1 files changed, 103 insertions, 86 deletions
diff --git a/man/man2const/KEYCTL_SETPERM.2const b/man/man2const/KEYCTL_SETPERM.2const
index 4ee23f6948..ef30f98e56 100644
--- a/man/man2const/KEYCTL_SETPERM.2const
+++ b/man/man2const/KEYCTL_SETPERM.2const
@@ -20,26 +20,22 @@ Standard C library
 .BR "#include <sys/syscall.h>" "   /* Definition of " SYS_* " constants */"
 .B #include <unistd.h>
 .P
-.BI "long syscall(SYS_keyctl, int " operation ", unsigned long " arg2 ,
-.BI "             unsigned long " arg3 );
+.BI "long syscall(SYS_keyctl, KEYCTL_SETPERM, key_serial_t " key ,
+.BI "             key_perm_t " perms );
 .fi
 .SH DESCRIPTION
-.TP
-.BR KEYCTL_SETPERM " (since Linux 2.6.10)"
 Change the permissions of the key with the ID provided in the
-.I arg2
-argument (cast to
-.IR key_serial_t )
+.I key
+argument
 to the permissions provided in the
-.I arg3
-argument (cast to
-.IR key_perm_t ).
-.IP
+.I perms
+argument.
+.P
 If the caller doesn't have the
 .B CAP_SYS_ADMIN
 capability, it can change permissions only for the keys it owns.
 (More precisely: the caller's filesystem UID must match the UID of the key.)
-.IP
+.P
 The key must grant
 .I setattr
 permission to the caller
@@ -47,12 +43,11 @@ permission to the caller
 of the caller's capabilities.
 .\" FIXME Above, is it really intended that a privileged process can't
 .\" override the lack of the 'setattr' permission?
-.IP
+.P
 The permissions in
-.I arg3
+.I perms
 specify masks of available operations
 for each of the following user categories:
-.RS
 .TP
 .IR possessor " (since Linux 2.6.14)"
 .\" commit 664cceb0093b755739e56572b836a99104ee8a75
@@ -77,14 +72,14 @@ that do not match the
 and
 .I group
 categories.
-.RE
-.IP
+.P
 The
 .IR user ,
 .IR group ,
 and
 .I other
-categories are exclusive: if a process matches the
+categories are exclusive:
+if a process matches the
 .I user
 category, it will not receive permissions granted in the
 .I group
@@ -95,7 +90,7 @@ or
 category, then it will not receive permissions granted in the
 .I other
 category.
-.IP
+.P
 The
 .I possessor
 category grants permissions that are cumulative with the grants from the
@@ -104,39 +99,48 @@ category grants permissions that are cumulative with the grants from the
 or
 .I other
 category.
-.IP
+.P
 Each permission mask is eight bits in size,
 with only six bits currently used.
 The available permissions are:
-.RS
 .TP
 .I view
 This permission allows reading attributes of a key.
 .IP
 This permission is required for the
-.B KEYCTL_DESCRIBE
+.BR KEYCTL_DESCRIBE (2const)
 operation.
-.IP
-The permission bits for each category are
-.BR KEY_POS_VIEW ,
-.BR KEY_USR_VIEW ,
-.BR KEY_GRP_VIEW ,
-and
-.BR KEY_OTH_VIEW .
+.P
+The permission bits for each category are:
+.RS
+.TP
+.B KEY_POS_VIEW
+.TQ
+.B KEY_USR_VIEW
+.TQ
+.B KEY_GRP_VIEW
+.TQ
+.B KEY_OTH_VIEW
+.RE
 .TP
 .I read
 This permission allows reading a key's payload.
 .IP
 This permission is required for the
-.B KEYCTL_READ
+.BR KEYCTL_READ (2const)
 operation.
 .IP
 The permission bits for each category are
-.BR KEY_POS_READ ,
-.BR KEY_USR_READ ,
-.BR KEY_GRP_READ ,
-and
-.BR KEY_OTH_READ .
+.RS
+.TP
+.B KEY_POS_READ
+.TQ
+.B KEY_USR_READ
+.TQ
+.B KEY_GRP_READ
+.TQ
+.B KEY_OTH_READ
+.RE
 .TP
 .I write
 This permission allows update or instantiation of a key's payload.
@@ -145,18 +149,23 @@ For a keyring, it allows keys to be linked and unlinked from the keyring,
 This permission is required for the
 .BR KEYCTL_UPDATE (2const),
 .BR KEYCTL_REVOKE (2const),
-.BR KEYCTL_CLEAR ,
-.BR KEYCTL_LINK ,
+.BR KEYCTL_CLEAR (2const),
+.BR KEYCTL_LINK (2const),
 and
-.B KEYCTL_UNLINK
+.BR KEYCTL_UNLINK (2const)
 operations.
