diff options
Diffstat (limited to 'Documentation')
-rw-r--r-- | Documentation/keys-request-key.txt | 9 | ||||
-rw-r--r-- | Documentation/keys.txt | 28 |
2 files changed, 29 insertions, 8 deletions
diff --git a/Documentation/keys-request-key.txt b/Documentation/keys-request-key.txt index 09b55e461740..69686ad12c66 100644 --- a/Documentation/keys-request-key.txt +++ b/Documentation/keys-request-key.txt | |||
@@ -127,14 +127,15 @@ This is because process A's keyrings can't simply be attached to | |||
127 | of them, and (b) it requires the same UID/GID/Groups all the way through. | 127 | of them, and (b) it requires the same UID/GID/Groups all the way through. |
128 | 128 | ||
129 | 129 | ||
130 | ====================== | 130 | ==================================== |
131 | NEGATIVE INSTANTIATION | 131 | NEGATIVE INSTANTIATION AND REJECTION |
132 | ====================== | 132 | ==================================== |
133 | 133 | ||
134 | Rather than instantiating a key, it is possible for the possessor of an | 134 | Rather than instantiating a key, it is possible for the possessor of an |
135 | authorisation key to negatively instantiate a key that's under construction. | 135 | authorisation key to negatively instantiate a key that's under construction. |
136 | This is a short duration placeholder that causes any attempt at re-requesting | 136 | This is a short duration placeholder that causes any attempt at re-requesting |
137 | the key whilst it exists to fail with error ENOKEY. | 137 | the key whilst it exists to fail with error ENOKEY if negated or the specified |
138 | error if rejected. | ||
138 | 139 | ||
139 | This is provided to prevent excessive repeated spawning of /sbin/request-key | 140 | This is provided to prevent excessive repeated spawning of /sbin/request-key |
140 | processes for a key that will never be obtainable. | 141 | processes for a key that will never be obtainable. |
diff --git a/Documentation/keys.txt b/Documentation/keys.txt index e4dbbdb1bd96..6523a9e6f293 100644 --- a/Documentation/keys.txt +++ b/Documentation/keys.txt | |||
@@ -637,6 +637,9 @@ The keyctl syscall functions are: | |||
637 | long keyctl(KEYCTL_INSTANTIATE, key_serial_t key, | 637 | long keyctl(KEYCTL_INSTANTIATE, key_serial_t key, |
638 | const void *payload, size_t plen, | 638 | const void *payload, size_t plen, |
639 | key_serial_t keyring); | 639 | key_serial_t keyring); |
640 | long keyctl(KEYCTL_INSTANTIATE_IOV, key_serial_t key, | ||
641 | const struct iovec *payload_iov, unsigned ioc, | ||
642 | key_serial_t keyring); | ||
640 | 643 | ||
641 | If the kernel calls back to userspace to complete the instantiation of a | 644 | If the kernel calls back to userspace to complete the instantiation of a |
642 | key, userspace should use this call to supply data for the key before the | 645 | key, userspace should use this call to supply data for the key before the |
@@ -652,11 +655,16 @@ The keyctl syscall functions are: | |||
652 | 655 | ||
653 | The payload and plen arguments describe the payload data as for add_key(). | 656 | The payload and plen arguments describe the payload data as for add_key(). |
654 | 657 | ||
658 | The payload_iov and ioc arguments describe the payload data in an iovec | ||
659 | array instead of a single buffer. | ||
660 | |||
655 | 661 | ||
656 | (*) Negatively instantiate a partially constructed key. | 662 | (*) Negatively instantiate a partially constructed key. |
657 | 663 | ||
658 | long keyctl(KEYCTL_NEGATE, key_serial_t key, | 664 | long keyctl(KEYCTL_NEGATE, key_serial_t key, |
659 | unsigned timeout, key_serial_t keyring); | 665 | unsigned timeout, key_serial_t keyring); |
666 | long keyctl(KEYCTL_REJECT, key_serial_t key, | ||
667 | unsigned timeout, unsigned error, key_serial_t keyring); | ||
660 | 668 | ||
661 | If the kernel calls back to userspace to complete the instantiation of a | 669 | If the kernel calls back to userspace to complete the instantiation of a |
662 | key, userspace should use this call mark the key as negative before the | 670 | key, userspace should use this call mark the key as negative before the |
@@ -669,6 +677,10 @@ The keyctl syscall functions are: | |||
669 | that keyring, however all the constraints applying in KEYCTL_LINK apply in | 677 | that keyring, however all the constraints applying in KEYCTL_LINK apply in |
670 | this case too. | 678 | this case too. |
671 | 679 | ||
680 | If the key is rejected, future searches for it will return the specified | ||
681 | error code until the rejected key expires. Negating the key is the same | ||
682 | as rejecting the key with ENOKEY as the error code. | ||
683 | |||
672 | 684 | ||
673 | (*) Set the default request-key destination keyring. | 685 | (*) Set the default request-key destination keyring. |
674 | 686 | ||
@@ -1062,6 +1074,13 @@ The structure has a number of fields, some of which are mandatory: | |||
1062 | viable. | 1074 | viable. |
1063 | 1075 | ||
1064 | 1076 | ||
1077 | (*) int (*vet_description)(const char *description); | ||
1078 | |||
1079 | This optional method is called to vet a key description. If the key type | ||
1080 | doesn't approve of the key description, it may return an error, otherwise | ||
1081 | it should return 0. | ||
1082 | |||
1083 | |||
1065 | (*) int (*instantiate)(struct key *key, const void *data, size_t datalen); | 1084 | (*) int (*instantiate)(struct key *key, const void *data, size_t datalen); |
1066 | 1085 | ||
1067 | This method is called to attach a payload to a key during construction. | 1086 | This method is called to attach a payload to a key during construction. |
@@ -1231,10 +1250,11 @@ hand the request off to (perhaps a path held in placed in another key by, for | |||
1231 | example, the KDE desktop manager). | 1250 | example, the KDE desktop manager). |
1232 | 1251 | ||
1233 | The program (or whatever it calls) should finish construction of the key by | 1252 | The program (or whatever it calls) should finish construction of the key by |
1234 | calling KEYCTL_INSTANTIATE, which also permits it to cache the key in one of | 1253 | calling KEYCTL_INSTANTIATE or KEYCTL_INSTANTIATE_IOV, which also permits it to |
1235 | the keyrings (probably the session ring) before returning. Alternatively, the | 1254 | cache the key in one of the keyrings (probably the session ring) before |
1236 | key can be marked as negative with KEYCTL_NEGATE; this also permits the key to | 1255 | returning. Alternatively, the key can be marked as negative with KEYCTL_NEGATE |
1237 | be cached in one of the keyrings. | 1256 | or KEYCTL_REJECT; this also permits the key to be cached in one of the |
1257 | keyrings. | ||
1238 | 1258 | ||
1239 | If it returns with the key remaining in the unconstructed state, the key will | 1259 | If it returns with the key remaining in the unconstructed state, the key will |
1240 | be marked as being negative, it will be added to the session keyring, and an | 1260 | be marked as being negative, it will be added to the session keyring, and an |