| .\" Copyright (C) 2014 Red Hat, Inc. All Rights Reserved. |
| .\" Written by David Howells (dhowells@redhat.com) |
| .\" |
| .\" %%%LICENSE_START(GPLv2+_SW_ONEPARA) |
| .\" This program is free software; you can redistribute it and/or |
| .\" modify it under the terms of the GNU General Public License |
| .\" as published by the Free Software Foundation; either version |
| .\" 2 of the License, or (at your option) any later version. |
| .\" %%%LICENSE_END |
| .\" |
| .TH PROCESS-KEYRING 7 2020-08-13 Linux "Linux Programmer's Manual" |
| .SH NAME |
| process-keyring \- per-process shared keyring |
| .SH DESCRIPTION |
| The process keyring is a keyring used to anchor keys on behalf of a process. |
| It is created only when a process requests it. |
| The process keyring has the name (description) |
| .IR _pid . |
| .PP |
| A special serial number value, |
| .BR KEY_SPEC_PROCESS_KEYRING , |
| is defined that can be used in lieu of the actual serial number of |
| the calling process's process keyring. |
| .PP |
| From the |
| .BR keyctl (1) |
| utility, '\fB@p\fP' can be used instead of a numeric key ID in |
| much the same way, but since |
| .BR keyctl (1) |
| is a program run after forking, this is of no utility. |
| .PP |
| A thread created using the |
| .BR clone (2) |
| .B CLONE_THREAD |
| flag has the same process keyring as the caller of |
| .BR clone (2). |
| When a new process is created using |
| .BR fork () |
| it initially has no process keyring. |
| A process's process keyring is cleared on |
| .BR execve (2). |
| The process keyring is destroyed when the last |
| thread that refers to it terminates. |
| .PP |
| If a process doesn't have a process keyring when it is accessed, |
| then the process keyring will be created if the keyring is to be modified; |
| otherwise, the error |
| .B ENOKEY |
| results. |
| .SH SEE ALSO |
| .ad l |
| .nh |
| .BR keyctl (1), |
| .BR keyctl (3), |
| .BR keyrings (7), |
| .BR persistent\-keyring (7), |
| .BR session\-keyring (7), |
| .BR thread\-keyring (7), |
| .BR user\-keyring (7), |
| .BR user\-session\-keyring (7) |