mathstuf
diff --git a/‎.cirrus.yml
+1-1 b/‎.cirrus.yml
+1-1
diff --git a/‎Cargo.toml
+2-2 b/‎Cargo.toml
+2-2
diff --git a/‎libkeyutils-sys/Cargo.toml renamed to ‎keyutils-raw/Cargo.toml
+3-3 b/‎libkeyutils-sys/Cargo.toml renamed to ‎keyutils-raw/Cargo.toml
+3-3
diff --git a/‎libkeyutils-sys/build.rs renamed to ‎keyutils-raw/build.rs b/‎libkeyutils-sys/build.rs renamed to ‎keyutils-raw/build.rs
diff --git a/‎keyutils-raw/src/constants.rs
+76 b/‎keyutils-raw/src/constants.rs
+76
diff --git a/‎libkeyutils-sys/src/functions.rs renamed to ‎keyutils-raw/src/functions.rs
+42-39 b/‎libkeyutils-sys/src/functions.rs renamed to ‎keyutils-raw/src/functions.rs
+42-39
diff --git a/‎libkeyutils-sys/src/lib.rs renamed to ‎keyutils-raw/src/lib.rs b/‎libkeyutils-sys/src/lib.rs renamed to ‎keyutils-raw/src/lib.rs
diff --git a/‎keyutils-raw/src/types.rs
+93 b/‎keyutils-raw/src/types.rs
+93
@@ -19,7 +19,7 @@ rustfmt_task:
 linux_task:
     matrix:
     - container:
-        image: rust:1.32.0
+        image: rust:1.34.0
     - container:
         image: rust:latest
     - allow_failures: true
 
@@ -11,12 +11,12 @@ readme = "README.md"
 edition = "2018"
 
 [workspace]
-members = ["libkeyutils-sys"]
+members = ["keyutils-raw"]
 
 [dependencies]
 bitflags = "1.0.4"
 errno = "0.2"
-libkeyutils-sys = { path = "libkeyutils-sys" }
+keyutils-raw = { path = "keyutils-raw" }
 log = "0.4.4"
 
 libc = "0.2"
@@ -1,9 +1,9 @@
 [package]
-name = "libkeyutils-sys"
-version = "0.3.1"
+name = "keyutils-raw"
+version = "0.4.0"
 authors = ["Ben Boeckel <[email protected]>"]
 license = "BSD-3-Clause"
-description = "FFI bindings to libkeyutils."
+description = "Raw bindings to Linux keyring syscalls"
 repository = "https://github.com/mathstuf/rust-keyutils.git"
 homepage = "https://github.com/mathstuf/rust-keyutils"
 keywords = ["keyutils"]
 
