Lines Matching full:be
6 user mappings, and similar to be cached in the kernel for the use of
13 The key service can be configured on by enabling:
46 * Each key is of a defined "type". Types must be registered inside the
48 can be added or used. Userspace programs cannot define new types directly.
51 number of operations that can be performed on a key of that type.
53 Should a type be removed from the system, all the keys of that type will
54 be invalidated.
56 * Each key has a description. This should be a printable string. The key
62 whether a kernel service will be able to find the key.
64 * Each key can be set to expire at a specific time by the key type's
65 instantiation function. Keys can also be immortal.
72 Having a payload is not required; and the payload can, in fact, just be a
80 permitted, another key type operation will be called to convert the key's
83 * Each key can be in one of a number of basic states:
86 Keys being requested from userspace will be in this state.
93 a throttle on key lookups. A negative key can be updated to a normal
97 they traverse to this state. An expired key can be updated back to a
100 * Revoked. A key is put in this state by userspace action. It can't be
119 lists can be modified using various system calls. Keyrings should not
120 be given a payload when created.
125 blobs of data. These can be created, updated and read by userspace,
134 The description can be arbitrary, but must be prefixed with a non-zero
137 be created and updated from userspace, but the payload is only
166 will be subscribed to the default session key for the new UID.
169 it will be subscribed to the default for its current UID.
173 amount of description and payload space that can be consumed.
192 userspace to request a key that can't be found in a process's keyrings.
194 * An optional filesystem is available through which the key database can be
207 This permits a key or keyring's attributes to be viewed - including key
212 This permits a key's payload to be viewed or a keyring's list of linked
217 This permits a key's payload to be instantiated or updated, or it allows a
218 link to be added to or removed from a keyring.
222 This permits keyrings to be searched and keys to be found. Searches can
227 This permits a key or keyring to be linked to. To create a link from a
233 This permits a key's UID, GID and permissions mask to be changed.
243 controls can be applied to keys created within various contexts. This support
251 security context, then the key will be assigned that context. Otherwise, the
252 key will be assigned the current context of the task that invoked the key
253 creation request. Tasks must be granted explicit permission to assign a
257 The default keyrings associated with users will be labeled with the default
260 be labeled with the context of the login program itself.
282 information about it may be given.
389 type. The process must also have permission to write to the key to be able
395 to the keyring. In this case, an error will be generated if the process
402 The payload is optional, and the pointer can be NULL if not required by
403 the type. The payload is plen in size, and plen can be zero for an empty
406 A new keyring can be generated by setting type "keyring", the keyring name
409 User defined keys can be created by specifying type "user". It is
432 If a key cannot be found, and if callout_info is not NULL, then
433 /sbin/request-key will be invoked in an attempt to obtain a key. The
434 callout_info string will be passed as an argument to the program.
454 If the key does not yet exist, the key will be created if "create" is
455 non-zero; and the error ENOKEY will be returned if "create" is zero.
483 type. The process must also have permission to write to the key to be able
486 The payload is of length plen, and may be absent or empty as for
495 use the key will be met with error EKEYREVOKED, and the key will no longer
496 be findable.
503 This function permits a key's owner and group ID to be changed. Either one
504 of uid or gid can be set to -1 to suppress that change.
520 error EINVAL will be returned.
536 A process must have view permission on the key for this function to be
547 This can be parsed with::
557 process must have write permission on the keyring, and it must be a
560 This function can also be used to clear special kernel keyrings if they
573 Should the keyring not be a keyring, error ENOTDIR will result; and if the
580 type and description will be discarded from the keyring as the new one is
598 such a key will be replaced.
600 A process must have link permission on the key for this function to be
614 is not present, error ENOENT will be the result.
629 permission on will be recursed into, and only keys and keyrings for which
630 a process has search permission can be matched. If the specified keyring
637 Error ENOKEY, EKEYREVOKED or EKEYEXPIRED will be returned if the search
638 fails. On success, the resulting key ID will be returned.
650 The returned data will be processed for presentation by the key type. For
657 will be returned. Note that in this case, the contents of the buffer may
674 invoked process returns, or else the key will be marked negative
677 The process must have write access on the key to be able to instantiate
678 it, and the key must be uninstantiated.
680 If a keyring is specified (non-zero), the key will also be linked into
701 The process must have write access on the key to be able to instantiate
702 it, and the key must be uninstantiated.
704 If a keyring is specified (non-zero), the key will also be linked into
717 This sets the default keyring to which implicitly requested keys will be
718 attached for this thread. reqkey_defl should be one of these constants::
731 The old default will be returned if successful and error EINVAL will be
734 The default keyring can be overridden by the keyring indicated to the
748 This sets or clears the timeout on a key. The timeout can be 0 to clear
753 timeout. Timeouts may not be set with this function on negative, revoked
762 specified key. Authority can only be assumed if the thread has the
770 If the requested authority is unavailable, error EPERM will be returned,
774 If the specified key is 0, then any assumed authority will be divested.
794 in force then an empty string will be returned.
