MCPcopy
hub / github.com/google/gvisor / joinNewSessionKeyringLocked

Method joinNewSessionKeyringLocked

pkg/sentry/kernel/task_key.go:46–60  ·  view source on GitHub ↗

joinNewSessionKeyringLocked creates a new session keyring with the given description, and joins it immediately. Preconditions: t.mu is held. +checklocks:t.mu

(newKeyDesc string, newKeyPerms auth.KeyPermissions)

Source from the content-addressed store, hash-verified

44//
45// +checklocks:t.mu
46func (t *Task) joinNewSessionKeyringLocked(newKeyDesc string, newKeyPerms auth.KeyPermissions) (*auth.Key, error) {
47 var sessionKeyring *auth.Key
48 err := t.UserNamespace().Keys.Do(func(keySet *auth.LockedKeySet) error {
49 creds := t.Credentials()
50 var err error
51 sessionKeyring, err = keySet.Add(newKeyDesc, creds, newKeyPerms, int(t.Kernel().MaxKeySetSize.Load()))
52 return err
53 })
54 if err != nil {
55 return nil, err
56 }
57 t.Debugf("Joining newly-created session keyring with ID %d, permissions %v", sessionKeyring.ID, newKeyPerms)
58 t.sessionKeyring = sessionKeyring
59 return sessionKeyring, nil
60}
61
62// JoinSessionKeyring causes the task to join a keyring with the given
63// key description (not ID).

Callers 2

SessionKeyringMethod · 0.95
JoinSessionKeyringMethod · 0.95

Calls 7

UserNamespaceMethod · 0.95
CredentialsMethod · 0.95
KernelMethod · 0.95
DebugfMethod · 0.95
DoMethod · 0.65
AddMethod · 0.65
LoadMethod · 0.65

Tested by

no test coverage detected