keyring_restrict

Name:keyring_restrict - Look up and apply a restriction to a keyring*@keyring_ref: The keyring to be restricted*@type: The key type that will provide the restriction checker.*@restriction: The restriction options to apply to the keyring

Proto:int keyring_restrict(key_ref_t keyring_ref, const char *type, const char *restriction)

Type:int

Parameter:

Type	Parameter	Name
key_ref_t	keyring_ref
const char *	type
const char *	restriction

1029

struct key_type * restrict_type = NULL

1031

ret = 0

1033

keyring = key_ref_to_ptr(keyring_ref)

1034

key_check(keyring)

1036

If type of key != key_type_keyring Then Return -ENOTDIR

1039

If Not type Then

1040

restrict_link = keyring_restriction_alloc(strict_link_reject - Give -EPERM to restrict link*@keyring: The keyring being added to.*@type: The type of key being added.*@payload: The payload of the key intended to be added.*@restriction_key: Keys providing additional data for evaluating restriction.)

1041

Else

1042

restrict_type = Find and lock the specified key type against removal.* We return with the sem read-locked if successful. If the type wasn't* available -ENOKEY is returned instead.

1044

If IS_ERR(restrict_type) Then Return PTR_ERR(restrict_type)

1047

If Not lookup_restriction Then

1048

ret = -ENOENT

1049

Go to error

1052

restrict_link = lookup_restriction(restriction)

1055

If IS_ERR(restrict_link) Then

1056

ret = PTR_ERR(restrict_link)

1057

Go to error

1060

lock for writing

1061

lock for writing

1063

If This is set on a keyring to restrict the addition of a link to a key * to it. If this structure isn't provided then it is assumed that the * keyring is open to any addition. It is ignored for non-keyring * keys. Only set this value using keyring_restrict( Then ret = -EEXIST

1065

Else if Check for restriction cycles that would prevent keyring garbage collection.* keyring_serialise_restrict_sem must be held. Then ret = -EDEADLK

1067

Else This is set on a keyring to restrict the addition of a link to a key * to it. If this structure isn't provided then it is assumed that the * keyring is open to any addition. It is ignored for non-keyring * keys. Only set this value using keyring_restrict( = restrict_link

1070

lease a write lock

1071

lease a write lock

1073

If ret < 0 Then

1074

key_put - Discard a reference to a key.*@key: The key to discard a reference from.* Discard a reference to a key, and when all the references are gone, we* schedule the cleanup task to come and pull it out of the tree in process

1075

kfree(restrict_link)

1078

error :

1079

If restrict_type Then Unlock a key type locked by key_type_lookup().

1082

Return ret

**Caller**
Name	Describe
keyctl_restrict_keyring	Apply a restriction to a given keyring.* The caller must have Setattr permission to change keyring restrictions.* The requested type name may be a NULL pointer to reject all attempts* to link to the keyring. In this case, _restriction must also be NULL.

Source code conversion tool public plug-in interface	X
Support c/c++/esqlc/java Oracle/Informix/Mysql Plug-in can realize: logical Report Code generation and batch code conversion

Function report