Provided by: libkeyutils-dev_1.6.3-3build1_amd64 bug

NAME
       keyctl_capabilities - Query subsystem capabilities


SYNOPSIS
       #include <keyutils.h>

       long keyctl_capabilities(unsigned char *buffer, size_t buflen);


DESCRIPTION
       keyctl_capabilities()  queries  the  keyrings  subsystem  in the kernel to ask about its capabilities and
       fills in the array in the buffer with bits that indicate the presence or absence of specific features  in
       the keyrings subsystem.

       The  function  returns  the amount of data the kernel has available, irrespective of the amount of buffer
       space available.  If the buffer is shorter than the data, a short copy will be made;  if  the  buffer  is
       larger than the data, the excess space will be cleared.

       If this operation is not available in the kernel, the keyutils library will emulate it as best it can and
       the capability bit that indicates if the kernel operation is available will be cleared.

       In buffer[0], the following capabilities exist:

       KEYCTL_CAPS0_CAPABILITIES
              This is set if the kernel supports this operation and cleared otherwise.  If it  is  cleared,  the
              rest of the flags are emulated.

       KEYCTL_CAPS0_PERSISTENT_KEYRINGS
              This   is   set   if   the  kernel  supports  persistent  keyrings  and  cleared  otherwise.   See
              keyctl_get_persistent(3).

       KEYCTL_CAPS0_DIFFIE_HELLMAN
              This is set if  the  kernel  supports  Diffie-Hellman  calculation  and  cleared  otherwise.   See
              keyctl_dh_compute(3).

       KEYCTL_CAPS0_PUBLIC_KEY
              This   is   set  if  the  kernel  supports  public-key  operations  and  cleared  otherwise.   See
              keyctl_pkey_query(3).

       KEYCTL_CAPS0_BIG_KEY
              This is set if the kernel supports the big_key key type and cleared otherwise.

       KEYCTL_CAPS0_INVALIDATE
              This  is  set  if  the  kernel   supports   key   invalidation   and   cleared   otherwise.    See
              keyctl_invalidate(3).

       KEYCTL_CAPS0_RESTRICT_KEYRING
              This  is  set  if  the  kernel  supports  restrictions  on  keyrings  and  cleared otherwise.  See
              keyctl_restrict_keyring(3).

       KEYCTL_CAPS0_MOVE
              This is  set  if  the  kernel  supports  the  move  key  operation  and  cleared  otherwise.   See
              keyctl_move(3).

       In buffer[1], the following capabilities exist:

       KEYCTL_CAPS1_NS_KEYRING_NAME
              This is set if the keyring names are segregated according to the user-namespace in which a keyring
              is created.

       KEYCTL_CAPS1_NS_KEY_TAG
              This is set if a key or keyring may get tagged with a namespace, thereby  allowing  multiple  keys
              with  the  same  type  and  description,  but different namespace tags, to coexist within the same
              keyring.  Tagging may be automatic depending on the key type.  Only network-namespace  tagging  is
              currently used.


RETURN VALUE
       On  success keyctl_capabilities() returns the size of the data it has available, irrespective of the size
       of the buffer.  On error, the value -1 will be returned and errno will have been set  to  an  appropriate
       error.


ERRORS
       EFAULT The buffer cannot be written to.


LINKING
       This  is  a  library  function  that  can  be  found  in libkeyutils.  When linking, -lkeyutils should be
       specified to the linker.


SEE ALSO
       keyctl(1), add_key(2), keyctl(2), request_key(2), keyctl(3), keyrings(7), keyutils(7)