函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\keys\compat.c Create Date:2022-07-27 19:59:37
Last Modify:2020-03-18 08:03:01 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:The key control system call, 32-bit compatibility version for 64-bit archs

函数原型:COMPAT_SYSCALL_DEFINE5(keyctl, unsigned int, option, unsigned int, arg2, unsigned int, arg3, unsigned int, arg4, unsigned int, arg5)

返回类型:

参数:

54  :option恒等于ask for a keyring's ID
55  返回:Get the ID of the specified process keyring.* The requested keyring must have search permission to be found.* If successful, the ID of the requested keyring will be returned.
57  :option恒等于join or start named session keyring
58  返回:Join a (named) session keyring.* Create and join an anonymous session keyring or join a named session* keyring, creating it if necessary. A named session keyring must have Search* permission for it to be joined. Session keyrings without this permit will
60  :option恒等于update a key
61  返回:Update a key's data payload from the given data.* The key must grant the caller Write permission and the key type must support* updating for this to work. A negative key can be positively instantiated* with this call.* If successful, 0 will be returned
63  :option恒等于voke a key
64  返回:Revoke a key.* The key must be grant the caller Write or Setattr permission for this to* work. The key type should give up its quota claim when revoked. The key* and any links to the key will be automatically garbage collected after a
66  :option恒等于describe a key
67  返回:Return a description of a key to userspace
69  :option恒等于clear contents of a keyring
70  返回:Clear the specified keyring, creating an empty process keyring if one of the* special keyring IDs is used.* The keyring must grant the caller Write permission and not have* KEY_FLAG_KEEP set for this to work. If successful, 0 will be returned.
72  :option恒等于link a key into a keyring
73  返回:Create a link from a keyring to a key if there's no matching key in the* keyring, otherwise replace the link to the matching key with a link to the* new key.* The key must grant the caller Link permission and the the keyring must grant
75  :option恒等于unlink a key from a keyring
76  返回:Unlink a key from a keyring.* The keyring must grant the caller Write permission for this to work; the key* itself need not grant the caller anything. If the last link to a key is* removed then that key will be scheduled for destruction.
78  :option恒等于search for a key in a keyring
79  返回:Search the specified keyring and any keyrings it links to for a matching* key
82  :option恒等于ad a key or keyring's contents
83  返回:Read a key's payload
85  :option恒等于set ownership of a key
86  返回:Change the ownership of a key* The key must grant the caller Setattr permission for this to work, though* the key need not be fully instantiated yet. For the UID to be changed, or* for the GID to be changed to a group the caller is not a member of, the
88  :option恒等于set perms on a key
89  返回:Change the permission mask on a key.* The key must grant the caller Setattr permission for this to work, though* the key need not be fully instantiated yet. If the caller does not have
91  :option恒等于stantiate a partially constructed key
92  返回:Instantiate a key with the specified payload and link the key into the* destination keyring if one is given.* The caller must have the appropriate instantiation permit set for this to* work (see keyctl_assume_authority). No other permissions are required.
95  :option恒等于gate a partially constructed key
96  返回:Negatively instantiate the key with the given timeout (in seconds) and link* the key into the destination keyring if one is given.* The caller must have the appropriate instantiation permit set for this to* work (see keyctl_assume_authority)
98  :option恒等于set default request-key keyring
99  返回:Read or set the default keyring in which request_key() will cache keys and* return the old setting.* If a thread or process keyring is specified then it will be created if it* doesn't yet exist. The old setting will be returned if successful.
101  :option恒等于set key timeout
102  返回:Set or clear the timeout on a key.* Either the key must grant the caller Setattr permission or else the caller* must hold an instantiation authorisation token for the key.* The timeout is either 0 to clear the timeout, or a number of seconds from
104  :option恒等于assume request_key() authorisation
105  返回:Assume (or clear) the authority to instantiate the specified key
107  :option恒等于get key security label
108  返回:Get a key's the LSM security label.* The key must grant the caller View permission for this to work.* If there's a buffer, then up to buflen bytes of data will be placed into it.* If successful, the amount of information available will be returned,
110  :option恒等于apply session keyring to parent process
