[PATCH v2 0/6] keyctl.2 updates

[PATCH v2 0/6] keyctl.2 updates

[Eugene Syromyatnikov]

Hello.

While trying to add support for the new keyctl features (ability to
provide KDF and ability to restrict addition to the keyring) decoding
to strace, I've noticed that these are not documented, so here is
my initial attempt to document these things. Unfortunately, keys/crypto
infrastructure is quite foreign to me, so these patches definitely need
some improvement.

For the one part is definitely omitted yet is the documentation for the
"asymmetric" key type, which should be a part of keyrings.7, I think.

Thanks for all the feedback regarding the original version, I've tried to
incorporate it in this version of the patchset.

Changes since v1:
 * Added additional information about causes of EAGAIN, ENOENT, and
   ETIMEDOUT for the KEYCTL_DH_COMPUTE operation.
 * Information about internal limit on hashname moved to the description
   of yet another cause of EINVAL for the KEYCTL_DH_COMPUTE.
 * The description of possible restriction specification for asymmetric
   key type has been corrected.
 * Added information about causes of ENOENT and EOPNOTSUPP for the
   KEYCTL_RESTRICT_KEYRING operation.
 * Added wildcard mention of the ENOMEM error code.

Eugene Syromyatnikov (6):
  keyctl.2: change "is" to "was" in error descriptions
  keyctl.2: update kernel documentation path reference
  keyrings.7: add pointers to kernel's documentation
  keyctl.2: document the ability to provide KDF parameters in
    KEYCTL_DH_COMPUTE
  keyctl.2: document KEYCTL_RESTRICT_KEYRING operation
  keyctl.2: mention ENOMEM in ERRORS

 man2/keyctl.2   | 289 +++++++++++++++++++++++++++++++++++++++++++++++++++++---
 man7/keyrings.7 |   5 +
 2 files changed, 282 insertions(+), 12 deletions(-)

-- 
2.1.4

[PATCH v2 0/6] keyctl.2 updates

[Eugene Syromyatnikov]

Hello.

While trying to add support for the new keyctl features (ability to
provide KDF and ability to restrict addition to the keyring) decoding
to strace, I've noticed that these are not documented, so here is
my initial attempt to document these things. Unfortunately, keys/crypto
infrastructure is quite foreign to me, so these patches definitely need
some improvement.

For the one part is definitely omitted yet is the documentation for the
"asymmetric" key type, which should be a part of keyrings.7, I think.

Thanks for all the feedback regarding the original version, I've tried to
incorporate it in this version of the patchset.

Changes since v1:
 * Added additional information about causes of EAGAIN, ENOENT, and
   ETIMEDOUT for the KEYCTL_DH_COMPUTE operation.
 * Information about internal limit on hashname moved to the description
   of yet another cause of EINVAL for the KEYCTL_DH_COMPUTE.
 * The description of possible restriction specification for asymmetric
   key type has been corrected.
 * Added information about causes of ENOENT and EOPNOTSUPP for the
   KEYCTL_RESTRICT_KEYRING operation.
 * Added wildcard mention of the ENOMEM error code.

Eugene Syromyatnikov (6):
  keyctl.2: change "is" to "was" in error descriptions
  keyctl.2: update kernel documentation path reference
  keyrings.7: add pointers to kernel's documentation
  keyctl.2: document the ability to provide KDF parameters in
    KEYCTL_DH_COMPUTE
  keyctl.2: document KEYCTL_RESTRICT_KEYRING operation
  keyctl.2: mention ENOMEM in ERRORS

 man2/keyctl.2   | 289 +++++++++++++++++++++++++++++++++++++++++++++++++++++---
 man7/keyrings.7 |   5 +
 2 files changed, 282 insertions(+), 12 deletions(-)

-- 
2.1.4

--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH v2 0/6] keyctl.2 updates

[Michael Kerrisk (man-pages)]

Hi Eugene,

On 09/02/2017 06:39 AM, Eugene Syromyatnikov wrote:
> Hello.
> 
> While trying to add support for the new keyctl features (ability to
> provide KDF and ability to restrict addition to the keyring) decoding
> to strace, I've noticed that these are not documented, so here is
> my initial attempt to document these things. Unfortunately, keys/crypto
> infrastructure is quite foreign to me, so these patches definitely need
> some improvement.

I've applied the all patches. If someone has further improvements,
hopefully they send comments/fixes.

> For the one part is definitely omitted yet is the documentation for the
> "asymmetric" key type, which should be a part of keyrings.7, I think.

That makes sense. Might you prepare a patch for that?

