diff options
author | David Howells <dhowells@redhat.com> | 2012-01-09 16:31:36 +0000 |
---|---|---|
committer | David Howells <dhowells@redhat.com> | 2013-08-12 14:31:39 +0100 |
commit | 3d7bd0631a282dcc1411d3aa7de6e4a5521c4e9f (patch) | |
tree | 3be168c68c0cad11f8dd7ea35c88ab77fd8a0d1e | |
parent | 4444da5e8c02b3afdf8d29ed7b735401dbac2349 (diff) | |
download | keyutils-3d7bd0631a282dcc1411d3aa7de6e4a5521c4e9f.tar.gz |
Add key invalidate function
-rw-r--r-- | keyctl.c | 21 | ||||
-rw-r--r-- | keyutils.c | 5 | ||||
-rw-r--r-- | keyutils.h | 2 |
3 files changed, 28 insertions, 0 deletions
@@ -62,6 +62,7 @@ static int act_keyctl_new_session(int argc, char *argv[]); static int act_keyctl_reject(int argc, char *argv[]); static int act_keyctl_reap(int argc, char *argv[]); static int act_keyctl_purge(int argc, char *argv[]); +static int act_keyctl_invalidate(int argc, char *argv[]); const struct command commands[] = { { act_keyctl___version, "--version", "" }, @@ -71,6 +72,7 @@ const struct command commands[] = { { act_keyctl_clear, "clear", "<keyring>" }, { act_keyctl_describe, "describe", "<keyring>" }, { act_keyctl_instantiate, "instantiate","<key> <data> <keyring>" }, + { act_keyctl_invalidate,"invalidate", "<key>" }, { act_keyctl_link, "link", "<key> <keyring>" }, { act_keyctl_list, "list", "<keyring>" }, { act_keyctl_negate, "negate", "<key> <timeout> <keyring>" }, @@ -1554,6 +1556,25 @@ static int act_keyctl_purge(int argc, char *argv[]) /*****************************************************************************/ /* + * Invalidate a key + */ +static int act_keyctl_invalidate(int argc, char *argv[]) +{ + key_serial_t key; + + if (argc != 2) + format(); + + key = get_key_id(argv[1]); + + if (keyctl_invalidate(key) < 0) + error("keyctl_invalidate"); + + return 0; +} + +/*****************************************************************************/ +/* * parse a key identifier */ static key_serial_t get_key_id(const char *arg) @@ -224,6 +224,11 @@ long keyctl_instantiate_iov(key_serial_t id, return ret; } +long keyctl_invalidate(key_serial_t id) +{ + return keyctl(KEYCTL_INVALIDATE, id); +} + /*****************************************************************************/ /* * fetch key description into an allocated buffer @@ -96,6 +96,7 @@ typedef uint32_t key_perm_t; #define KEYCTL_SESSION_TO_PARENT 18 /* set my session keyring on my parent process */ #define KEYCTL_REJECT 19 /* reject a partially constructed key */ #define KEYCTL_INSTANTIATE_IOV 20 /* instantiate a partially constructed key */ +#define KEYCTL_INVALIDATE 21 /* invalidate a key */ /* * syscall wrappers @@ -148,6 +149,7 @@ extern long keyctl_instantiate_iov(key_serial_t id, const struct iovec *payload_iov, unsigned ioc, key_serial_t ringid); +extern long keyctl_invalidate(key_serial_t id); /* * utilities |