chore: vendor

vendor/github.com/containers/image/pkg/keyctl/key.go

@@ -0,0 +1,65 @@
+// Copyright 2015 Jesse Sipprell. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build linux
+// +build linux
+
+package keyctl
+
+import (
+	"golang.org/x/sys/unix"
+)
+
+// Key represents a single key linked to one or more kernel keyrings.
+type Key struct {
+	Name string
+
+	id, ring keyID
+	size     int
+}
+
+// ID returns the 32-bit kernel identifier for a specific key
+func (k *Key) ID() int32 {
+	return int32(k.id)
+}
+
+// Get the key's value as a byte slice
+func (k *Key) Get() ([]byte, error) {
+	var (
+		b        []byte
+		err      error
+		sizeRead int
+	)
+
+	if k.size == 0 {
+		k.size = 512
+	}
+
+	size := k.size
+
+	b = make([]byte, int(size))
+	sizeRead = size + 1
+	for sizeRead > size {
+		r1, err := unix.KeyctlBuffer(unix.KEYCTL_READ, int(k.id), b, size)
+		if err != nil {
+			return nil, err
+		}
+
+		if sizeRead = int(r1); sizeRead > size {
+			b = make([]byte, sizeRead)
+			size = sizeRead
+			sizeRead = size + 1
+		} else {
+			k.size = sizeRead
+		}
+	}
+	return b[:k.size], err
+}
+
+// Unlink a key from the keyring it was loaded from (or added to). If the key
+// is not linked to any other keyrings, it is destroyed.
+func (k *Key) Unlink() error {
+	_, err := unix.KeyctlInt(unix.KEYCTL_UNLINK, int(k.id), int(k.ring), 0, 0)
+	return err
+}

vendor/github.com/containers/image/pkg/keyctl/keyring.go

@@ -0,0 +1,80 @@
+// Copyright 2015 Jesse Sipprell. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build linux
+// +build linux
+
+// Package keyctl is a Go interface to linux kernel keyrings (keyctl interface)
+//
+// Deprecated: Most callers should use either golang.org/x/sys/unix directly,
+// or the original (and more extensive) github.com/jsipprell/keyctl .
+package keyctl
+
+import (
+	"golang.org/x/sys/unix"
+)
+
+// Keyring is the basic interface to a linux keyctl keyring.
+type Keyring interface {
+	ID
+	Add(string, []byte) (*Key, error)
+	Search(string) (*Key, error)
+}
+
+type keyring struct {
+	id keyID
+}
+
+// ID is unique 32-bit serial number identifiers for all Keys and Keyrings have.
+type ID interface {
+	ID() int32
+}
+
+// Add a new key to a keyring. The key can be searched for later by name.
+func (kr *keyring) Add(name string, key []byte) (*Key, error) {
+	r, err := unix.AddKey("user", name, key, int(kr.id))
+	if err == nil {
+		key := &Key{Name: name, id: keyID(r), ring: kr.id}
+		return key, nil
+	}
+	return nil, err
+}
+
+// Search for a key by name, this also searches child keyrings linked to this
+// one. The key, if found, is linked to the top keyring that Search() was called
+// from.
+func (kr *keyring) Search(name string) (*Key, error) {
+	id, err := unix.KeyctlSearch(int(kr.id), "user", name, 0)
+	if err == nil {
+		return &Key{Name: name, id: keyID(id), ring: kr.id}, nil
+	}
+	return nil, err
+}
+
+// ID returns the 32-bit kernel identifier of a keyring
+func (kr *keyring) ID() int32 {
+	return int32(kr.id)
+}
+
+// SessionKeyring returns the current login session keyring
+func SessionKeyring() (Keyring, error) {
+	return newKeyring(unix.KEY_SPEC_SESSION_KEYRING)
+}
+
+// UserKeyring  returns the keyring specific to the current user.
+func UserKeyring() (Keyring, error) {
+	return newKeyring(unix.KEY_SPEC_USER_KEYRING)
+}
+
+// Unlink an object from a keyring
+func Unlink(parent Keyring, child ID) error {
+	_, err := unix.KeyctlInt(unix.KEYCTL_UNLINK, int(child.ID()), int(parent.ID()), 0, 0)
+	return err
+}
+
+// Link a key into a keyring
+func Link(parent Keyring, child ID) error {
+	_, err := unix.KeyctlInt(unix.KEYCTL_LINK, int(child.ID()), int(parent.ID()), 0, 0)
+	return err
+}

vendor/github.com/containers/image/pkg/keyctl/perm.go

@@ -0,0 +1,34 @@
+// Copyright 2015 Jesse Sipprell. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build linux
+// +build linux
+
+package keyctl
+
+import (
+	"golang.org/x/sys/unix"
+)
+
+// KeyPerm represents in-kernel access control permission to keys and keyrings
+// as a 32-bit integer broken up into four permission sets, one per byte.
+// In MSB order, the perms are: Processor, User, Group, Other.
+type KeyPerm uint32
+
+const (
+	// PermOtherAll sets all permission for Other
+	PermOtherAll KeyPerm = 0x3f << (8 * iota)
+	// PermGroupAll sets all permission for Group
+	PermGroupAll
+	// PermUserAll sets all permission for User
+	PermUserAll
+	// PermProcessAll sets all permission for Processor
+	PermProcessAll
+)
+
+// SetPerm sets the permissions on a key or keyring.
+func SetPerm(k ID, p KeyPerm) error {
+	err := unix.KeyctlSetperm(int(k.ID()), uint32(p))
+	return err
+}

vendor/github.com/containers/image/pkg/keyctl/sys_linux.go

@@ -0,0 +1,26 @@
+// Copyright 2015 Jesse Sipprell. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build linux
+// +build linux
+
+package keyctl
+
+import (
+	"golang.org/x/sys/unix"
+)
+
+type keyID int32
+
+func newKeyring(id keyID) (*keyring, error) {
+	r1, err := unix.KeyctlGetKeyringID(int(id), true)
+	if err != nil {
+		return nil, err
+	}
+
+	if id < 0 {
+		r1 = int(id)
+	}
+	return &keyring{id: keyID(r1)}, nil
+}