@@ -0,0 +1,76 @@
+// Copyright (c) 2018, Ben Boeckel
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification,
+// are permitted provided that the following conditions are met:
+//
+//     * Redistributions of source code must retain the above copyright notice,
+//       this list of conditions and the following disclaimer.
+//     * Redistributions in binary form must reproduce the above copyright notice,
+//       this list of conditions and the following disclaimer in the documentation
+//       and/or other materials provided with the distribution.
+//     * Neither the name of this project nor the names of its contributors
+//       may be used to endorse or promote products derived from this software
+//       without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+// ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+// Ignore rustfmt changes in here. The horizontal alignment is too useful to give up.
+#![cfg_attr(rustfmt, rustfmt_skip)]
+
+use crate::{KeyPermissions, KeyringSerial};
+
+// TODO: change these to &CStr when const fns get unblocked.
+pub const KEY_TYPE_KEYRING:                 &str = "keyring";
+pub const KEY_TYPE_USER:                    &str = "user";
+pub const KEY_TYPE_LOGON:                   &str = "logon";
+pub const KEY_TYPE_BIG_KEY:                 &str = "big_key";
+
+pub const KEY_SPEC_THREAD_KEYRING:          KeyringSerial = unsafe { KeyringSerial::new_unchecked(-1) };
+pub const KEY_SPEC_PROCESS_KEYRING:         KeyringSerial = unsafe { KeyringSerial::new_unchecked(-2) };
+pub const KEY_SPEC_SESSION_KEYRING:         KeyringSerial = unsafe { KeyringSerial::new_unchecked(-3) };
+pub const KEY_SPEC_USER_KEYRING:            KeyringSerial = unsafe { KeyringSerial::new_unchecked(-4) };
+pub const KEY_SPEC_USER_SESSION_KEYRING:    KeyringSerial = unsafe { KeyringSerial::new_unchecked(-5) };
+pub const KEY_SPEC_GROUP_KEYRING:           KeyringSerial = unsafe { KeyringSerial::new_unchecked(-6) };
+pub const KEY_SPEC_REQKEY_AUTH_KEY:         KeyringSerial = unsafe { KeyringSerial::new_unchecked(-7) };
+
+pub const KEY_POS_VIEW:    KeyPermissions = 0x0100_0000;     /* possessor can view a key's attributes */
+pub const KEY_POS_READ:    KeyPermissions = 0x0200_0000;     /* possessor can read key payload / view keyring */
+pub const KEY_POS_WRITE:   KeyPermissions = 0x0400_0000;     /* possessor can update key payload / add link to keyring */
+pub const KEY_POS_SEARCH:  KeyPermissions = 0x0800_0000;     /* possessor can find a key in search / search a keyring */
+pub const KEY_POS_LINK:    KeyPermissions = 0x1000_0000;     /* possessor can create a link to a key/keyring */
+pub const KEY_POS_SETATTR: KeyPermissions = 0x2000_0000;     /* possessor can set key attributes */
+pub const KEY_POS_ALL:     KeyPermissions = 0x3f00_0000;
+
+pub const KEY_USR_VIEW:    KeyPermissions = 0x0001_0000;     /* user permissions... */
+pub const KEY_USR_READ:    KeyPermissions = 0x0002_0000;
+pub const KEY_USR_WRITE:   KeyPermissions = 0x0004_0000;
+pub const KEY_USR_SEARCH:  KeyPermissions = 0x0008_0000;
+pub const KEY_USR_LINK:    KeyPermissions = 0x0010_0000;
+pub const KEY_USR_SETATTR: KeyPermissions = 0x0020_0000;
+pub const KEY_USR_ALL:     KeyPermissions = 0x003f_0000;
+
+pub const KEY_GRP_VIEW:    KeyPermissions = 0x0000_0100;     /* group permissions... */
+pub const KEY_GRP_READ:    KeyPermissions = 0x0000_0200;
+pub const KEY_GRP_WRITE:   KeyPermissions = 0x0000_0400;
+pub const KEY_GRP_SEARCH:  KeyPermissions = 0x0000_0800;
+pub const KEY_GRP_LINK:    KeyPermissions = 0x0000_1000;
+pub const KEY_GRP_SETATTR: KeyPermissions = 0x0000_2000;
+pub const KEY_GRP_ALL:     KeyPermissions = 0x0000_3f00;
+
+pub const KEY_OTH_VIEW:    KeyPermissions = 0x0000_0001;     /* third party permissions... */
+pub const KEY_OTH_READ:    KeyPermissions = 0x0000_0002;
+pub const KEY_OTH_WRITE:   KeyPermissions = 0x0000_0004;
+pub const KEY_OTH_SEARCH:  KeyPermissions = 0x0000_0008;
+pub const KEY_OTH_LINK:    KeyPermissions = 0x0000_0010;
+pub const KEY_OTH_SETATTR: KeyPermissions = 0x0000_0020;
+pub const KEY_OTH_ALL:     KeyPermissions = 0x0000_003f;
@@ -24,7 +24,10 @@
 // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 // SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
-use crate::types::{key_perm_t, key_serial_t};
+use crate::{KeyPermissions, KeyringSerial, TimeoutSeconds};
+
+// Remove when rust-lang/rust#60300 is in stable
+#[allow(improper_ctypes)]
 