796 A process must have view permission on the key for this function to be
811 mustn't deny permission, otherwise error EPERM will be returned.
813 Error ENOMEM will be returned if there was insufficient memory to complete
814 the operation, otherwise 0 will be returned to indicate success.
816 The keyring will be replaced next time the parent process leaves the
833 A process must have search permission on the key for this function to be
858 - The buffer length must be at least the length of the prime, or zero.
878 The otherinfo pointer may be NULL if no OtherInfo shall be used.
881 supported, error ENOKEY if the key could not be found, or error
897 to. It may be empty or may already have keys linked. Existing linked keys
902 "restriction" is a string describing how key linkage is to be restricted.
907 later unregistered, no keys may be added to the keyring after the key type
911 permission and the keyring must not be previously restricted.
927 encodings may be queried by using the ``params`` argument. This is a
947 ``max_*_size`` indicate the maximum sizes in bytes of a blob of data to be
948 signed, a signature blob, a blob to be encrypted and a blob to be
951 ``__spare[]`` must be set to 0. This is intended for future use to hand
986 only need the public parts to be available, but for decryption and signing
997 ``key_id`` is the ID of the asymmetric key to be used. ``in_len`` and
1015 can be "pkcs1" for RSASSA-PKCS1-v1.5 or
1022 which hash function was used, the hash function can be
1025 The ``__spare[]`` space in the parameter block must be set to 0. This is
1041 "key" is the ID of the key to be watched.
1044 which manages the buffer into which notifications will be delivered.
1051 Note that only one watch may be emplaced for any particular { key,
1062 In this, watch::type will be "WATCH_TYPE_KEY_NOTIFY" and subtype will be
1080 If a watched key is deleted, a basic watch_notification will be issued
1082 watch_meta_removal_notification. The watchpoint ID will be set in the
1085 This needs to be configured by enabling:
1094 be broken down into two areas: keys and key types.
1099 filesystem or device file, a search would probably be performed during the open
1104 To access the key manager, the following header must be #included::
1108 Specific key types should have a header file under include/keys/ that should be
1109 used to access that type. For keys of type "user", for example, that would be::
1113 Note that there are two different types of pointers to keys that may be
1118 This simply points to the key structure itself. Key structures will be at
1135 possession information (which must be true or false).
1140 When accessing a key's payload contents, certain precautions must be taken to
1153 not NULL, then /sbin/request-key will be invoked in an attempt to obtain
1154 the key from userspace. In that case, callout_string will be passed as an
1157 Should the function fail error ENOKEY, EKEYEXPIRED or EKEYREVOKED will be
1173 This is identical to request_key(), except that a domain tag may be
1175 tag. The domain_tag may be NULL, specifying a global domain that is
1190 callout_info is a blob of length callout_len, if given (the length may be
1205 * When it is no longer required, the key should be released using::
1213 These can be called from interrupt context. If CONFIG_KEYS is not set then
1214 the argument will not be parsed.
1217 * Extra references can be made to a key by calling one of the following
1223 Keys so references will need to be disposed of by calling key_put() when
1224 they've been finished with. The key pointer passed in will be returned.
1227 then the key will not be dereferenced and no increment will take place.
1230 * A key's serial number can be obtained by calling::
1234 If key is NULL or if CONFIG_KEYS is not set then 0 will be returned (in the
1238 * If a keyring was found in the search, this can be further searched by::
1248 key will need to be released.
1255 * A keyring can be created by::
1265 is not NULL, the new keyring will be linked into the keyring to which it
1268 Error EDQUOT can be returned if the keyring would overload the quota (pass
1269 KEY_ALLOC_NOT_IN_QUOTA in flags if the keyring shouldn't be accounted
1270 towards the user's quota). Error ENOMEM can also be returned.
1273 the function that will be called each time an attempt is made to link a
1276 may be added into the keyring or not. The key type is used by the garbage
1282 - provided they can be verified by a key the kernel already has.
1284 When called, the restriction function will be passed the keyring being
1285 added to, the key type, the payload of the key being added, and data to be
1294 * To check the validity of a key, this function can be called::
1299 revoked. Should the key be invalid, error EKEYEXPIRED or EKEYREVOKED will
1300 be returned. If the key is NULL or if CONFIG_KEYS is not set then 0 will be
1304 * To register a key type, the following function should be called::
1317 Under some circumstances, it may be desirable to deal with a bundle of keys.
1322 This can be used with a function such as request_key() to find a specific
1323 keyring in a process's keyrings. A keyring thus found can then be searched
1334 More complex payload contents must be allocated and pointers to them set in the
1335 key->payload.data[] array. One of the following ways must be selected to
1341 be accessed without any form of locking, provided that it's known to be
1342 instantiated (uninstantiated keys cannot be "found").
