From c1f7a90fee1397a810cc0d346bfc0bfb2263e17d Mon Sep 17 00:00:00 2001 From: Michael Kerrisk Date: Tue, 1 Nov 2016 21:58:07 +0100 Subject: [PATCH] keyrings.7, process-keyring.7, thread-keyring.7: wfix Signed-off-by: Michael Kerrisk --- man7/keyrings.7 | 10 +++++----- man7/process-keyring.7 | 2 +- man7/thread-keyring.7 | 2 +- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/man7/keyrings.7 b/man7/keyrings.7 index 7d68a4699..5208bfd59 100644 --- a/man7/keyrings.7 +++ b/man7/keyrings.7 @@ -16,7 +16,7 @@ keyrings \- in-kernel key management and retention facility The .B keyrings facility is primarily a way for drivers to retain or cache security data, -authentication keys, encryption keys and other data in the kernel. +authentication keys, encryption keys, and other data in the kernel. .P System call interfaces are provided so that userspace programs can manage those objects and also use the facility for their own purposes. @@ -78,7 +78,7 @@ when it was requested. A key's payload can be read and updated if the key type supports it and if suitable permission is granted to the caller. .IP "\fBAccess rights\fR" -Each key has an owning user ID, an owning group and a security label - much as +Each key has an owning user ID, an owning group, and a security label - much as files do. They also have a set of permissions, though there are more than for a normal UNIX file, @@ -140,7 +140,7 @@ Keys may be linked to by multiple keyrings. Keyrings may be considered as analogous to UNIX directories where each directory contains a set of hard links to files. .P -Several of the syscall functions available may only be applied to keyrings: +Various operations (system calls) may be applied only to keyrings: .IP "\fBAdding\fR" A key may be added to a keyring by system calls that create keys. This prevents the new key from being immediately deleted @@ -178,7 +178,7 @@ key - but whilst keyrings are available to link to keys, keyrings themselves are just keys and are also subject to the same anchoring necessity. .P The kernel makes available a number of anchor keyrings. -Note that some of these keyrings will only be created when first accessed. +Note that some of these keyrings will be created only when first accessed. .IP "\fBProcess keyrings\fR" Process credentials themselves reference keyrings with specific semantics. These keyrings are pinned as long as the set of credentials exists - which is @@ -241,7 +241,7 @@ Whether a thread possesses a key is determined by the following rules: Any key or keyring that does not grant \fBSearch\fP permission to the caller is \fIignored\fP in all the following rules. .IP (2) -A thread \fIpossesses\fR its \fBsession\fR, \fBprocess\fR and \fBthread\fR +A thread \fIpossesses\fR its \fBsession\fR, \fBprocess\fR, and \fBthread\fR keyrings directly because those are pointed to by its credentials. .IP (3) If a keyring is possessed, then any key it links to is \fIalso\fR possessed. diff --git a/man7/process-keyring.7 b/man7/process-keyring.7 index 9a02fcbed..7ad01119b 100644 --- a/man7/process-keyring.7 +++ b/man7/process-keyring.7 @@ -14,7 +14,7 @@ process-keyring \- per-process shared keyring .SH DESCRIPTION The process keyring is a keyring used to anchor keys on behalf of a process. -It is only created when a process requests it. +It is created only when a process requests it. .P A special serial number value, .BR KEY_SPEC_PROCESS_KEYRING , diff --git a/man7/thread-keyring.7 b/man7/thread-keyring.7 index 9e3e656b9..24eccd6c6 100644 --- a/man7/thread-keyring.7 +++ b/man7/thread-keyring.7 @@ -14,7 +14,7 @@ thread-keyring \- per-thread keyring .SH DESCRIPTION The thread keyring is a keyring used to anchor keys on behalf of a process. -It is only created when a thread requests it. +It is created only when a thread requests it. .P A special serial number value, .BR KEY_SPEC_THREAD_KEYRING ,