 | 249 | 000004d2 I--Q-- 1 perm 1f1f0000 32 -1 keyring _uid.32: 1/4 |
250 | 000004d3 I--Q-- 3 perm 1f0000 32 -1 keyring _uid_ses.32: empty | 250 | 000004d3 I--Q-- 3 perm 1f1f0000 32 -1 keyring _uid_ses.32: empty |
251 | 00000892 I--QU- 1 perm 1f0000 0 0 user metal:copper: 0 | 251 | 00000892 I--QU- 1 perm 1f000000 0 0 user metal:copper: 0 |
252 | 00000893 I--Q-N 1 35s 1f0000 0 0 user metal:silver: 0 | 252 | 00000893 I--Q-N 1 35s 1f1f0000 0 0 user metal:silver: 0 |
253 | 00000894 I--Q-- 1 10h 1f0000 0 0 user metal:gold: 0 | 253 | 00000894 I--Q-- 1 10h 001f0000 0 0 user metal:gold: 0 |
254 | 254 | ||
255 | The flags are: | 255 | The flags are: |
256 | 256 | ||
@@ -637,6 +637,34 @@ call, and the key released upon close. How to deal with conflicting keys due to | |||
637 | two different users opening the same file is left to the filesystem author to | 637 | two different users opening the same file is left to the filesystem author to |
638 | solve. | 638 | solve. |
639 | 639 | ||
640 | Note that there are two different types of pointers to keys that may be | ||
641 | encountered: | ||
642 | |||
643 | (*) struct key * | ||
644 | |||
645 | This simply points to the key structure itself. Key structures will be at | ||
646 | least four-byte aligned. | ||
647 | |||
648 | (*) key_ref_t | ||
649 | |||
650 | This is equivalent to a struct key *, but the least significant bit is set | ||
651 | if the caller "possesses" the key. By "possession" it is meant that the | ||
652 | calling processes has a searchable link to the key from one of its | ||
653 | keyrings. There are three functions for dealing with these: | ||
654 | |||
655 | key_ref_t make_key_ref(const struct key *key, | ||
656 | unsigned long possession); | ||
657 | |||
658 | struct key *key_ref_to_ptr(const key_ref_t key_ref); | ||
659 | |||
660 | unsigned long is_key_possessed(const key_ref_t key_ref); | ||
661 | |||
662 | The first function constructs a key reference from a key pointer and | ||
663 | possession information (which must be 0 or 1 and not any other value). | ||
664 | |||
665 | The second function retrieves the key pointer from a reference and the | ||
666 | third retrieves the possession flag. | ||
667 | |||
640 | When accessing a key's payload contents, certain precautions must be taken to | 668 | When accessing a key's payload contents, certain precautions must be taken to |
641 | prevent access vs modification races. See the section "Notes on accessing | 669 | prevent access vs modification races. See the section "Notes on accessing |
642 | payload contents" for more information. | 670 | payload contents" for more information. |
@@ -665,7 +693,11 @@ payload contents" for more information. | |||
665 | 693 | ||
666 | void key_put(struct key *key); | 694 | void key_put(struct key *key); |
667 | 695 | ||
668 | This can be called from interrupt context. If CONFIG_KEYS is not set then | 696 | Or: |
697 | |||
698 | void key_ref_put(key_ref_t key_ref); | ||
699 | |||
700 | These can be called from interrupt context. If CONFIG_KEYS is not set then | ||
669 | the argument will not be parsed. | 701 | the argument will not be parsed. |
670 | 702 | ||
671 | 703 | ||
@@ -689,13 +721,17 @@ payload contents" for more information. | |||
689 | 721 | ||
690 | (*) If a keyring was found in the search, this can be further searched by: | 722 | (*) If a keyring was found in the search, this can be further searched by: |
691 | 723 | ||
692 | struct key *keyring_search(struct key *keyring, | 724 | key_ref_t keyring_search(key_ref_t keyring_ref, |
693 | const struct key_type *type, | 725 | const struct key_type *type, |
694 | const char *description) | 726 | const char *description) |
695 | 727 | ||
696 | This searches the keyring tree specified for a matching key. Error ENOKEY | 728 | This searches the keyring tree specified for a matching key. Error ENOKEY |
697 | is returned upon failure. If successful, the returned key will need to be | 729 | is returned upon failure (use IS_ERR/PTR_ERR to determine). If successful, |
698 | released. | 730 | the returned key will need to be released. |
731 | |||
732 | The possession attribute from the keyring reference is used to control | ||
733 | access through the permissions mask and is propagated to the returned key | ||
734 | reference pointer if successful. | ||
699 | 735 | ||
700 | 736 | ||
701 | (*) To check the validity of a key, this function can be called: | 737 | (*) To check the validity of a key, this function can be called: |
@@ -732,7 +768,7 @@ More complex payload contents must be allocated and a pointer to them set in | |||
732 | key->payload.data. One of the following ways must be selected to access the | 768 | key->payload.data. One of the following ways must be selected to access the |
733 | data: | 769 | data: |
734 | 770 | ||
735 | (1) Unmodifyable key type. | 771 | (1) Unmodifiable key type. |
736 | 772 | ||
737 | If the key type does not have a modify method, then the key's payload can | 773 | If the key type does not have a modify method, then the key's payload can |
738 | be accessed without any form of locking, provided that it's known to be | 774 | be accessed without any form of locking, provided that it's known to be |