diff --git a/man2/keyctl.2 b/man2/keyctl.2
index 685f6cd9c..b19c276d9 100644
--- a/man2/keyctl.2
+++ b/man2/keyctl.2
@@ -15,14 +15,14 @@ keyctl \- manipulate the kernel's key management facility
 .nf
 .B #include <keyutils.h>
 .sp
-.BI "long keyctl(int " cmd ", ...)"
+.BI "long keyctl(int " operation ", ...)"
 .sp
 .B "/* For direct call via syscall(2): */"
 .B #include <asm/unistd.h>
 .B #include <linux/keyctl.h>
 .B #include <unistd.h>
 .sp
-.BI "long syscall(__NR_keyctl, int " option ", __kernel_ulong_t " arg2 ,
+.BI "long syscall(__NR_keyctl, int " operation ", __kernel_ulong_t " arg2 ,
 .BI "             __kernel_ulong_t " arg3 ", __kernel_ulong_t " arg4 ,
 .BI "             __kernel_ulong_t " arg5 );
 .fi
@@ -33,7 +33,7 @@ allows user-space programs to perform key manipulation.
 The operation performed by
 .BR keyctl ()
 is determined by the value of the
-.I option
+.I operation
 argument.
 Each of these operations is wrapped by
 .B libkeyutils
@@ -41,7 +41,7 @@ into individual functions (listed under SEE ALSO)
 to permit the compiler to check types.
 
 The permitted values for
-.I option
+.I operation
 are:
 .TP
 .BR KEYCTL_GET_KEYRING_ID " (since Linux 2.6.11)"
@@ -1359,7 +1359,7 @@ is set appropriately to indicate the error.
 The requested operation wasn't permitted.
 .TP
 .B EDEADLK
-.I option
+.I operation
 is
 .BR KEYCTL_LINK
 and the requested link would result in a cycle.
@@ -1369,7 +1369,7 @@ The key quota for the caller's user would be exceeded by creating a key or
 linking it to the keyring.
 .TP
 .B EINVAL
-.I option
+.I operation
 was
 .B KEYCTL_SETPERM
 and an invalid permission bit was specified in
@@ -1385,7 +1385,7 @@ A rejected key was found or specified.
 A revoked key was found or specified.
 .TP
 .B ELOOP
-.I option
+.I operation
 is
 .BR KEYCTL_LINK
 and the requested link would cause the maximum nesting depth
@@ -1398,7 +1398,7 @@ No matching key was found or an invalid key was specified.
 The value
 .B KEYCTL_GET_KEYRING_ID
 was specified in
-.IR option ,
+.IR operation ,
 the key specified in
 .I arg2
 did not exist, and
@@ -1406,7 +1406,7 @@ did not exist, and
 was zero (meaning don't create the key if it didn't exist).
 .TP
 .B EOPNOTSUPP
-.I option
+.I operation
 is
 .B KEYCTL_UPDATE
 and the key type does not support updating.
@@ -1419,13 +1419,13 @@ a different type was provided.
 .\" FIXME Does this error really occur? I could not find where
 .\"       in the kernel source it is generated, but have not tested
 .\"       this case from a user-space program
-.IR option
+.IR operation
 is
 .BR KEYCTL_LINK
 and the keyring is full.
 .TP
 .B ENOENT
-.I option
+.I operation
 is
 .B KEYCTL_UNLINK
 and the key to be unlinked isn't linked to the keyring.
@@ -1446,7 +1446,7 @@ or the parent process is
 or a kernel thread.
 .TP
 .B EINVAL
-.I option
+.I operation
 is
 .B KEYCTL_DH_COMPUTE
 and the buffer size provided is not enough to hold the result.