aboutsummaryrefslogtreecommitdiff
path: root/Documentation/security/keys.txt
diff options
context:
space:
mode:
Diffstat (limited to 'Documentation/security/keys.txt')
-rw-r--r--Documentation/security/keys.txt4
1 files changed, 4 insertions, 0 deletions
diff --git a/Documentation/security/keys.txt b/Documentation/security/keys.txt
index fcbe7a70340..78771709142 100644
--- a/Documentation/security/keys.txt
+++ b/Documentation/security/keys.txt
@@ -554,6 +554,10 @@ The keyctl syscall functions are:
process must have write permission on the keyring, and it must be a
keyring (or else error ENOTDIR will result).
+ This function can also be used to clear special kernel keyrings if they
+ are appropriately marked if the user has CAP_SYS_ADMIN capability. The
+ DNS resolver cache keyring is an example of this.
+
(*) Link a key into a keyring: