KEYCTL_SEARCH


Recursively searches the keyring for a key of the specified type and description. If found, the key will be attached to the destination keyring (if given), and its serial number will be returned.

Arguments

ecx Keyring serial number. It may be one of the following special values:

KEY_SPEC_THREAD_KEYRING Caller's thread-specific keyring.
KEY_SPEC_PROCESS_KEYRING Caller's process-specific keyring.
KEY_SPEC_SESSION_KEYRING Caller's session-specific keyring.
KEY_SPEC_USER_KEYRING Caller's UID-specific keyring.
KEY_SPEC_USER_SESSION_KEYRING Caller's UID-session keyring.
KEY_SPEC_GROUP_KEYRING Caller's GID-specific keyring.
KEY_SPEC_REQKEY_AUTH_KEY This specifies the authorization key created by request_key() and passed to the process it spawns to generate a key. If a valid keyring ID is passed in, then this will simply be returned if the key exists; an error will be issued if it doesn't exist.

The source keyring must grant search permission to the caller. Child keyrings will be only be recursively searched if they grant search permission to the caller as well.
edx Pointer to a null terminated string containing the type.
esi Pointer to a null terminated string containing the description.
edi Destination keyring serial. It may be 0, then no attempt will be made to forge a link to the key, and just the serial number will be returned.
If the destination keyring is given, then the link may only be formed if the found key grants the caller link permission and the destination keyring grants the caller write permission.
If the search is successful, and if the destination keyring already contains a link to a key that matches the specified type and description, then that link will be replaced by a link to the found key.

Return values

If the system call succeeds the return value is key ID.
If the system call fails the return value is one of the following errno values:

-ENOKEY No matching key was found.
-EKEYEXPIRED The keyring specified has expired.
-EKEYREVOKED The keyring specified had been revoked.
-ENOTDIR One of the keyrings is a valid key that isn't a keyring.
-EACCES The source keyring didn't grant search permission, the destination keyring didn't grant write permission or the found key didn't grant link permission to the caller.
-ENOMEM Insufficient memory to expand the destination keyring.
-EDQUOT The key quota for this user would be exceeded by creating a link to the found key in the destination keyring.

Remarks

n/a