NAME¶
keyctl_assume_authority - Assume the authority to instantiate a key
keyctl_instantiate - Instantiate a key from flat data
keyctl_instantiate_iov - Instantiate a key from segmented data
keyctl_reject - Negatively instantiate a key specifying search error
keyctl_negate - Negatively instantiate a key
SYNOPSIS¶
#include <keyutils.h>
long keyctl_assume_authority(key_serial_t key);
long keyctl_instantiate(key_serial_t key, const void *payload,
size_t plen, key_serial_t keyring);
long keyctl_instantiate_iov(key_serial_t key,
const struct iovec *payload_iov, unsigned ioc,
key_serial_t keyring);
long keyctl_negate(key_serial_t key, unsigned timeout,
key_serial_t keyring);
long keyctl_reject(key_serial_t key, unsigned timeout,
unsigned error, key_serial_t keyring);
DESCRIPTION¶
keyctl_assume_authority() assumes the authority for the calling thread to
deal with and instantiate the specified uninstantiated
key.
The calling thread must have the appopriate authorisation key resident in one of
its keyrings for this to succeed, and that authority must not have been
revoked.
The authorising key is allocated by request_key() when it needs to invoke
userspace to generate a key for the requesting process. This is then attached
to one of the keyrings of the userspace process to which the task of
instantiating the key is given:
- requester -> request_key() -> instantiator
Calling this function modifies the way
request_key() works when called
thereafter by the calling (instantiator) thread; once the authority is
assumed, the keyrings of the initial process are added to the search path,
using the initial process's UID, GID, groups and security context.
If a thread has multiple instantiations to deal with, it may call this function
to change the authorisation key currently in effect. Supplying a
zero
key de-assumes the currently assumed authority.
NOTE! This is a per-thread setting and not a per-process setting so that
a multithreaded process can be used to instantiate several keys at once.
keyctl_instantiate() instantiates the payload of an uninstantiated key
from the data specified.
payload and
plen specify the data for
the new payload.
payload may be NULL and
plen may be zero if the
key type permits that. The key type may reject the data if it's in the wrong
format or in some other way invalid.
keyctl_instantiate_iov() is similar, but the data is passed in an array
of iovec structs instead of in a flat buffer.
payload_iov points to the
base of the array and
ioc indicates how many elements there are.
payload_iov may be NULL or
ioc may be zero to indicate that no
data is being supplied.
keyctl_reject() marks a key as negatively instantiated and sets the
expiration timer on it.
timeout specifies the lifetime of the key in
seconds.
error specifies the error to be returned when a search hits
the key (this is typically
EKEYREJECTED,
EKEYREVOKED or
EKEYEXPIRED). Note that keyctl_reject() falls back to keyctl_negate()
if the kernel does not support it.
keyctl_negate() as
keyctl_reject() with an error code of
ENOKEY.
Only a key for which authority has been assumed may be instantiated or
negatively instantiated, and once instantiated, the authorisation key will be
revoked and the requesting process will be able to resume.
The destination
keyring, if given, is assumed to belong to the initial
requester, and not the instantiating process. Therefore, the special keyring
IDs refer to the requesting process's keyrings, not the caller's, and the
requester's UID, etc. will be used to access them.
The destination keyring can be
zero if no extra link is desired.
The requester, not the caller, must have
write permission on the
destination for a link to be made there.
RETURN VALUE¶
On success
keyctl_instantiate() returns
0. On error, the value
-1 will be returned and errno will have been set to an appropriate
error.
ERRORS¶
- ENOKEY
- The key or keyring specified is invalid.
- EKEYEXPIRED
- The keyring specified has expired.
- EKEYREVOKED
- The key or keyring specified had been revoked, or the authorisation has
been revoked.
- EINVAL
- The payload data was invalid.
- ENOMEM
- Insufficient memory to store the new payload or to expand the destination
keyring.
- EDQUOT
- The key quota for the key's user would be exceeded by increasing the size
of the key to accommodate the new payload or the key quota for the
keyring's user would be exceeded by expanding the destination
keyring.
- EACCES
- The key exists, but is not writable by the requester.
LINKING¶
This is a library function that can be found in
libkeyutils. When
linking,
-lkeyutils should be specified to the linker.
SEE ALSO¶
keyctl(1),
add_key(2),
keyctl(2),
request_key(2),
keyctl(3),
request-key(8),
keyutils(7),
keyrings(7)