 #[rustfmt::skip]
 extern "C" {
@@ -33,111 +36,111 @@ extern "C" {
         description:    *const libc::c_char,
         payload:        *const libc::c_void,
         plen:           libc::size_t,
-        keyring:        key_serial_t)
-        -> key_serial_t;
+        keyring:        KeyringSerial)
+        -> KeyringSerial;
     pub fn request_key(
         type_:          *const libc::c_char,
         description:    *const libc::c_char,
         callout_info:   *const libc::c_char,
-        keyring:        key_serial_t)
-        -> key_serial_t;
+        keyring:        Option<KeyringSerial>)
+        -> KeyringSerial;
 
     pub fn keyctl_get_keyring_ID(
-        id:     key_serial_t,
+        id:     KeyringSerial,
         create: libc::c_int)
-        -> key_serial_t;
+        -> KeyringSerial;
     pub fn keyctl_join_session_keyring(
         name:   *const libc::c_char)
-        -> key_serial_t;
+        -> KeyringSerial;
     pub fn keyctl_update(
-        id:         key_serial_t,
+        id:         KeyringSerial,
         payload:    *const libc::c_void,
         plen:       libc::size_t)
         -> libc::c_long;
     pub fn keyctl_revoke(
-        id: key_serial_t)
+        id: KeyringSerial)
         -> libc::c_long;
     pub fn keyctl_chown(
-        id:     key_serial_t,
+        id:     KeyringSerial,
         uid:    libc::uid_t,
         gid:    libc::gid_t)
         -> libc::c_long;
     pub fn keyctl_setperm(
-        id:     key_serial_t,
-        perm:   key_perm_t)
+        id:     KeyringSerial,
+        perm:   KeyPermissions)
         -> libc::c_long;
     pub fn keyctl_describe(
-        id:     key_serial_t,
+        id:     KeyringSerial,
         buffer: *mut libc::c_char,
         buflen: libc::size_t)
         -> libc::c_long;
     pub fn keyctl_clear(
-        ringid: key_serial_t)
+        ringid: KeyringSerial)
         -> libc::c_long;
     pub fn keyctl_link(
-        id:     key_serial_t,
-        ringid: key_serial_t)
+        id:     KeyringSerial,
+        ringid: KeyringSerial)
         -> libc::c_long;
     pub fn keyctl_unlink(
-        id:     key_serial_t,
-        ringid: key_serial_t)
+        id:     KeyringSerial,
+        ringid: KeyringSerial)
         -> libc::c_long;
     pub fn keyctl_search(
-        ringid:         key_serial_t,
+        ringid:         KeyringSerial,
         type_:          *const libc::c_char,
         description:    *const libc::c_char,
-        destringid:     key_serial_t)
+        destringid:     KeyringSerial)
         -> libc::c_long;
     pub fn keyctl_read(
-        id:     key_serial_t,
+        id:     KeyringSerial,
         buffer: *mut libc::c_char,
         buflen: libc::size_t)
         -> libc::c_long;
     pub fn keyctl_instantiate(
-        id:         key_serial_t,
+        id:         KeyringSerial,
         payload:    *const libc::c_void,
         plen:       libc::size_t,
-        ringid:     key_serial_t)
+        ringid:     KeyringSerial)
         -> libc::c_long;
     pub fn keyctl_negate(
-        id:         key_serial_t,
-        timeout:    libc::c_uint,
-        ringid:     key_serial_t)
+        id:         KeyringSerial,
+        timeout:    TimeoutSeconds,
+        ringid:     KeyringSerial)
         -> libc::c_long;
     pub fn keyctl_set_reqkey_keyring(
         reqkey_defl:    libc::c_int)
         -> libc::c_long;
     pub fn keyctl_set_timeout(
-        key:        key_serial_t,
-        timeout:    libc::c_uint)
+        key:        KeyringSerial,
+        timeout:    TimeoutSeconds)
         -> libc::c_long;
     pub fn keyctl_assume_authority(
-        key:    key_serial_t)
+        key:    Option<KeyringSerial>)
         -> libc::c_long;
     pub fn keyctl_get_security(
-        key:    key_serial_t,
+        key:    KeyringSerial,
         buffer: *mut libc::c_char,
         buflen: libc::size_t)
         -> libc::c_long;
     //pub fn keyctl_session_to_parent()
     //    -> libc::c_long;
     pub fn keyctl_reject(
-        id:         key_serial_t,
-        timeout:    libc::c_uint,
+        id:         KeyringSerial,
+        timeout:    TimeoutSeconds,
         error:      libc::c_uint,
-        ringid:     key_serial_t)
+        ringid:     KeyringSerial)
         -> libc::c_long;
     pub fn keyctl_invalidate(
-        id: key_serial_t)
+        id: KeyringSerial)
         -> libc::c_long;
     pub fn keyctl_get_persistent(
         uid:    libc::uid_t,
-        id:     key_serial_t)
+        id:     KeyringSerial)
         -> libc::c_long;
     pub fn keyctl_dh_compute(
-        private:    key_serial_t,
-        prime:      key_serial_t,
-        base:       key_serial_t,
+        private:    KeyringSerial,
+        prime:      KeyringSerial,
+        base:       KeyringSerial,
         buffer:     *mut libc::c_char,
         buflen:     libc::size_t)
         -> libc::c_long;
 
