Piteball/android_kernel_samsung_msm8226
1
0
Fork 0
mirror of https://github.com/S3NEO/android_kernel_samsung_msm8226.git synced 2024-11-07 03:47:13 +00:00
Code Issues Projects Releases Packages Wiki Activity

keys: update the documentation with info about "logon" keys

Browse source 
Acked-by: David Howells <dhowells@redhat.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
This commit is contained in:
Jeff Layton 2012-04-25 12:46:50 -04:00
parent af3a3ab296
commit a05a4830a3
1 changed files with 13 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
Documentation/security/keys.txt
View file

@ -123,7 +123,7 @@ KEY SERVICE OVERVIEW
The key service provides a number of features besides keys: The key service provides a number of features besides keys:
(*) The key service defines two special key types: (*) The key service defines three special key types:
(+) "keyring" (+) "keyring"
@ -137,6 +137,18 @@ The key service provides a number of features besides keys:
blobs of data. These can be created, updated and read by userspace, blobs of data. These can be created, updated and read by userspace,
and aren't intended for use by kernel services. and aren't intended for use by kernel services.
(+) "logon"
Like a "user" key, a "logon" key has a payload that is an arbitrary
blob of data. It is intended as a place to store secrets which are
accessible to the kernel but not to userspace programs.
The description can be arbitrary, but must be prefixed with a non-zero
length string that describes the key "subclass". The subclass is
separated from the rest of the description by a ':'. "logon" keys can
be created and updated from userspace, but the payload is only
readable from kernel space.
(*) Each process subscribes to three keyrings: a thread-specific keyring, a (*) Each process subscribes to three keyrings: a thread-specific keyring, a
process-specific keyring, and a session-specific keyring. process-specific keyring, and a session-specific keyring.