From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S266397AbUHIJYW (ORCPT ); Mon, 9 Aug 2004 05:24:22 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S266409AbUHIJYV (ORCPT ); Mon, 9 Aug 2004 05:24:21 -0400 Received: from mx1.redhat.com ([66.187.233.31]:26260 "EHLO mx1.redhat.com") by vger.kernel.org with ESMTP id S266397AbUHIJYQ (ORCPT ); Mon, 9 Aug 2004 05:24:16 -0400 From: David Howells In-Reply-To: <20040808025229.GA15737@kroah.com> References: <20040808025229.GA15737@kroah.com> <6453.1091838705@redhat.com> <20040807011758.62831dbf.akpm@osdl.org> To: Greg KH Cc: Andrew Morton , David Howells , torvalds@osdl.org, linux-kernel@vger.kernel.org, arjanv@redhat.com, dwmw2@infradead.org, jmorris@redhat.com, chrisw@osdl.org, sfrench@samba.org, mike@halcrow.us, trond.myklebust@fys.uio.no, mrmacman_g4@mac.com Subject: Re: [PATCH] implement in-kernel keys & keyring management User-Agent: EMH/1.14.1 SEMI/1.14.5 (Awara-Onsen) FLIM/1.14.5 (Demachiyanagi) APEL/10.6 Emacs/21.3 (i386-redhat-linux-gnu) MULE/5.0 (SAKAKI) MIME-Version: 1.0 (generated by SEMI 1.14.5 - "Awara-Onsen") Content-Type: text/plain; charset=US-ASCII Date: Mon, 09 Aug 2004 10:23:20 +0100 Message-ID: <15760.1092043400@redhat.com> Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Greg KH wrote: > I think that if the /proc interface was moved over to sysfs (which is > where it should be), a number of these syscalls would go away. Well, I could move these two files into /sysfs. But just doing that wouldn't get rid of any of the system calls. To move these files into sysfs, should I create a "keys" subsystem? Can you elaborate as to what you envision? I wonder if you'd thinking that I should make every key a kobject and fan-out them out in a directory in sysfs somewhere. I really don't want to do that, though... kobject seems to add quite a large overhead that I'd rather avoid (a directory in sysfs for instance). I could a keyfs filesystem, fan the keys out in there, but this would spawn more code than just a few new syscalls or prctls. However, I can't just pretend all keyrings are directories and all keys files and then use link() and unlink(). I'd need to be able to link() and unlink() directories. I could do it by representing two keyrings, as two adjacent directories, and then use symlink() to create a link between them. The main advantage of doing this, however, is that shell scripts would be able to modify their own keyrings without a utility program such as keyctl.c that I put up for download. David