.\"
.\" Copyright (C) 2014 Red Hat, Inc. All Rights Reserved.
.\" Written by David Howells (dhowells@redhat.com)
.\"
.\" This program is free software; you can redistribute it and/or
.\" modify it under the terms of the GNU General Public Licence
.\" as published by the Free Software Foundation; either version
.\" 2 of the Licence, or (at your option) any later version.
.\"
.TH "PROCESS-KEYRING" 7 "19 Feb 2014" Linux "Kernel key management"
.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
.SH NAME
process-keyring \- Per-process shared keyring
.SH DESCRIPTION
The
.B process keyring
is a keyring used to anchor keys on behalf of a process.  It is only created
when a process requests it.
.P
A special serial number value, \fBKEY_SPEC_PROCESS_KEYRING\fP, is defined that
can be used in lieu of the calling process's process keyring's actual serial
number.
.P
From the keyctl utility, '\fB@p\fP' can be used instead of a numeric key ID in
much the same way, but as keyctl is a program run after forking, this is of no
utility.
.P
A process's process keyring is inherited across clone() with CLONE_THREAD and
is cleared by execve().  The process keyring will be destroyed when the last
thread that refers to it exits.
.P
If a process doesn't have a process keyring when it is accessed, then the
process keyring will be created if the keyring is to be modified, otherwise
error ENOKEY will be issued.
.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
.SH SEE ALSO
.BR keyctl (1),
.br
.BR keyctl (3),
.br
.BR keyrings (7),
.br
.BR thread-keyring (7),
.br
.BR process-keyring (7),
.br
.BR session-keyring (7),
.br
.BR user-keyring (7),
.br
.BR user-session-keyring (7),
.br
.BR persistent-keyring (7)