Re: Revised keyrings(7) man page for review
From: David Howells
Date: Tue Dec 13 2016 - 06:35:39 EST
Michael Kerrisk <mtk@xxxxxxxx> wrote:
> The Linux key-management facility is primarily a way for drivâ
> ers to retain or cache security data, authentication keys,
> encryption keys, and other data in the kernel.
No comma before "and".
> access to the facility. See keyctl(1), keyctl(3), and keyuâ
Ditto. (And some other dittos).
> to the kernel when it was requested. (Details can be
> found in request_key(2).)
How about dropping the brackets and making that last sentence "For further
details, see request_key(2)."
> beyond the usual user, group, and other (see below).
I think this needs to say what below one is supposed to see:
"beyond the usual User, Group and Other (see 'Possession' below)."
> Key types
> The facility provides several basic types of key:
Again, I think the keyring type needs to go either first or last.
> "big_key" (since Linux 3.13)
> This key type is similar to the "user" key type, but it
> may hold a payload of up to 1MiB in size. The data may
> be stored in the swap space rather than in kernel memory
stored encrypted (as of 4.8).
> Anchoring keys
> To prevent a key from being prematurely garbage collected, it
> must anchored to keep its reference count elevated when it is
> not in active use by the kernel.
I think "prematurely" is unnecessary here.
> (3) The search of the keyring tree is in preorder: each keyring
> is searched first for a match, then the keyrings referred
> to by that keyring are searched.
"preorder"? How about "breadth-first order"?
> The only keys included in the list are those that grant
> view permission to the reading process, regardless of
> whether or not it possesses them. LSM security checks
> are still performed, and may filter out further keys
> that the process is not authorized to view.
This is correct. See proc_keys_show() in security/keys/proc.c:
rc = key_task_permission(key_ref, ctx.cred, KEY_NEED_VIEW);
if (rc < 0)
return 0;
Possibly it shouldn't be, but for now it is.
> D The key is dead (i.e., has been deleted). (A
> key may be briefly in this state during
> garbage collection.)
No - "dead" in this context means that the key type was unregistered.
> Description
> The key description (name).
>
> Description
> This field contains descriptive information about
Merge?
David