函数逻辑报告 |
Source Code:security\keys\key.c |
Create Date:2022-07-27 19:50:47 |
| Last Modify:2020-03-12 14:18:49 | Copyright©Brick |
| 首页 | 函数Tree |
| 注解内核,赢得工具 | 下载SCCT | English |
函数名称:key_put - Discard a reference to a key.*@key: The key to discard a reference from.* Discard a reference to a key, and when all the references are gone, we* schedule the cleanup task to come and pull it out of the tree in process
函数原型:void key_put(struct key *key)
返回类型:void
参数:
| 类型 | 参数 | 名称 |
|---|---|---|
| struct key * | key |
| 643 | 如果key则 |
| 名称 | 描述 |
|---|---|
| put_cred_rcu | The RCU callback to actually dispose of a set of credentials |
| prepare_exec_creds | Prepare credentials for current to perform an execve()* - The caller must hold ->cred_guard_mutex |
| copy_creds | 复制信任 |
| set_cred_user_ns | |
| create_user_ns | Create a new user namespace, deriving the creator from the user in the* passed credentials, and replacing that user with the new root user for the* new namespace.* This is called by copy_creds(), which will finish setting the target task's* credentials. |
| __key_update | Attempt to update an existing key.* The key is given to us with an incremented refcount that we need to discard* if we get an error. |
| key_create_or_update | key_create_or_update - Update or create and instantiate a key.*@keyring_ref: A pointer to the destination keyring with possession flag.*@type: The type of key.*@description: The searchable description for the key. |
| key_free_user_ns | Clean up the bits of user_namespace that belong to us. |
| keyring_free_object | Free an object after stripping the keyring flag off of the pointer. |
| keyring_destroy | |
| keyring_alloc | Allocate a keyring and link into the destination keyring. |
| keyring_restrict | keyring_restrict - Look up and apply a restriction to a keyring*@keyring_ref: The keyring to be restricted*@type: The key type that will provide the restriction checker.*@restriction: The restriction options to apply to the keyring |
| keyring_restriction_gc | Garbage collect restriction pointers from a keyring |
| SYSCALL_DEFINE4 | Search the process keyrings and keyring trees linked from those for a* matching key. Keyrings must have appropriate Search permission to be* searched.* If a key is found, it will be attached to the destination keyring if there's |
| keyctl_describe_key | Return a description of a key to userspace |
| keyctl_read_key | Read a key's payload |
| keyctl_chown_key | Change the ownership of a key* The key must grant the caller Setattr permission for this to work, though* the key need not be fully instantiated yet. For the UID to be changed, or* for the GID to be changed to a group the caller is not a member of, the |
| keyctl_setperm_key | Change the permission mask on a key.* The key must grant the caller Setattr permission for this to work, though* the key need not be fully instantiated yet. If the caller does not have |
| keyctl_change_reqkey_auth | Change the request_key authorisation key on the current process. |
| keyctl_instantiate_key_common | Instantiate a key with the specified payload and link the key into the* destination keyring if one is given.* The caller must have the appropriate instantiation permit set for this to* work (see keyctl_assume_authority). No other permissions are required. |
| keyctl_reject_key | Negatively instantiate the key with the given timeout (in seconds) and error* code and link the key into the destination keyring if one is given.* The caller must have the appropriate instantiation permit set for this to |
| keyctl_set_timeout | Set or clear the timeout on a key.* Either the key must grant the caller Setattr permission or else the caller* must hold an instantiation authorisation token for the key.* The timeout is either 0 to clear the timeout, or a number of seconds from |
| keyctl_assume_authority | Assume (or clear) the authority to instantiate the specified key |
| keyctl_get_security | Get a key's the LSM security label.* The key must grant the caller View permission for this to work.* If there's a buffer, then up to buflen bytes of data will be placed into it.* If successful, the amount of information available will be returned, |
| look_up_user_keyrings | Look up the user and user session keyrings for the current process's UID,* creating them if they don't exist. |
| install_session_keyring_to_cred | Install the given keyring as the session keyring of the given credentials* struct, replacing the existing one if any. If the given keyring is NULL,* then install a new anonymous session keyring.*@cred can not be in use by any task yet. |
