KEYCTL_CAPABILITIES(3) Linux Key Management Calls KEYCTL_CAPABILITIES(3)
keyctl_capabilities - Query subsystem capabilities
#include <keyutils.h> long keyctl_capabilities(unsigned char *buffer, size_t buflen);
keyctl_capabilities() queries the keyrings subsystem in the kernel to ask about its capabilities and fills in the array in the buffer with bits that indicate the presence or absence of specific features in the keyrings subsystem. The function returns the amount of data the kernel has available, irrespective of the amount of buffer space available. If the buffer is shorter than the data, a short copy will be made; if the buffer is larger than the data, the excess space will be cleared. If this operation is not available in the kernel, the keyutils library will emulate it as best it can and the capability bit that indicates if the kernel operation is available will be cleared. In buffer, the following capabilities exist: KEYCTL_CAPS0_CAPABILITIES This is set if the kernel supports this operation and cleared otherwise. If it is cleared, the rest of the flags are emulated. KEYCTL_CAPS0_PERSISTENT_KEYRINGS This is set if the kernel supports persistent keyrings and cleared otherwise. See keyctl_get_persistent(3). KEYCTL_CAPS0_DIFFIE_HELLMAN This is set if the kernel supports Diffie-Hellman calculation and cleared otherwise. See keyctl_dh_compute(3). KEYCTL_CAPS0_PUBLIC_KEY This is set if the kernel supports public-key operations and cleared otherwise. See keyctl_pkey_query(3). KEYCTL_CAPS0_BIG_KEY This is set if the kernel supports the big_key key type and cleared otherwise. KEYCTL_CAPS0_INVALIDATE This is set if the kernel supports key invalidation and cleared otherwise. See keyctl_invalidate(3). KEYCTL_CAPS0_RESTRICT_KEYRING This is set if the kernel supports restrictions on keyrings and cleared otherwise. See keyctl_restrict_keyring(3). KEYCTL_CAPS0_MOVE This is set if the kernel supports the move key operation and cleared otherwise. See keyctl_move(3). In buffer, the following capabilities exist: KEYCTL_CAPS1_NS_KEYRING_NAME This is set if the keyring names are segregated according to the user-namespace in which a keyring is created. KEYCTL_CAPS1_NS_KEY_TAG This is set if a key or keyring may get tagged with a namespace, thereby allowing multiple keys with the same type and description, but different namespace tags, to coexist within the same keyring. Tagging may be automatic depending on the key type. Only network-namespace tagging is currently used.
On success keyctl_capabilities() returns the size of the data it has available, irrespective of the size of the buffer. On error, the value -1 will be returned and errno will have been set to an appropriate error.
EFAULT The buffer cannot be written to.
This is a library function that can be found in libkeyutils. When linking, -lkeyutils should be specified to the linker.
keyctl(1), add_key(2), keyctl(2), request_key(2), keyctl(3), keyrings(7), keyutils(7)
This page is part of the keyutils (key management utilities) project. Information about the project can be found at [unknown -- if you know, please contact firstname.lastname@example.org] If you have a bug report for this manual page, send it to email@example.com. This page was obtained from the project's upstream Git repository ⟨http://git.kernel.org/pub/scm/linux/kernel/git/dhowells/keyutils.git⟩ on 2021-04-01. (At that time, the date of the most recent commit that was found in the repository was 2020-07-07.) If you discover any rendering problems in this HTML version of the page, or you believe there is a better or more up-to-date source for the page, or you have corrections or improvements to the information in this COLOPHON (which is not part of the original manual page), send a mail to firstname.lastname@example.org Linux 30 May 2019 KEYCTL_CAPABILITIES(3)
Pages that refer to this page: keyctl(3)