> Thanks for all the feedback regarding the original version, I've tried to
> incorporate it in this version of the patchset.
> 
> Changes since v1:
>  * Added additional information about causes of EAGAIN, ENOENT, and
>    ETIMEDOUT for the KEYCTL_DH_COMPUTE operation.
>  * Information about internal limit on hashname moved to the description
>    of yet another cause of EINVAL for the KEYCTL_DH_COMPUTE.
>  * The description of possible restriction specification for asymmetric
>    key type has been corrected.
>  * Added information about causes of ENOENT and EOPNOTSUPP for the
>    KEYCTL_RESTRICT_KEYRING operation.
>  * Added wildcard mention of the ENOMEM error code.
> 
> Eugene Syromyatnikov (6):
>   keyctl.2: change "is" to "was" in error descriptions
>   keyctl.2: update kernel documentation path reference
>   keyrings.7: add pointers to kernel's documentation
>   keyctl.2: document the ability to provide KDF parameters in
>     KEYCTL_DH_COMPUTE
>   keyctl.2: document KEYCTL_RESTRICT_KEYRING operation
>   keyctl.2: mention ENOMEM in ERRORS
> 
>  man2/keyctl.2   | 289 +++++++++++++++++++++++++++++++++++++++++++++++++++++---
>  man7/keyrings.7 |   5 +
>  2 files changed, 282 insertions(+), 12 deletions(-)

So, I think everything that you sent has now been applied. Let me know if
I mussed anything.

Cheers,

Michael


-- 
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Linux/UNIX System Programming Training: http://man7.org/training/

Re: [PATCH v2 0/6] keyctl.2 updates

[Michael Kerrisk (man-pages)]

Hi Eugene,

On 09/02/2017 06:39 AM, Eugene Syromyatnikov wrote:
> Hello.
> 
> While trying to add support for the new keyctl features (ability to
> provide KDF and ability to restrict addition to the keyring) decoding
> to strace, I've noticed that these are not documented, so here is
> my initial attempt to document these things. Unfortunately, keys/crypto
> infrastructure is quite foreign to me, so these patches definitely need
> some improvement.

I've applied the all patches. If someone has further improvements,
hopefully they send comments/fixes.

> For the one part is definitely omitted yet is the documentation for the
> "asymmetric" key type, which should be a part of keyrings.7, I think.

That makes sense. Might you prepare a patch for that?

> Thanks for all the feedback regarding the original version, I've tried to
> incorporate it in this version of the patchset.
> 
> Changes since v1:
>  * Added additional information about causes of EAGAIN, ENOENT, and
>    ETIMEDOUT for the KEYCTL_DH_COMPUTE operation.
>  * Information about internal limit on hashname moved to the description
>    of yet another cause of EINVAL for the KEYCTL_DH_COMPUTE.
>  * The description of possible restriction specification for asymmetric
>    key type has been corrected.
>  * Added information about causes of ENOENT and EOPNOTSUPP for the
>    KEYCTL_RESTRICT_KEYRING operation.
>  * Added wildcard mention of the ENOMEM error code.
> 
> Eugene Syromyatnikov (6):
>   keyctl.2: change "is" to "was" in error descriptions
>   keyctl.2: update kernel documentation path reference
>   keyrings.7: add pointers to kernel's documentation
>   keyctl.2: document the ability to provide KDF parameters in
>     KEYCTL_DH_COMPUTE
>   keyctl.2: document KEYCTL_RESTRICT_KEYRING operation
>   keyctl.2: mention ENOMEM in ERRORS
> 
>  man2/keyctl.2   | 289 +++++++++++++++++++++++++++++++++++++++++++++++++++++---
>  man7/keyrings.7 |   5 +
>  2 files changed, 282 insertions(+), 12 deletions(-)

So, I think everything that you sent has now been applied. Let me know if
I mussed anything.

Cheers,

Michael


-- 
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Linux/UNIX System Programming Training: http://man7.org/training/
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH v2 0/6] keyctl.2 updates

[Eugene Syromyatnikov]

On Sun, Sep 3, 2017 at 1:31 PM, Michael Kerrisk (man-pages)
<mtk.manpages@gmail.com> wrote:
> Hi Eugene,
>
> On 09/02/2017 06:39 AM, Eugene Syromyatnikov wrote:
>> Hello.
>>
>> While trying to add support for the new keyctl features (ability to
>> provide KDF and ability to restrict addition to the keyring) decoding
>> to strace, I've noticed that these are not documented, so here is
>> my initial attempt to document these things. Unfortunately, keys/crypto
>> infrastructure is quite foreign to me, so these patches definitely need
>> some improvement.
>
> I've applied the all patches. If someone has further improvements,
> hopefully they send comments/fixes.
>
>> For the one part is definitely omitted yet is the documentation for the
>> "asymmetric" key type, which should be a part of keyrings.7, I think.
>
> That makes sense. Might you prepare a patch for that?

