mirror of
https://github.com/Fishwaldo/linux-bl808.git
synced 2025-06-17 20:25:19 +00:00
keys: Add a keyctl to move a key between keyrings
Add a keyctl to atomically move a link to a key from one keyring to another. The key must exist in "from" keyring and a flag can be given to cause the operation to fail if there's a matching key already in the "to" keyring. This can be done with: keyctl(KEYCTL_MOVE, key_serial_t key, key_serial_t from_keyring, key_serial_t to_keyring, unsigned int flags); The key being moved must grant Link permission and both keyrings must grant Write permission. flags should be 0 or KEYCTL_MOVE_EXCL, with the latter preventing displacement of a matching key from the "to" keyring. Signed-off-by: David Howells <dhowells@redhat.com>
This commit is contained in:
David Howells
parent
df593ee23e
commit
ed0ac5c7ec
7 changed files with 195 additions and 0 deletions
|
|
@ -67,6 +67,7 @@
|
|||
#define KEYCTL_PKEY_SIGN 27 /* Create a public key signature */
|
||||
#define KEYCTL_PKEY_VERIFY 28 /* Verify a public key signature */
|
||||
#define KEYCTL_RESTRICT_KEYRING 29 /* Restrict keys allowed to link to a keyring */
|
||||
#define KEYCTL_MOVE 30 /* Move keys between keyrings */
|
||||
|
||||
/* keyctl structures */
|
||||
struct keyctl_dh_params {
|
||||
|
|
@ -112,4 +113,6 @@ struct keyctl_pkey_params {
|
|||
__u32 __spare[7];
|
||||
};
|
||||
|
||||
#define KEYCTL_MOVE_EXCL 0x00000001 /* Do not displace from the to-keyring */
|
||||
|
||||
#endif /* _LINUX_KEYCTL_H */
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue