函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\keys\keyctl.c Create Date:2022-07-27 19:56:01
Last Modify:2020-03-18 07:59:52 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:The key control system call

函数原型:SYSCALL_DEFINE5(keyctl, int, option, unsigned long, arg2, unsigned long, arg3, unsigned long, arg4, unsigned long, arg5)

返回类型:

参数:

1718  :option恒等于ask for a keyring's ID
1719  返回:Get the ID of the specified process keyring.* The requested keyring must have search permission to be found.* If successful, the ID of the requested keyring will be returned.
1722  :option恒等于join or start named session keyring
1723  返回:Join a (named) session keyring.* Create and join an anonymous session keyring or join a named session* keyring, creating it if necessary. A named session keyring must have Search* permission for it to be joined. Session keyrings without this permit will
1725  :option恒等于update a key
1726  返回:Update a key's data payload from the given data.* The key must grant the caller Write permission and the key type must support* updating for this to work. A negative key can be positively instantiated* with this call.* If successful, 0 will be returned
1730  :option恒等于voke a key
1731  返回:Revoke a key.* The key must be grant the caller Write or Setattr permission for this to* work. The key type should give up its quota claim when revoked. The key* and any links to the key will be automatically garbage collected after a
1733  :option恒等于describe a key
1734  返回:Return a description of a key to userspace
1738  :option恒等于clear contents of a keyring
1739  返回:Clear the specified keyring, creating an empty process keyring if one of the* special keyring IDs is used.* The keyring must grant the caller Write permission and not have* KEY_FLAG_KEEP set for this to work. If successful, 0 will be returned.
1741  :option恒等于link a key into a keyring
1742  返回:Create a link from a keyring to a key if there's no matching key in the* keyring, otherwise replace the link to the matching key with a link to the* new key.* The key must grant the caller Link permission and the the keyring must grant
1745  :option恒等于unlink a key from a keyring
1746  返回:Unlink a key from a keyring.* The keyring must grant the caller Write permission for this to work; the key* itself need not grant the caller anything. If the last link to a key is* removed then that key will be scheduled for destruction.
1749  :option恒等于search for a key in a keyring
1750  返回:Search the specified keyring and any keyrings it links to for a matching* key
1755  :option恒等于ad a key or keyring's contents
1756  返回:Read a key's payload
1760  :option恒等于set ownership of a key
1761  返回:Change the ownership of a key* The key must grant the caller Setattr permission for this to work, though* the key need not be fully instantiated yet. For the UID to be changed, or* for the GID to be changed to a group the caller is not a member of, the
1765  :option恒等于set perms on a key
1766  返回:Change the permission mask on a key.* The key must grant the caller Setattr permission for this to work, though* the key need not be fully instantiated yet. If the caller does not have
1769  :option恒等于stantiate a partially constructed key
1770  返回:Instantiate a key with the specified payload and link the key into the* destination keyring if one is given.* The caller must have the appropriate instantiation permit set for this to* work (see keyctl_assume_authority). No other permissions are required.
1775  :option恒等于gate a partially constructed key
1776  返回:Negatively instantiate the key with the given timeout (in seconds) and link* the key into the destination keyring if one is given.* The caller must have the appropriate instantiation permit set for this to* work (see keyctl_assume_authority)
1780  :option恒等于set default request-key keyring
1781  返回:Read or set the default keyring in which request_key() will cache keys and* return the old setting.* If a thread or process keyring is specified then it will be created if it* doesn't yet exist. The old setting will be returned if successful.
1783  :option恒等于set key timeout
1784  返回:Set or clear the timeout on a key.* Either the key must grant the caller Setattr permission or else the caller* must hold an instantiation authorisation token for the key.* The timeout is either 0 to clear the timeout, or a number of seconds from
1787  :option恒等于assume request_key() authorisation
1788  返回:Assume (or clear) the authority to instantiate the specified key
1790  :option恒等于get key security label
1791  返回:Get a key's the LSM security label.* The key must grant the caller View permission for this to work.* If there's a buffer, then up to buflen bytes of data will be placed into it.* If successful, the amount of information available will be returned,
1795  :option恒等于apply session keyring to parent process
1796  返回:Attempt to install the calling process's session keyring on the process's* parent process.* The keyring must exist and must grant the caller LINK permission, and the* parent process must be single-threaded and must have the same effective
1798  :option恒等于ject a partially constructed key
1799  返回:Negatively instantiate the key with the given timeout (in seconds) and error* code and link the key into the destination keyring if one is given.* The caller must have the appropriate instantiation permit set for this to
1804  :option恒等于stantiate a partially constructed key
1805  返回:Instantiate a key with the specified multipart payload and link the key into* the destination keyring if one is given.* The caller must have the appropriate instantiation permit set for this to* work (see keyctl_assume_authority)
1811  :option恒等于validate a key
1812  返回:Invalidate a key.* The key must be grant the caller Invalidate permission for this to work.* The key and any links to the key will be automatically garbage collected* immediately.* Keys with KEY_FLAG_KEEP set should not be invalidated.
1814  :option恒等于get a user's persistent keyring
1815  返回:keyctl_get_persistent((uid_t)arg2, (key_serial_t)arg3)
1817  :option恒等于Compute Diffie-Hellman values
1818  返回:keyctl_dh_compute((structkeyctl_dh_params__user * )arg2, (char__user * )arg3, (size_t)arg4, (structkeyctl_kdf_params__user * )arg5)
1822  :option恒等于Restrict keys allowed to link to a keyring
1823  返回:Apply a restriction to a given keyring.* The caller must have Setattr permission to change keyring restrictions.* The requested type name may be a NULL pointer to reject all attempts* to link to the keyring. In this case, _restriction must also be NULL.
1827  :option恒等于Query public key parameters
1828  如果arg3不等于0则返回:负EINVAL
1830  返回:keyctl_pkey_query((key_serial_t)arg2, (constchar__user * )arg4, (structkeyctl_pkey_query__user * )arg5)
1834  :option恒等于Encrypt a blob using a public key
1835  :option恒等于Decrypt a blob using a public key
1836  :option恒等于Create a public key signature
1837  返回:keyctl_pkey_e_d_s(option, (conststructkeyctl_pkey_params__user * )arg2, (constchar__user * )arg3, (constvoid__user * )arg4, (void__user * )arg5)
1844  :option恒等于Verify a public key signature
1845  返回:keyctl_pkey_verify((conststructkeyctl_pkey_params__user * )arg2, (constchar__user * )arg3, (constvoid__user * )arg4, (constvoid__user * )arg5)
1851  :option恒等于Move keys between keyrings
1852  返回:Move a link to a key from one keyring to another, displacing any matching* key from the destination keyring.* The key must grant the caller Link permission and both keyrings must grant* the caller Write permission
1857  :option恒等于Find capabilities of keyrings subsystem
1858  返回:Get keyrings subsystem capabilities.
1860  默认
1861  返回:负EOPNOTSUPP