add_key.2: Various fixes after review by David Howells

Reported-by: David Howells <dhowells@redhat.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>

man2/add_key.2

@@ -61,7 +61,8 @@ The destination
 .I keyring
 serial number may be that of a valid keyring for which the caller has
 .I write
-permission, or it may be one of the following special keyring IDs:
+permission.
+Alternatively, it may be one of the following special keyring IDs:
 .\" FIXME Perhaps have a separate page describing special keyring IDs?
 .TP
 .B KEY_SPEC_THREAD_KEYRING
@@ -99,9 +100,9 @@ are the following:
 .I """keyring"""
 Keyrings are special key types that may contain links to sequences of other
 keys of any type.
-If this interface is used to create a keyring, then a NULL
+If this interface is used to create a keyring, then
 .I payload
-should be specified, and
+should be NULL and
 .I plen
 should be zero.
 .TP
@@ -116,7 +117,7 @@ of up to 32,767 bytes.
 .\" commit 9f6ed2ca257fa8650b876377833e6f14e272848b
 This key type is essentially the same as
 .IR """user""" ,
-but it does not provide reading.
+but it does not permit the key to read.
 This is suitable for storing payloads
 that you do not want to be readable from user space.
 
@@ -133,8 +134,8 @@ This key type is similar to
 .IR """user""" ,
 but may hold a payload of up to 1 MiB.
 If the key payload is large enough,
-then it may be stored in tmpfs (which can be swapped out) rather than kernel
-memory.
+then it may be stored encrypted in tmpfs
+(which can be swapped out) rather than kernel memory.
 .PP
 For further details on these key types, see
 .BR keyrings (7).