1346 The semaphore could be used to govern access to the payload and to control
1347 the payload pointer. It must be write-locked for modifications and would
1348 have to be read-locked for general access. The disadvantage of doing this
1349 is that the accessor may be required to sleep.
1353 RCU must be used when the semaphore isn't already held; if the semaphore
1355 semaphore must still be used to serialise modifications to the key. The
1371 the payload. key->datalen cannot be relied upon to be consistent with the
1420 The data length (and quota) on a particular key can always be changed
1425 With the revised data length. Error EDQUOT will be returned if this is not
1452 the payload blob parameters; quotalen will be filled in with the default
1453 quota size from the key type; expiry will be set to TIME_T_MAX and the
1454 rest will be cleared.
1456 If a description can be proposed from the payload contents, that should be
1457 attached as a string to the description field. This will be used for the
1462 time will be applied to the key if it is instantiated from this data.
1473 preparse() method. It will always be called after preparse() returns
1484 blob. If preparse() was supplied then other fields may be filled in also.
1487 keytype->def_datalen, then key_payload_reserve() should be called.
1503 If this type of key can be updated, then this method should be provided.
1507 blob. If preparse() was supplied then other fields may be filled in also.
1509 key_payload_reserve() should be called if the data length might change
1512 memory allocation must be done first.
1516 be made under RCU conditions, and call_rcu() must be used to dispose of
1519 key_payload_reserve() should be called before the changes are made, but
1528 This method is optional. It is called when a key search is about to be
1539 On entry, raw_data will be pointing to the criteria to be used in matching
1540 a key by the caller and should not be modified. ``(*cmp)()`` will be pointing
1542 against raw_data) and lookup_type will be set to indicate a direct lookup.
1550 keys in the keyring until one is matched. This must be used for any
1558 If preparsed is set, it may be necessary to use the match_free() method to
1565 locks will be held over it.
1567 If match_preparse() is not provided, keys of this type will be matched
1583 It is safe to sleep in this method, though care should be taken to avoid
1604 This method will be called with the RCU read lock held. rcu_dereference()
1605 should be used to read the payload pointer if the payload is to be
1606 accessed. key->datalen cannot be trusted to stay consistent with the
1619 Ideally, the blob should be in the same format as that passed in to the
1622 If successful, the blob size that could be produced should be returned
1625 This method will be called with the key's semaphore read-locked. This will
1639 the key to be operated upon and the operation type (currently only
1643 following function must be called under all circumstances to complete the
1649 The error parameter should be 0 on success, -ve on error. The
1651 will be revoked. If an error is indicated, the key under construction
1652 will be negatively instantiated if it wasn't already instantiated.
1654 If this method returns an error, that error will be returned to the
1655 caller of request_key*(). complete_request_key() must be called prior to
1658 The key under construction and the authorisation key can be found in the
1686 These methods are optional. If provided the first allows a key to be
1705 This includes the key to be used; a string indicating the encoding to use
1706 (for instance, "pkcs1" may be used with an RSA key to indicate
1710 buffers; and the ID of the operation to be performed.
1730 digest algorithm - the name of which should be supplied in hash_algo.
1738 will be validated. Depending on the encoding, the digest algorithm used
1739 to generate the raw data may need to be indicated in hash_algo.
1744 A variety of errors may be returned, including EOPNOTSUPP if the operation
1755 public or asymmetric key held in the key to be determined.
1758 are unused. The encoding and hash_algo fields should be used to reduce
1785 If successful, 0 will be returned. If the key doesn't support this,
1786 EOPNOTSUPP will be returned.
1799 keyrings from the process that caused the search to be issued. These are
1802 1 There may be an authentication token in one of the keyrings that is
1805 2 The new key should probably be cached in one of these rings.
1815 returning. Alternatively, the key can be marked as negative with KEYCTL_NEGATE
1816 or KEYCTL_REJECT; this also permits the key to be cached in one of the
1820 be marked as being negative, it will be added to the session keyring, and an
1821 error will be returned to the key requestor.
1823 Supplementary information may be provided from whoever or whatever invoked this
1824 service. This will be passed as the <callout_info> parameter. If no such
1825 information was made available, then "-" will be passed as this parameter
1842 Dead keys (for which the type has been removed) will be automatically unlinked
1846 Similarly, revoked and expired keys will be garbage collected, but only after a