1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
|
.\" Copyright, the authors of the Linux man-pages project
.\"
.\" SPDX-License-Identifier: Linux-man-pages-copyleft
.\"
.TH KEYCTL_READ 2const (date) "Linux man-pages (unreleased)"
.SH NAME
KEYCTL_READ
\-
read a key
.SH LIBRARY
Standard C library
.RI ( libc ,\~ \-lc )
.SH SYNOPSIS
.nf
.BR "#include <linux/keyctl.h>" " /* Definition of " KEY* " constants */"
.BR "#include <sys/syscall.h>" " /* Definition of " SYS_* " constants */"
.B #include <unistd.h>
.P
.BR "long syscall(" "size_t size;"
.BI " SYS_keyctl, KEYCTL_READ, key_serial_t " key ,
.BI " char " buf "[_Nullable " size "], size_t " size );
.fi
.SH DESCRIPTION
Read the payload data of a key.
.P
The ID of the key whose payload is to be read is specified in
.IR key .
This can be the ID of an existing key,
or any of the special key IDs listed for
.BR KEYCTL_GET_KEYRING_ID (2const).
.\" including KEY_SPEC_REQKEY_AUTH_KEY
.P
The payload is placed in the buffer pointed by
.IR buf ;
the size of that buffer must be specified in
.IR size .
.P
The returned data will be processed for presentation
according to the key type.
For example, a keyring will return an array of
.I key_serial_t
entries representing the IDs of all the keys that are linked to it.
The
.I user
key type will return its data as is.
.P
If
.I buf
is not NULL,
as much of the payload data as will fit is copied into the buffer.
On a successful return,
the return value is always the total size of the payload data.
To determine whether the buffer was of sufficient size,
check to see that the return value is less than or equal to
the value supplied in
.IR size .
.P
The key must either grant the caller
.I read
permission, or grant the caller
.I search
permission when searched for from the process keyrings
(i.e., the key is possessed).
.SH RETURN VALUE
On success,
the amount of data that is available in the key,
irrespective of the provided buffer size.
.P
On error, \-1 is returned, and
.I errno
is set to indicate the error.
.SH ERRORS
.TP
.B EOPNOTSUPP
The key type does not support reading
(e.g., the type is
.IR \[dq]login\[dq] ).
.SH VERSIONS
A wrapper is provided in the
.I libkeyutils
library:
.BR keyctl_read (3).
.SH STANDARDS
Linux.
.SH HISTORY
Linux 2.6.10.
.SH SEE ALSO
.BR keyctl (2),
.BR keyctl_read (3),
.BR keyctl_read_alloc (3)
|