keyctl_restrict_keyring

函数名称：Apply a restriction to a given keyring.* The caller must have Setattr permission to change keyring restrictions.* The requested type name may be a NULL pointer to reject all attempts* to link to the keyring. In this case, _restriction must also be NULL.

函数原型：long keyctl_restrict_keyring(key_serial_t id, const char __user *_type, const char __user *_restriction)

返回类型：long

参数：

类型	参数	名称
key_serial_t	id
const char __user *	_type
const char __user *	_restriction

1658

char * restriction = NULL

1661

key_ref等于Look up a key ID given us by userspace with a given permissions mask to get* the key it refers to.* Flags can be passed to request that special keyrings be created if referred* to directly, to permit partially constructed keys to be found and to skip

1662

如果是错误则返回:错误

1665

ret等于负EINVAL

1666

如果_type则

1667

如果非_restriction则转到:error

1670

ret等于key_get_type_from_user(type, _type, type的长度)

1671

如果ret小于0则转到:error

1674

restriction等于strndup_user - duplicate an existing string from user space*@s: The string to duplicate*@n: Maximum number of bytes to copy, including the trailing NUL.* Return: newly allocated copy of @s or an ERR_PTR() in case of error

1675

如果是错误则

1676

ret等于错误

1677

转到:error

1679

否则

1680

如果_restriction则转到:error

1684

ret等于keyring_restrict - Look up and apply a restriction to a keyring*@keyring_ref: The keyring to be restricted*@type: The key type that will provide the restriction checker.*@restriction: The restriction options to apply to the keyring

1685

1686

error :

1687

key_ref_put(key_ref)

1688

返回:ret

**调用者**
名称	描述
SYSCALL_DEFINE5	The key control system call
COMPAT_SYSCALL_DEFINE5	The key control system call, 32-bit compatibility version for 64-bit archs

源代码转换工具开放的插件接口	X
支持：c/c++/esqlc/java Oracle/Informix/Mysql 插件可实现：逻辑报告代码生成和批量转换代码