diff options
author | David Howells <dhowells@redhat.com> | 2014-07-18 18:56:34 +0100 |
---|---|---|
committer | David Howells <dhowells@redhat.com> | 2014-07-22 21:46:08 +0100 |
commit | 7dfa0ca6a95de65b7a7760630cdbd7d30f204bfa (patch) | |
tree | e97786b11796e13f91b205dbb8adb3727e88789d /Documentation | |
parent | fc7c70e0b6b637bbf6cf8b9cee547d5ae83899c9 (diff) | |
download | op-kernel-dev-7dfa0ca6a95de65b7a7760630cdbd7d30f204bfa.zip op-kernel-dev-7dfa0ca6a95de65b7a7760630cdbd7d30f204bfa.tar.gz |
KEYS: Allow expiry time to be set when preparsing a key
Allow a key type's preparsing routine to set the expiry time for a key.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Steve Dickson <steved@redhat.com>
Acked-by: Jeff Layton <jlayton@primarydata.com>
Reviewed-by: Sage Weil <sage@redhat.com>
Diffstat (limited to 'Documentation')
-rw-r--r-- | Documentation/security/keys.txt | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/Documentation/security/keys.txt b/Documentation/security/keys.txt index a4c33f1..315cf96 100644 --- a/Documentation/security/keys.txt +++ b/Documentation/security/keys.txt @@ -1150,20 +1150,24 @@ The structure has a number of fields, some of which are mandatory: const void *data; size_t datalen; size_t quotalen; + time_t expiry; }; Before calling the method, the caller will fill in data and datalen with the payload blob parameters; quotalen will be filled in with the default - quota size from the key type and the rest will be cleared. + quota size from the key type; expiry will be set to TIME_T_MAX and the + rest will be cleared. If a description can be proposed from the payload contents, that should be attached as a string to the description field. This will be used for the key description if the caller of add_key() passes NULL or "". The method can attach anything it likes to type_data[] and payload. These - are merely passed along to the instantiate() or update() operations. + are merely passed along to the instantiate() or update() operations. If + set, the expiry time will be applied to the key if it is instantiated from + this data. - The method should return 0 if success ful or a negative error code + The method should return 0 if successful or a negative error code otherwise. |