aboutsummaryrefslogtreecommitdiffstats
path: root/Documentation
diff options
context:
space:
mode:
Diffstat (limited to 'Documentation')
-rw-r--r--Documentation/keys-request-key.txt9
-rw-r--r--Documentation/keys.txt28
2 files changed, 29 insertions, 8 deletions
diff --git a/Documentation/keys-request-key.txt b/Documentation/keys-request-key.txt
index 09b55e461740..69686ad12c66 100644
--- a/Documentation/keys-request-key.txt
+++ b/Documentation/keys-request-key.txt
@@ -127,14 +127,15 @@ This is because process A's keyrings can't simply be attached to
127of them, and (b) it requires the same UID/GID/Groups all the way through. 127of them, and (b) it requires the same UID/GID/Groups all the way through.
128 128
129 129
130====================== 130====================================
131NEGATIVE INSTANTIATION 131NEGATIVE INSTANTIATION AND REJECTION
132====================== 132====================================
133 133
134Rather than instantiating a key, it is possible for the possessor of an 134Rather than instantiating a key, it is possible for the possessor of an
135authorisation key to negatively instantiate a key that's under construction. 135authorisation key to negatively instantiate a key that's under construction.
136This is a short duration placeholder that causes any attempt at re-requesting 136This is a short duration placeholder that causes any attempt at re-requesting
137the key whilst it exists to fail with error ENOKEY. 137the key whilst it exists to fail with error ENOKEY if negated or the specified
138error if rejected.
138 139
139This is provided to prevent excessive repeated spawning of /sbin/request-key 140This is provided to prevent excessive repeated spawning of /sbin/request-key
140processes for a key that will never be obtainable. 141processes for a key that will never be obtainable.
diff --git a/Documentation/keys.txt b/Documentation/keys.txt
index e4dbbdb1bd96..6523a9e6f293 100644
--- a/Documentation/keys.txt
+++ b/Documentation/keys.txt
@@ -637,6 +637,9 @@ The keyctl syscall functions are:
637 long keyctl(KEYCTL_INSTANTIATE, key_serial_t key, 637 long keyctl(KEYCTL_INSTANTIATE, key_serial_t key,
638 const void *payload, size_t plen, 638 const void *payload, size_t plen,
639 key_serial_t keyring); 639 key_serial_t keyring);
640 long keyctl(KEYCTL_INSTANTIATE_IOV, key_serial_t key,
641 const struct iovec *payload_iov, unsigned ioc,
642 key_serial_t keyring);
640 643
641 If the kernel calls back to userspace to complete the instantiation of a 644 If the kernel calls back to userspace to complete the instantiation of a
642 key, userspace should use this call to supply data for the key before the 645 key, userspace should use this call to supply data for the key before the
@@ -652,11 +655,16 @@ The keyctl syscall functions are:
652 655
653 The payload and plen arguments describe the payload data as for add_key(). 656 The payload and plen arguments describe the payload data as for add_key().
654 657
658 The payload_iov and ioc arguments describe the payload data in an iovec
659 array instead of a single buffer.
660
655 661
656 (*) Negatively instantiate a partially constructed key. 662 (*) Negatively instantiate a partially constructed key.
657 663
658 long keyctl(KEYCTL_NEGATE, key_serial_t key, 664 long keyctl(KEYCTL_NEGATE, key_serial_t key,
659 unsigned timeout, key_serial_t keyring); 665 unsigned timeout, key_serial_t keyring);
666 long keyctl(KEYCTL_REJECT, key_serial_t key,
667 unsigned timeout, unsigned error, key_serial_t keyring);
660 668
661 If the kernel calls back to userspace to complete the instantiation of a 669 If the kernel calls back to userspace to complete the instantiation of a
662 key, userspace should use this call mark the key as negative before the 670 key, userspace should use this call mark the key as negative before the
@@ -669,6 +677,10 @@ The keyctl syscall functions are:
669 that keyring, however all the constraints applying in KEYCTL_LINK apply in 677 that keyring, however all the constraints applying in KEYCTL_LINK apply in
670 this case too. 678 this case too.
671 679
680 If the key is rejected, future searches for it will return the specified
681 error code until the rejected key expires. Negating the key is the same
682 as rejecting the key with ENOKEY as the error code.
683
672 684
673 (*) Set the default request-key destination keyring. 685 (*) Set the default request-key destination keyring.
674 686
@@ -1062,6 +1074,13 @@ The structure has a number of fields, some of which are mandatory:
1062 viable. 1074 viable.
1063 1075
1064 1076
1077 (*) int (*vet_description)(const char *description);
1078
1079 This optional method is called to vet a key description. If the key type
1080 doesn't approve of the key description, it may return an error, otherwise
1081 it should return 0.
1082
1083
1065 (*) int (*instantiate)(struct key *key, const void *data, size_t datalen); 1084 (*) int (*instantiate)(struct key *key, const void *data, size_t datalen);
1066 1085
1067 This method is called to attach a payload to a key during construction. 1086 This method is called to attach a payload to a key during construction.
@@ -1231,10 +1250,11 @@ hand the request off to (perhaps a path held in placed in another key by, for
1231example, the KDE desktop manager). 1250example, the KDE desktop manager).
1232 1251
1233The program (or whatever it calls) should finish construction of the key by 1252The program (or whatever it calls) should finish construction of the key by
1234calling KEYCTL_INSTANTIATE, which also permits it to cache the key in one of 1253calling KEYCTL_INSTANTIATE or KEYCTL_INSTANTIATE_IOV, which also permits it to
1235the keyrings (probably the session ring) before returning. Alternatively, the 1254cache the key in one of the keyrings (probably the session ring) before
1236key can be marked as negative with KEYCTL_NEGATE; this also permits the key to 1255returning. Alternatively, the key can be marked as negative with KEYCTL_NEGATE
1237be cached in one of the keyrings. 1256or KEYCTL_REJECT; this also permits the key to be cached in one of the
1257keyrings.
1238 1258
1239If it returns with the key remaining in the unconstructed state, the key will 1259If it returns with the key remaining in the unconstructed state, the key will
1240be marked as being negative, it will be added to the session keyring, and an 1260be marked as being negative, it will be added to the session keyring, and an