The process keyring is a keyring used to anchor keys on behalf of a
process. It is only created when a process requests it.
A special serial number value, KEY_SPEC_PROCESS_KEYRING, is defined
that can be used in lieu of the calling process's process keyring's
actual serial number.
From the keyctl utility, '@p' can be used instead of a numeric key ID
in much the same way, but as keyctl is a program run after forking,
this is of no utility.
A process's process keyring is inherited across clone() with
CLONE_THREAD and is cleared by execve(). The process keyring will be
destroyed when the last thread that refers to it exits.
If a process doesn't have a process keyring when it is accessed, then
the process keyring will be created if the keyring is to be modified,
otherwise error ENOKEY will be issued.
Linux 19 Feb 2014 PROCESS-KEYRING(7)
Man Pages Copyright Respective Owners. Site Copyright (C) 1994 - 2019
All Rights Reserved.