2 .\" Copyright (C) 2010 Red Hat, Inc. All Rights Reserved.
3 .\" Written by David Howells (dhowells@redhat.com)
5 .\" This program is free software; you can redistribute it and/or
6 .\" modify it under the terms of the GNU General Public License
7 .\" as published by the Free Software Foundation; either version
8 .\" 2 of the License, or (at your option) any later version.
10 .TH KEYCTL_GET_SECURITY 3 "26 Feb 2010" Linux "Linux Key Management Calls"
11 .\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
13 keyctl_get_security \- Retrieve a key's security context
14 .\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
17 .B #include <keyutils.h>
19 .BI "long keyctl_get_security(key_serial_t " key ", char *" buffer ,
20 .BI "size_t " buflen ");"
22 .BI "long keyctl_get_security_alloc(key_serial_t " key ", char **" _buffer ");"
23 .\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
25 .BR keyctl_get_security ()
26 retrieves the security context of a key as a NUL-terminated string. This will
27 be rendered in a form appropriate to the LSM in force - for instance, with
28 SELinux, it may look like
30 .B "unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023"
34 permission on a key to be able to get its security context.
39 specify the buffer into which the string will be placed. If the buffer is too
40 small, the full size of the string will be returned, and no copy will take
43 .BR keyctl_get_security_alloc ()
45 .BR keyctl_get_security ()
46 except that it allocates a buffer big enough to hold the string and copies the
47 string into it. If successful, A pointer to the buffer is placed in
49 The caller must free the buffer.
50 .\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
53 .BR keyctl_get_security ()
54 returns the amount of data placed into the buffer. If the buffer was too
55 small, then the size of buffer required will be returned, but no data will be
56 transferred. On error, the value
58 will be returned and errno will have been set to an appropriate error.
61 .BR keyctl_get_security_alloc ()
62 returns the amount of data in the buffer, less the NUL terminator. On error, the value
64 will be returned and errno will have been set to an appropriate error.
65 .\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
69 The key specified is invalid.
72 The key specified has expired.
75 The key specified had been revoked.
78 The key exists, but is not
80 by the calling process.
81 .\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
83 This is a library function that can be found in
87 should be specified to the linker.
88 .\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""