1 files changed, 23 insertions, 1 deletions
diff --git a/Documentation/keys.txt b/Documentation/keys.txt
index be424b02437d..d5c7a57d1700 100644
--- a/Documentation/keys.txt
+++ b/Documentation/keys.txt
@@ -170,7 +170,8 @@ The key service provides a number of features besides keys:
     amount of description and payload space that can be consumed.
     The user can view information on this and other statistics through procfs
-     files.
+     files.  The root user may also alter the quota limits through sysctl files
+     (see the section "New procfs files").
     Process-specific and thread-specific keyrings are not counted towards a
     user's quota.
@@ -329,6 +330,27 @@ about the status of the key service:
        <bytes>/<max>           Key size quota
+Four new sysctl files have been added also for the purpose of controlling the
+quota limits on keys:
+ (*) /proc/sys/kernel/keys/root_maxkeys
+     /proc/sys/kernel/keys/root_maxbytes
+     These files hold the maximum number of keys that root may have and the
+     maximum total number of bytes of data that root may have stored in those
+     keys.
+ (*) /proc/sys/kernel/keys/maxkeys
+     /proc/sys/kernel/keys/maxbytes
+     These files hold the maximum number of keys that each non-root user may
+     have and the maximum total number of bytes of data that each of those
+     users may have stored in their keys.
+Root may alter these by writing each new limit as a decimal number string to
+the appropriate file.
 ===============================
 USERSPACE SYSTEM CALL INTERFACE
 ===============================

diff --git a/Documentation/keys.txt b/Documentation/keys.txt index be424b02437d..d5c7a57d1700 100644 --- a/Documentation/keys.txt +++ b/Documentation/keys.txt
@@ -170,7 +170,8 @@ The key service provides a number of features besides keys:
170	amount of description and payload space that can be consumed.	170	amount of description and payload space that can be consumed.
171		171
172	The user can view information on this and other statistics through procfs	172	The user can view information on this and other statistics through procfs
173	files.	173	files. The root user may also alter the quota limits through sysctl files
		174	(see the section "New procfs files").
174		175
175	Process-specific and thread-specific keyrings are not counted towards a	176	Process-specific and thread-specific keyrings are not counted towards a
176	user's quota.	177	user's quota.
@@ -329,6 +330,27 @@ about the status of the key service:
329	<bytes>/<max> Key size quota	330	<bytes>/<max> Key size quota
330		331
331		332
		333	Four new sysctl files have been added also for the purpose of controlling the
		334	quota limits on keys:
		335
		336	(*) /proc/sys/kernel/keys/root_maxkeys
		337	/proc/sys/kernel/keys/root_maxbytes
		338
		339	These files hold the maximum number of keys that root may have and the
		340	maximum total number of bytes of data that root may have stored in those
		341	keys.
		342
		343	(*) /proc/sys/kernel/keys/maxkeys
		344	/proc/sys/kernel/keys/maxbytes
		345
		346	These files hold the maximum number of keys that each non-root user may
		347	have and the maximum total number of bytes of data that each of those
		348	users may have stored in their keys.
		349
		350	Root may alter these by writing each new limit as a decimal number string to
		351	the appropriate file.
		352
		353
332	===============================	354	===============================
333	USERSPACE SYSTEM CALL INTERFACE	355	USERSPACE SYSTEM CALL INTERFACE
334	===============================	356	===============================