возможности подсистемы запросов (Query subsystem capabilities)
Имя (Name)
keyctl_capabilities - Query subsystem capabilities
Синопсис (Synopsis)
#include <keyutils.h>
long keyctl_capabilities(unsigned char *buffer, size_t buflen);
Описание (Description)
keyctl_capabilities() queries the keyrings subsystem in the
kernel to ask about its capabilities and fills in the array in
the buffer with bits that indicate the presence or absence of
specific features in the keyrings subsystem.
The function returns the amount of data the kernel has available,
irrespective of the amount of buffer space available. If the
buffer is shorter than the data, a short copy will be made; if
the buffer is larger than the data, the excess space will be
cleared.
If this operation is not available in the kernel, the keyutils
library will emulate it as best it can and the capability bit
that indicates if the kernel operation is available will be
cleared.
In buffer[0], the following capabilities exist:
KEYCTL_CAPS0_CAPABILITIES
This is set if the kernel supports this operation and
cleared otherwise. If it is cleared, the rest of the
flags are emulated.
KEYCTL_CAPS0_PERSISTENT_KEYRINGS
This is set if the kernel supports persistent keyrings and
cleared otherwise. See keyctl_get_persistent(3).
KEYCTL_CAPS0_DIFFIE_HELLMAN
This is set if the kernel supports Diffie-Hellman
calculation and cleared otherwise. See
keyctl_dh_compute(3).
KEYCTL_CAPS0_PUBLIC_KEY
This is set if the kernel supports public-key operations
and cleared otherwise. See keyctl_pkey_query(3).
KEYCTL_CAPS0_BIG_KEY
This is set if the kernel supports the big_key key type
and cleared otherwise.
KEYCTL_CAPS0_INVALIDATE
This is set if the kernel supports key invalidation and
cleared otherwise. See keyctl_invalidate(3).
KEYCTL_CAPS0_RESTRICT_KEYRING
This is set if the kernel supports restrictions on
keyrings and cleared otherwise. See
keyctl_restrict_keyring(3).
KEYCTL_CAPS0_MOVE
This is set if the kernel supports the move key operation
and cleared otherwise. See keyctl_move(3).
In buffer[1], the following capabilities exist:
KEYCTL_CAPS1_NS_KEYRING_NAME
This is set if the keyring names are segregated according
to the user-namespace in which a keyring is created.
KEYCTL_CAPS1_NS_KEY_TAG
This is set if a key or keyring may get tagged with a
namespace, thereby allowing multiple keys with the same
type and description, but different namespace tags, to
coexist within the same keyring. Tagging may be automatic
depending on the key type. Only network-namespace tagging
is currently used.
Возвращаемое значение (Return value)
On success keyctl_capabilities() returns the size of the data it
has available, irrespective of the size of the buffer. On error,
the value -1 will be returned and errno will have been set to an
appropriate error.
Ошибки (Error)
EFAULT The buffer cannot be written to.
Ссылки (Linking)
This is a library function that can be found in libkeyutils.
When linking, -lkeyutils should be specified to the linker.
Смотри также (See also)
keyctl(1), add_key(2), keyctl(2), request_key(2), keyctl(3),
keyrings(7), keyutils(7)
