Add key invalidate function

author: David Howells <dhowells@redhat.com> 2012-01-09 16:31:36 +0000
committer: David Howells <dhowells@redhat.com> 2013-08-12 14:31:39 +0100
commit: 3d7bd0631a282dcc1411d3aa7de6e4a5521c4e9f (patch)
tree: 3be168c68c0cad11f8dd7ea35c88ab77fd8a0d1e
parent: 4444da5e8c02b3afdf8d29ed7b735401dbac2349 (diff)
download: keyutils-3d7bd0631a282dcc1411d3aa7de6e4a5521c4e9f.tar.gz
3 files changed, 28 insertions, 0 deletions
diff --git a/keyctl.c b/keyctl.c
index 68e72f8..bf239b3 100644
--- a/keyctl.c
+++ b/keyctl.c
@@ -62,6 +62,7 @@ static int act_keyctl_new_session(int argc, char *argv[]);
 static int act_keyctl_reject(int argc, char *argv[]);
 static int act_keyctl_reap(int argc, char *argv[]);
 static int act_keyctl_purge(int argc, char *argv[]);
+static int act_keyctl_invalidate(int argc, char *argv[]);
 
 const struct command commands[] = {
 	{ act_keyctl___version,	"--version",	"" },
@@ -71,6 +72,7 @@ const struct command commands[] = {
 	{ act_keyctl_clear,	"clear",	"<keyring>" },
 	{ act_keyctl_describe,	"describe",	"<keyring>" },
 	{ act_keyctl_instantiate, "instantiate","<key> <data> <keyring>" },
+	{ act_keyctl_invalidate,"invalidate",	"<key>" },
 	{ act_keyctl_link,	"link",		"<key> <keyring>" },
 	{ act_keyctl_list,	"list",		"<keyring>" },
 	{ act_keyctl_negate,	"negate",	"<key> <timeout> <keyring>" },
@@ -1554,6 +1556,25 @@ static int act_keyctl_purge(int argc, char *argv[])
 
 /*****************************************************************************/
 /*
+ * Invalidate a key
+ */
+static int act_keyctl_invalidate(int argc, char *argv[])
+{
+	key_serial_t key;
+
+	if (argc != 2)
+		format();
+
+	key = get_key_id(argv[1]);
+
+	if (keyctl_invalidate(key) < 0)
+		error("keyctl_invalidate");
+
+	return 0;
+}
+
+/*****************************************************************************/
+/*
  * parse a key identifier
  */
 static key_serial_t get_key_id(const char *arg)
diff --git a/keyutils.c b/keyutils.c
index be99afc..329bfae 100644
--- a/keyutils.c
+++ b/keyutils.c
@@ -224,6 +224,11 @@ long keyctl_instantiate_iov(key_serial_t id,
 	return ret;
 }
 
+long keyctl_invalidate(key_serial_t id)
+{
+	return keyctl(KEYCTL_INVALIDATE, id);
+}
+
 /*****************************************************************************/
 /*
  * fetch key description into an allocated buffer
diff --git a/keyutils.h b/keyutils.h
index 15b441d..3ddaeae 100644
--- a/keyutils.h
+++ b/keyutils.h
@@ -96,6 +96,7 @@ typedef uint32_t key_perm_t;
 #define KEYCTL_SESSION_TO_PARENT	18	/* set my session keyring on my parent process */
 #define KEYCTL_REJECT			19	/* reject a partially constructed key */
 #define KEYCTL_INSTANTIATE_IOV		20	/* instantiate a partially constructed key */
+#define KEYCTL_INVALIDATE		21	/* invalidate a key */
 
 /*
  * syscall wrappers
@@ -148,6 +149,7 @@ extern long keyctl_instantiate_iov(key_serial_t id,
 				   const struct iovec *payload_iov,
 				   unsigned ioc,
 				   key_serial_t ringid);
+extern long keyctl_invalidate(key_serial_t id);
 
 /*
  * utilities
author	David Howells <dhowells@redhat.com>	2012-01-09 16:31:36 +0000
committer	David Howells <dhowells@redhat.com>	2013-08-12 14:31:39 +0100
commit	3d7bd0631a282dcc1411d3aa7de6e4a5521c4e9f (patch)
tree	3be168c68c0cad11f8dd7ea35c88ab77fd8a0d1e
parent	4444da5e8c02b3afdf8d29ed7b735401dbac2349 (diff)
download	keyutils-3d7bd0631a282dcc1411d3aa7de6e4a5521c4e9f.tar.gz