diff options
| author | David Howells <dhowells@redhat.com> | 2019-10-31 13:22:22 +0000 |
|---|---|---|
| committer | David Howells <dhowells@redhat.com> | 2020-07-07 16:57:54 +0100 |
| commit | 1276eac95470369bfc1de3ae26103992ab8e4e9a (patch) | |
| tree | 1c77dc009f2441f3e8dd3657bf471d42266a4747 /keyctl.c | |
| parent | f3095f4901820d31cc5600ee46949bcdb246b3fa (diff) | |
| download | keyutils-1276eac95470369bfc1de3ae26103992ab8e4e9a.tar.gz | |
Add a notification facility for watching for key changes
Add keyctl commands and library functions to handle the setting and removal
of watches on keys for notifications of change events. Five keyctl
commands are defined:
(1) keyctl watch <key>
Watch the specified key for changes, logging notifications to stdout.
(2) keyctl watch_session [-n <name>] <notifylog> <gclog> <fd> prog [<arg>...]
Create a new session keyring and attach a watch to it that an
auxiliary logging process monitors. The nominated program is run with
the session program with the arguments given.
The session keyring can be given a name. The logging process will log
synchronous events to file notifylog and asynchronous events to file
gclog.
The specified file descriptor will be attached to the watch_queue and
left open across the exec. This can be made use of by the next few
commands.
(3) keyctl watch_add <fd> <key>
(4) keyctl watch_rm <fd> <key>
Add/remove a watch on the specified key to/from the given watch_queue
derived from watch_session.
(5) keyctl watch_sync <fd>
Wait for the logging process that's watching the given watch_queue to
synchronise.
Commands (2) to (5) are primarily provided for the testsuite's purposes.
Signed-off-by: David Howells <dhowells@redhat.com>
Diffstat (limited to 'keyctl.c')
| -rw-r--r-- | keyctl.c | 13 |
1 files changed, 8 insertions, 5 deletions
@@ -139,14 +139,16 @@ static const struct command commands[] = { { act_keyctl_timeout, "timeout", "<key> <timeout>" }, { act_keyctl_unlink, "unlink", "<key> [<keyring>]" }, { act_keyctl_update, "update", "[-x] <key> <data>" }, + { act_keyctl_watch, "watch", "<key>" }, + { act_keyctl_watch_add, "watch_add", "<fd> <key>" }, + { act_keyctl_watch_rm, "watch_rm", "<fd> <key>" }, + { act_keyctl_watch_session, "watch_session", "[-n <name>] <notifylog> <gclog> <fd> <prog> [<arg1> <arg2> ...]" }, + { act_keyctl_watch_sync, "watch_sync", "<fd>" }, { act_keyctl_test, "--test", "..." }, { NULL, NULL, NULL } }; static int dump_key_tree(key_serial_t keyring, const char *name, int hex_key_IDs); -static void format(void) __attribute__((noreturn)); -void error(const char *msg) __attribute__((noreturn)); -static key_serial_t get_key_id(char *arg); static void *read_file(const char *name, size_t *_size); static uid_t myuid; @@ -227,7 +229,7 @@ void do_command(int argc, char **argv, /* * display command format information */ -static void format(void) +void format(void) { const struct command *cmd; @@ -2288,6 +2290,7 @@ static const struct capability_def capabilities[] = { { "move_key", 0, KEYCTL_CAPS0_MOVE }, { "ns_keyring_name", 1, KEYCTL_CAPS1_NS_KEYRING_NAME }, { "ns_key_tag", 1, KEYCTL_CAPS1_NS_KEY_TAG }, + { "notify", 1, KEYCTL_CAPS1_NOTIFICATIONS }, {} }; @@ -2332,7 +2335,7 @@ static void act_keyctl_supports(int argc, char *argv[]) /* * parse a key identifier */ -static key_serial_t get_key_id(char *arg) +key_serial_t get_key_id(char *arg) { key_serial_t id; char *end; |