From: David Howells <dhowells@redhat.com>
To: James Morris <jmorris@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>,
torvalds@osdl.org, linux-kernel@vger.kernel.org,
arjanv@redhat.com, dwmw2@infradead.org, greg@kroah.com,
chrisw@osdl.org, sfrench@samba.org, mike@halcrow.us,
trond.myklebust@fys.uio.no, mrmacman_g4@mac.com
Subject: Re: [PATCH] implement in-kernel keys & keyring management [try #2]
Date: Mon, 09 Aug 2004 10:33:50 +0100 [thread overview]
Message-ID: <15907.1092044030@redhat.com> (raw)
In-Reply-To: <Xine.LNX.4.44.0408080034560.27710-100000@dhcp83-76.boston.redhat.com>
James Morris <jmorris@redhat.com> wrote:
> Implement a filesystem interface, e.g. /proc/<pid>/keys
>
> From here you can have:
>
> /create
How would this work? Remember you've got to get some data back, and you've got
to simultaneously attach your key to a keyring, otherwise it'll just be erased
immediately.
> /<keyid>/update
> /revoke
> /chown
> /chmod
> ...
I could. You're going a little far: chown and chmod can be done by other
methods on the <keyid>/ directory.
> Rather than syscalls/prctls for each of these.
It'd require a lot more code and memory to do it with a filesystem, I think.
> For keyrings, you could have:
>
> /proc/<pid>/keyring/thread
> /session
> /process
> ...
What are these? Files containing keyring ID numbers? If so, better to just
have one file from whence you can read all the IDs, and since /proc/pid/status
has to grab the requisite lock anyway...
> Instead of having /proc/keys and associated locking/seqfile overhead in
> the kernel, a userspace library could instead traverse /proc to build a
> global list of keys.
And incur even more locking overhead? Besides, why? Looking at all the keys on
the system isn't something that should be done very often, and what you're
suggesting would be more expensive in the long run.
> In general, I think you may be able to move logic out of the kernel this
> way, e.g. userspace searching for keys.
But you need to lock the keyrings as you search. Access controls also need
to be enforced, but that could probably be done in userspace (you can't scan
the contents of a keyring you don't own).
Besides, the search _has_ to be available in kernel space. A filesystem such
as AFS or NFS would need to be able to call it during file->open(), and maybe
at other times. Would you suggest that it should call out to userspace to do
the keyring search? Or would you, say, suggest a new open() syscall that takes
a key ID in addition?
And since there has to be a kernel space search routine, why not make it
available to userspace too?
David
next prev parent reply other threads:[~2004-08-09 9:34 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-08-07 0:31 [PATCH] implement in-kernel keys & keyring management David Howells
2004-08-07 8:17 ` Andrew Morton
2004-08-07 16:33 ` [PATCH] implement in-kernel keys & keyring management [try #2] David Howells
2004-08-07 17:48 ` [PATCH] implement in-kernel keys & keyring management [try #3] David Howells
2004-08-08 4:45 ` [PATCH] implement in-kernel keys & keyring management [try #2] James Morris
2004-08-09 9:33 ` David Howells [this message]
2004-08-09 14:08 ` James Morris
2004-08-09 14:35 ` David Howells
2004-08-09 15:47 ` James Morris
2004-08-10 18:49 ` David Howells
2004-08-08 2:52 ` [PATCH] implement in-kernel keys & keyring management Greg KH
2004-08-09 9:23 ` David Howells
2004-08-09 20:27 ` Greg KH
2004-08-07 8:59 ` Trond Myklebust
2004-08-07 17:45 ` David Howells
2004-08-08 5:14 ` James Morris
2004-08-08 5:25 ` Linus Torvalds
2004-08-09 1:14 ` James Morris
2004-08-09 4:27 ` Linus Torvalds
2004-08-09 6:32 ` bert hubert
2004-08-09 10:16 ` David Howells
2004-08-09 14:51 ` Alan Cox
2004-08-09 10:01 ` David Howells
2004-08-09 9:45 ` David Howells
2004-08-09 15:24 ` [PATCH] implement in-kernel keys & keyring management [try #4] David Howells
2004-08-09 21:13 ` Kyle Moffett
2004-08-10 17:59 ` [PATCH] implement in-kernel keys & keyring management [try #5] David Howells
2004-08-11 6:37 ` Chris Wright
2004-08-11 9:46 ` David Howells
2004-08-11 12:34 ` [PATCH] implement in-kernel keys & keyring management [try #6] David Howells
2004-08-11 19:10 ` [PATCH] keys & keyring management: key filesystem David Howells
2004-08-09 9:40 ` [PATCH] implement in-kernel keys & keyring management David Howells
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=15907.1092044030@redhat.com \
--to=dhowells@redhat.com \
--cc=akpm@osdl.org \
--cc=arjanv@redhat.com \
--cc=chrisw@osdl.org \
--cc=dwmw2@infradead.org \
--cc=greg@kroah.com \
--cc=jmorris@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mike@halcrow.us \
--cc=mrmacman_g4@mac.com \
--cc=sfrench@samba.org \
--cc=torvalds@osdl.org \
--cc=trond.myklebust@fys.uio.no \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.