 .IP
-The permission bits for each category are
-.BR KEY_POS_WRITE ,
-.BR KEY_USR_WRITE ,
-.BR KEY_GRP_WRITE ,
-and
-.BR KEY_OTH_WRITE .
+The permission bits for each category are:
+.RS
+.TP
+.B KEY_POS_WRITE
+.TQ
+.B KEY_USR_WRITE
+.TQ
+.B KEY_GRP_WRITE
+.TQ
+.B KEY_OTH_WRITE
+.RE
 .TP
 .I search
 This permission allows keyrings to be searched and keys to be found.
@@ -167,70 +176,78 @@ permission set.
 This permission is required for the
 .BR KEYCTL_GET_KEYRING_ID (2const),
 .BR KEYCTL_JOIN_SESSION_KEYRING (2const),
-.BR KEYCTL_SEARCH ,
+.BR KEYCTL_SEARCH (2const),
 and
-.B KEYCTL_INVALIDATE
+.B KEYCTL_INVALIDATE (2const)
 operations.
 .IP
-The permission bits for each category are
-.BR KEY_POS_SEARCH ,
-.BR KEY_USR_SEARCH ,
-.BR KEY_GRP_SEARCH ,
-and
-.BR KEY_OTH_SEARCH .
+The permission bits for each category are:
+.RS
+.TP
+.B KEY_POS_SEARCH
+.TQ
+.B KEY_USR_SEARCH
+.TQ
+.B KEY_GRP_SEARCH
+.TQ
+.B KEY_OTH_SEARCH
+.RE
 .TP
 .I link
 This permission allows a key or keyring to be linked to.
 .IP
 This permission is required for the
-.B KEYCTL_LINK
+.BR KEYCTL_LINK (2const)
 and
-.B KEYCTL_SESSION_TO_PARENT
+.BR KEYCTL_SESSION_TO_PARENT (2const)
 operations.
 .IP
-The permission bits for each category are
-.BR KEY_POS_LINK ,
-.BR KEY_USR_LINK ,
-.BR KEY_GRP_LINK ,
-and
-.BR KEY_OTH_LINK .
+The permission bits for each category are:
+.RS
+.TP
+.B KEY_POS_LINK
+.TQ
+.B KEY_USR_LINK
+.TQ
+.B KEY_GRP_LINK
+.TQ
+.B KEY_OTH_LINK
+.RE
 .TP
-.IR setattr " (since Linux 2.6.15)."
+.IR setattr " (since Linux 2.6.15)"
 This permission allows a key's UID, GID, and permissions mask to be changed.
 .IP
 This permission is required for the
 .BR KEYCTL_REVOKE (2const),
 .BR KEYCTL_CHOWN (2const),
 and
-.B KEYCTL_SETPERM
+.B KEYCTL_SETPERM (2const)
 operations.
 .IP
-The permission bits for each category are
-.BR KEY_POS_SETATTR ,
-.BR KEY_USR_SETATTR ,
-.BR KEY_GRP_SETATTR ,
-and
-.BR KEY_OTH_SETATTR .
+The permission bits for each category are:
+.RS
+.TP
+.B KEY_POS_SETATTR
+.TQ
+.B KEY_USR_SETATTR
+.TQ
+.B KEY_GRP_SETATTR
+.TQ
+.B KEY_OTH_SETATTR
 .RE
-.IP
+.P
 As a convenience, the following macros are defined as masks for
 all of the permission bits in each of the user categories:
-.BR KEY_POS_ALL ,
-.BR KEY_USR_ALL ,
-.BR KEY_GRP_ALL ,
-and
-.BR KEY_OTH_ALL .
-.IP
-The
-.I arg4
-and
-.I arg5
-arguments are ignored.
-.IP
-This operation is exposed by
-.I libkeyutils
-via the function
-.BR keyctl_setperm (3).
+.RS
+.TP
+.B KEY_POS_ALL
+.TQ
+.B KEY_USR_ALL
+.TQ
+.B KEY_GRP_ALL
+.TQ
+.B KEY_OTH_ALL
+.RE
 .SH RETURN VALUE
 On success,
 0 is returned.
@@ -245,7 +262,7 @@ is set to indicate the error.
 was
 .B KEYCTL_SETPERM
 and an invalid permission bit was specified in
-.IR arg3 .
+.IR perms .
 .SH VERSIONS
 A wrapper is provided in the
 .I libkeyutils