@@ -0,0 +1,93 @@
+// Copyright (c) 2018, Ben Boeckel
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification,
+// are permitted provided that the following conditions are met:
+//
+//     * Redistributions of source code must retain the above copyright notice,
+//       this list of conditions and the following disclaimer.
+//     * Redistributions in binary form must reproduce the above copyright notice,
+//       this list of conditions and the following disclaimer in the documentation
+//       and/or other materials provided with the distribution.
+//     * Neither the name of this project nor the names of its contributors
+//       may be used to endorse or promote products derived from this software
+//       without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+// ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+use std::convert::TryFrom;
+use std::num::NonZeroI32;
+
+/// Alias for the key_serial_t kernel type, representing a keyring (or key).
+pub type KeyringSerial = NonZeroI32;
+
+/// Alias for the key_perm_t kernel type, representing a keyring's (or key's)
+/// permission bits.
+///
+/// See `Permission`.
+pub type KeyPermissions = u32;
+
+pub type TimeoutSeconds = libc::c_uint;
+
+/// An enumeration for the keyrings which may be set as the default.
+///
+/// Keys which are implicitly required via syscalls and other operations are
+/// placed in the default keyring.
+#[derive(Debug, PartialEq, Eq)]
+pub enum DefaultKeyring {
+    /// Do not change the default keyring.
+    ///
+    /// This may be used to get the current default keyring.
+    NoChange = -1,
+    /// Set the thread-specific keyring as the default.
+    ThreadKeyring = 1,
+    /// Set the process-specific keyring as the default.
+    ProcessKeyring = 2,
+    /// Set the session-specific keyring as the default.
+    SessionKeyring = 3,
+    /// Set the user-specific keyring as the default.
+    UserKeyring = 4,
+    /// Set the user session-specific keyring as the default.
+    UserSessionKeyring = 5,
+    /// Set the user session-specific keyring as the default.
+    GroupKeyring = 6,
+    /// Set the default keyring to the default logic.
+    ///
+    /// Keys will be placed in the first available keyring of:
+    ///
+    ///   - thread-specific
+    ///   - process-specific
+    ///   - session-specific
+    ///   - user-specific
+    DefaultKeyring = 0,
+}
+
+#[derive(Debug, PartialEq, Eq)]
+pub struct UnknownDefault(libc::c_long);
+
+impl TryFrom<libc::c_long> for DefaultKeyring {
+    type Error = UnknownDefault;
+    fn try_from(id: libc::c_long) -> Result<DefaultKeyring, UnknownDefault> {
+        use self::DefaultKeyring::*;
+        match id {
+            x if x == NoChange as libc::c_long => Ok(NoChange),
+            x if x == ThreadKeyring as libc::c_long => Ok(ThreadKeyring),
+            x if x == ProcessKeyring as libc::c_long => Ok(ProcessKeyring),
+            x if x == SessionKeyring as libc::c_long => Ok(SessionKeyring),
+            x if x == UserKeyring as libc::c_long => Ok(UserKeyring),
+            x if x == UserSessionKeyring as libc::c_long => Ok(UserSessionKeyring),
+            x if x == GroupKeyring as libc::c_long => Ok(GroupKeyring),
+            x if x == DefaultKeyring as libc::c_long => Ok(DefaultKeyring),
+            x => Err(UnknownDefault(x)),
+        }
+    }
+}