| search_cred_keyrings_rcu | Search the process keyrings attached to the supplied cred for the first* matching key under RCU conditions (the caller must be holding the RCU read* lock) |
| lookup_user_key | Look up a key ID given us by userspace with a given permissions mask to get* the key it refers to.* Flags can be passed to request that special keyrings be created if referred* to directly, to permit partially constructed keys to be found and to skip |
| join_session_keyring | Join the named keyring as the session keyring if possible else attempt to* create a new one of that name and join that |
| umh_keys_cleanup | Clean up a usermode helper with session keyring. |
| call_sbin_request_key | Request userspace finish the construction of a key* - execute "/sbin/request-key |
| construct_key | Call out to userspace for key construction.* Program failure is ignored in favour of key status. |
| construct_get_dest_keyring | Get the appropriate destination keyring for the request.* The keyring selected is returned with an extra reference upon it which the* caller must release. |
| construct_alloc_key | Allocate a new key in under-construction state and attempt to link it in to* the requested keyring.* May return a key that's already under construction instead if there was a* race between two thread calling request_key(). |
| construct_key_and_link | Commence key construction. |
| request_key_and_link | quest_key_and_link - Request a key and cache it in a keyring.*@type: The type of key we want.*@description: The searchable description of the key.*@domain_tag: The domain in which the key operates. |
| request_key_tag | quest_key_tag - Request a key and wait for construction*@type: Type of key |
| request_key_with_auxdata | quest_key_with_auxdata - Request a key with auxiliary data for the upcaller*@type: The type of key we want.*@description: The searchable description of the key.*@domain_tag: The domain in which the key operates. |
| free_request_key_auth | |
| request_key_auth_new | Create an authorisation token for /sbin/request-key or whoever to gain* access to the caller's security data. |
| key_get_instantiation_authkey | Search the current process's keyrings for the authorisation key for* instantiation of a key. |
| dh_data_from_key | |
| keyctl_pkey_params_free | |
| request_user_key | quest_user_key - request the user key* Use a user provided key to encrypt/decrypt an encrypted-key. |
| encrypted_key_decrypt | |
| encrypted_read | rypted_read - format and copy the encrypted data to userspace* The resulting datablob format is:* |
| asymmetric_verify | |
| evm_init_key | Get the key from the TPM for the SHA1-HMAC |
| fscrypt_sb_free | |
| add_master_key_user | Give the current user a "key" in ->mk_users. This charges the user's quota* and marks the master key as added by the current user, so that it cannot be* removed by another user with the key. Either the master key's key->sem must |
| remove_master_key_user | Remove the current user's "key" from ->mk_users.* The master key's key->sem must be held for write.* Returns 0 if removed, -ENOKEY if not found, or another -errno code. |
| add_new_master_key | Allocate a new fscrypt_master_key which contains the given secret, set it as* the payload of a new 'struct key' of type fscrypt, and link the 'struct key'* into the given keyring. Synchronized by fscrypt_add_key_mutex. |
| add_existing_master_key | |
| add_master_key | |
| fscrypt_verify_key_added | Verify that the current user has added a master key with the given identifier* (returns -ENOKEY if not) |
| do_remove_key | Try to remove an fscrypt master encryption key |
| fscrypt_ioctl_get_key_status | Retrieve the status of an fscrypt master encryption key |
| setup_file_encryption_key | Find the master key, then set up the inode's actual encryption key.* If the master key is found in the filesystem-level keyring, then the* corresponding 'struct key' is returned in *master_key_ret with* ->mk_secret_sem read-locked |
| put_crypt_info | |
| fscrypt_get_encryption_info | |
| find_and_lock_process_key | Search the current task's subscribed keyrings for a "logon" key with* description prefix:descriptor, and if found acquire a read lock on it and* return a pointer to its validated payload in *payload_ret. |
| fscrypt_setup_v1_file_key_via_subscribed_keyrings | |
| fsverity_init_signature | |
| digsig_verify | digsig_verify() - digital signature verification with public key*@keyring: keyring to search key in*@sig: digital signature*@siglen: length of the signature*@data: data*@datalen: length of the data* Returns 0 on success, -EINVAL otherwise |
| key_ref_put |
| 源代码转换工具 开放的插件接口 | X |
|---|---|
| 支持:c/c++/esqlc/java Oracle/Informix/Mysql 插件可实现:逻辑报告 代码生成和批量转换代码 |