| .\" |
| .\" Copyright (C) 2014 Red Hat, Inc. All Rights Reserved. |
| .\" Written by David Howells (dhowells@redhat.com) |
| .\" |
| .\" This program is free software; you can redistribute it and/or |
| .\" modify it under the terms of the GNU General Public Licence |
| .\" as published by the Free Software Foundation; either version |
| .\" 2 of the Licence, or (at your option) any later version. |
| .\" |
| .TH "THREAD KEYRING" 7 "20 Feb 2014" Linux "Kernel key management" |
| .\""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""" |
| .SH NAME |
| thread_keyring \- Per-thread keyring |
| .SH DESCRIPTION |
| The |
| .B thread keyring |
| is a keyring used to anchor keys on behalf of a process. It is only created |
| when a thread requests it. |
| .P |
| A special serial number value, \fBKEY_SPEC_THREAD_KEYRING\fP, is defined that |
| can be used in lieu of the calling thread's thread keyring's actual serial |
| number. |
| .P |
| From the keyctl utility, '\fB@t\fP' can be used instead of a numeric key ID in |
| much the same way, but as keyctl is a program run after forking, this is of no |
| utility. |
| .P |
| Thread keyrings are not inherited across clone() and are cleared by execve(). |
| A thread keyring is destroyed when the thread that refers to it exits. |
| .P |
| If a thread doesn't have a thread keyring when it is accessed, then the thread |
| keyring will be created if the keyring is to be modified, otherwise error |
| ENOKEY will be issued. |
| .\""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""" |
| .SH SEE ALSO |
| .BR keyctl (1), |
| .br |
| .BR keyctl (3), |
| .br |
| .BR keyrings (7), |
| .br |
| .BR process-keyring (7), |
| .br |
| .BR session-keyring (7), |
| .br |
| .BR user-keyring (7), |
| .br |
| .BR user-session-keyring (7) |
| .br |
| .BR persistent-keyring (7) |