111  返回:Attempt to install the calling process's session keyring on the process's* parent process.* The keyring must exist and must grant the caller LINK permission, and the* parent process must be single-threaded and must have the same effective
113  :option恒等于ject a partially constructed key
114  返回:Negatively instantiate the key with the given timeout (in seconds) and error* code and link the key into the destination keyring if one is given.* The caller must have the appropriate instantiation permit set for this to
116  :option恒等于stantiate a partially constructed key
117  返回:Instantiate a key with the specified compatibility multipart payload and* link the key into the destination keyring if one is given.* The caller must have the appropriate instantiation permit set for this to* work (see keyctl_assume_authority)
120  :option恒等于validate a key
121  返回:Invalidate a key.* The key must be grant the caller Invalidate permission for this to work.* The key and any links to the key will be automatically garbage collected* immediately.* Keys with KEY_FLAG_KEEP set should not be invalidated.
123  :option恒等于get a user's persistent keyring
124  返回:Get the persistent keyring for a specific UID and link it to the nominated* keyring.
126  :option恒等于Compute Diffie-Hellman values
127  返回:compat_keyctl_dh_compute(A pointer passed in from user mode. This should not* be used for syscall parameters, just declare them* as pointers because the syscall entry code will have* appropriately converted them already., A pointer passed in from user mode. This should not* be used for syscall parameters, just declare them* as pointers because the syscall entry code will have* appropriately converted them already., arg4, A pointer passed in from user mode. This should not* be used for syscall parameters, just declare them* as pointers because the syscall entry code will have* appropriately converted them already.)
131  :option恒等于Restrict keys allowed to link to a keyring
132  返回:Apply a restriction to a given keyring.* The caller must have Setattr permission to change keyring restrictions.* The requested type name may be a NULL pointer to reject all attempts* to link to the keyring. In this case, _restriction must also be NULL.
135  :option恒等于Query public key parameters
136  如果arg3不等于0则返回:负EINVAL
138  返回:keyctl_pkey_query(arg2, A pointer passed in from user mode. This should not* be used for syscall parameters, just declare them* as pointers because the syscall entry code will have* appropriately converted them already., A pointer passed in from user mode. This should not* be used for syscall parameters, just declare them* as pointers because the syscall entry code will have* appropriately converted them already.)
142  :option恒等于Encrypt a blob using a public key
143  :option恒等于Decrypt a blob using a public key
144  :option恒等于Create a public key signature
145  返回:keyctl_pkey_e_d_s(option, A pointer passed in from user mode. This should not* be used for syscall parameters, just declare them* as pointers because the syscall entry code will have* appropriately converted them already., A pointer passed in from user mode. This should not* be used for syscall parameters, just declare them* as pointers because the syscall entry code will have* appropriately converted them already., A pointer passed in from user mode. This should not* be used for syscall parameters, just declare them* as pointers because the syscall entry code will have* appropriately converted them already., A pointer passed in from user mode. This should not* be used for syscall parameters, just declare them* as pointers because the syscall entry code will have* appropriately converted them already.)
149  :option恒等于Verify a public key signature
150  返回:keyctl_pkey_verify(A pointer passed in from user mode. This should not* be used for syscall parameters, just declare them* as pointers because the syscall entry code will have* appropriately converted them already., A pointer passed in from user mode. This should not* be used for syscall parameters, just declare them* as pointers because the syscall entry code will have* appropriately converted them already., A pointer passed in from user mode. This should not* be used for syscall parameters, just declare them* as pointers because the syscall entry code will have* appropriately converted them already., A pointer passed in from user mode. This should not* be used for syscall parameters, just declare them* as pointers because the syscall entry code will have* appropriately converted them already.)
153  :option恒等于Move keys between keyrings
154  返回:Move a link to a key from one keyring to another, displacing any matching* key from the destination keyring.* The key must grant the caller Link permission and both keyrings must grant* the caller Write permission
156  :option恒等于Find capabilities of keyrings subsystem
157  返回:Get keyrings subsystem capabilities.
159  默认
160  返回:负EOPNOTSUPP