[ Thanks to Adi Lane for this link.
]
“The Linux key retention service, introduced with the Linux 2.6
kernel, is primarily intended to cache authentication data in the
Linux kernel. The service can be used by remote filesystems or
other kernel services to manage cryptography, authentication
tokens, cross-domain user mappings, and other security concerns. It
also enables the Linux kernel to access required keys rapidly, and
can be used to delegate key operations such as add, update, and
delete to user-space.“This article gives you an overview of the Linux key retention
service, defines its terminology, and helps you get started quickly
with using Linux keys. You see how to use the Linux key retention
service in a kernel module using sample code. The kernel version
used in writing this article is 2.6.20…”