git.ipfire.org Git - thirdparty/linux.git/commit

author	David Howells <dhowells@redhat.com>
	Mon, 20 May 2019 20:51:50 +0000 (21:51 +0100)
committer	David Howells <dhowells@redhat.com>
	Thu, 30 May 2019 21:44:48 +0000 (22:44 +0100)
commit	ed0ac5c7ec3763e3261c48e3c5d4b7528b60fd85
tree	865eac3b9b967b974e23190e4e8bccab8f2b87bf	tree \| snapshot
parent	df593ee23e05cdda16c8c995e5818779431bb29f	commit \| diff

keys: Add a keyctl to move a key between keyrings

Add a keyctl to atomically move a link to a key from one keyring to
another.  The key must exist in "from" keyring and a flag can be given to
cause the operation to fail if there's a matching key already in the "to"
keyring.

This can be done with:

keyctl(KEYCTL_MOVE,
       key_serial_t key,
       key_serial_t from_keyring,
       key_serial_t to_keyring,
       unsigned int flags);

The key being moved must grant Link permission and both keyrings must grant
Write permission.

flags should be 0 or KEYCTL_MOVE_EXCL, with the latter preventing
displacement of a matching key from the "to" keyring.

Signed-off-by: David Howells <dhowells@redhat.com>

Documentation/security/keys/core.rst		diff \| blob \| blame \| history
include/linux/key.h		diff \| blob \| blame \| history
include/uapi/linux/keyctl.h		diff \| blob \| blame \| history
security/keys/compat.c		diff \| blob \| blame \| history
security/keys/internal.h		diff \| blob \| blame \| history
security/keys/keyctl.c		diff \| blob \| blame \| history
security/keys/keyring.c		diff \| blob \| blame \| history