Yes, I'm working on it, but it's not ready yet.

>> Thanks for all the feedback regarding the original version, I've tried to
>> incorporate it in this version of the patchset.
>>
>> Changes since v1:
>>  * Added additional information about causes of EAGAIN, ENOENT, and
>>    ETIMEDOUT for the KEYCTL_DH_COMPUTE operation.
>>  * Information about internal limit on hashname moved to the description
>>    of yet another cause of EINVAL for the KEYCTL_DH_COMPUTE.
>>  * The description of possible restriction specification for asymmetric
>>    key type has been corrected.
>>  * Added information about causes of ENOENT and EOPNOTSUPP for the
>>    KEYCTL_RESTRICT_KEYRING operation.
>>  * Added wildcard mention of the ENOMEM error code.
>>
>> Eugene Syromyatnikov (6):
>>   keyctl.2: change "is" to "was" in error descriptions
>>   keyctl.2: update kernel documentation path reference
>>   keyrings.7: add pointers to kernel's documentation
>>   keyctl.2: document the ability to provide KDF parameters in
>>     KEYCTL_DH_COMPUTE
>>   keyctl.2: document KEYCTL_RESTRICT_KEYRING operation
>>   keyctl.2: mention ENOMEM in ERRORS
>>
>>  man2/keyctl.2   | 289 +++++++++++++++++++++++++++++++++++++++++++++++++++++---
>>  man7/keyrings.7 |   5 +
>>  2 files changed, 282 insertions(+), 12 deletions(-)
>
> So, I think everything that you sent has now been applied. Let me know if
> I mussed anything.

Everything looks fine, thanks.

-- 
Eugene Syromyatnikov
mailto:evgsyr@gmail.com
xmpp:esyr@jabber.{ru|org}

Re: [PATCH v2 0/6] keyctl.2 updates

[Eugene Syromyatnikov]

On Sun, Sep 3, 2017 at 1:31 PM, Michael Kerrisk (man-pages)
<mtk.manpages-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
> Hi Eugene,
>
> On 09/02/2017 06:39 AM, Eugene Syromyatnikov wrote:
>> Hello.
>>
>> While trying to add support for the new keyctl features (ability to
>> provide KDF and ability to restrict addition to the keyring) decoding
>> to strace, I've noticed that these are not documented, so here is
>> my initial attempt to document these things. Unfortunately, keys/crypto
>> infrastructure is quite foreign to me, so these patches definitely need
>> some improvement.
>
> I've applied the all patches. If someone has further improvements,
> hopefully they send comments/fixes.
>
>> For the one part is definitely omitted yet is the documentation for the
>> "asymmetric" key type, which should be a part of keyrings.7, I think.
>
> That makes sense. Might you prepare a patch for that?

Yes, I'm working on it, but it's not ready yet.

>> Thanks for all the feedback regarding the original version, I've tried to
>> incorporate it in this version of the patchset.
>>
>> Changes since v1:
>>  * Added additional information about causes of EAGAIN, ENOENT, and
>>    ETIMEDOUT for the KEYCTL_DH_COMPUTE operation.
>>  * Information about internal limit on hashname moved to the description
>>    of yet another cause of EINVAL for the KEYCTL_DH_COMPUTE.
>>  * The description of possible restriction specification for asymmetric
>>    key type has been corrected.
>>  * Added information about causes of ENOENT and EOPNOTSUPP for the
>>    KEYCTL_RESTRICT_KEYRING operation.
>>  * Added wildcard mention of the ENOMEM error code.
>>
>> Eugene Syromyatnikov (6):
>>   keyctl.2: change "is" to "was" in error descriptions
>>   keyctl.2: update kernel documentation path reference
>>   keyrings.7: add pointers to kernel's documentation
>>   keyctl.2: document the ability to provide KDF parameters in
>>     KEYCTL_DH_COMPUTE
>>   keyctl.2: document KEYCTL_RESTRICT_KEYRING operation
>>   keyctl.2: mention ENOMEM in ERRORS
>>
>>  man2/keyctl.2   | 289 +++++++++++++++++++++++++++++++++++++++++++++++++++++---
>>  man7/keyrings.7 |   5 +
>>  2 files changed, 282 insertions(+), 12 deletions(-)
>
> So, I think everything that you sent has now been applied. Let me know if
> I mussed anything.

Everything looks fine, thanks.

-- 
Eugene Syromyatnikov
mailto:evgsyr-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org
xmpp:esyr@jabber.{ru|org}
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html