KEYCTL_CAPABILITIES
Section: Linux Key Management Calls (3)
Updated: 30 May 2019
Page Index
NAME
keyctl_capabilities - Query subsystem capabilities
SYNOPSIS
#include <keyutils.h>
long keyctl_capabilities(unsigned char *buffer, size_t buflen);
DESCRIPTION
keyctl_capabilities()
queries the keyrings subsystem in the kernel to ask about its capabilities and
fills in the array in the buffer with bits that indicate the presence or
absence of specific features in the keyrings subsystem.
The function returns the amount of data the kernel has available, irrespective
of the amount of buffer space available. If the buffer is shorter than the
data, a short copy will be made; if the buffer is larger than the data, the
excess space will be cleared.
If this operation is not available in the kernel, the keyutils library will be
emulate it as best it can and the capability bit that indicates if the kernel
operation is available will be cleared.
In
buffer[0],
the following capabilities exist:
- KEYCTL_CAPS0_CAPABILITIES
-
This is set if the kernel supports this operation and cleared otherwise. If
it is cleared, the rest of the flags are emulated.
- KEYCTL_CAPS0_PERSISTENT_KEYRINGS
-
This is set if the kernel supports persistent keyrings and cleared otherwise.
See
keyctl_get_persistent(3).
- KEYCTL_CAPS0_DIFFIE_HELLMAN
-
This is set if the kernel supports Diffie-Hellman calculation and cleared
otherwise. See
keyctl_dh_compute(3).
- KEYCTL_CAPS0_PUBLIC_KEY
-
This is set if the kernel supports public-key operations and cleared
otherwise. See
keyctl_pkey_query(3).
- KEYCTL_CAPS0_BIG_KEY
-
This is set if the kernel supports the big_key key type and cleared otherwise.
- KEYCTL_CAPS0_INVALIDATE
-
This is set if the kernel supports key invalidation and cleared otherwise.
See
keyctl_invalidate(3).
- KEYCTL_CAPS0_RESTRICT_KEYRING
-
This is set if the kernel supports restrictions on keyrings and cleared
otherwise. See
keyctl_restrict_keyring(3).
- KEYCTL_CAPS0_MOVE
-
This is set if the kernel supports the move key operation and cleared
otherwise. See
keyctl_move(3).
RETURN VALUE
On success
keyctl_capabilities()
returns the size of the data it has available, irrespective of the size of the
buffer. On error, the value
-1
will be returned and
errno
will have been set to an appropriate error.
ERRORS
- EFAULT
-
The buffer cannot be written to.
LINKING
This is a library function that can be found in
libkeyutils.
When linking,
-lkeyutils
should be specified to the linker.
SEE ALSO
keyctl(1),
add_key(2),
keyctl(2),
request_key(2),
keyctl(3),
keyrings(7),
keyutils(7)