From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner+willy=40w.ods.org-S268040AbUHKMgc@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S268040AbUHKMgc (ORCPT <rfc822;willy@w.ods.org>);
	Wed, 11 Aug 2004 08:36:32 -0400
Received: (majordomo@vger.kernel.org) by vger.kernel.org id S268045AbUHKMgc
	(ORCPT <rfc822;linux-kernel-outgoing>);
	Wed, 11 Aug 2004 08:36:32 -0400
Received: from mx1.redhat.com ([66.187.233.31]:2740 "EHLO mx1.redhat.com")
	by vger.kernel.org with ESMTP id S268040AbUHKMej (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Wed, 11 Aug 2004 08:34:39 -0400
From: David Howells <dhowells@redhat.com>
In-Reply-To: <5788.1092160798@redhat.com> 
References: <5788.1092160798@redhat.com>  <16109.1092044758@redhat.com> <Pine.LNX.4.58.0408072221480.1793@ppc970.osdl.org> <Xine.LNX.4.44.0408080046130.27710-100000@dhcp83-76.boston.redhat.com> 
To: Linus Torvalds <torvalds@osdl.org>, akpm@osdl.org
Cc: James Morris <jmorris@redhat.com>, linux-kernel@vger.kernel.org,
       arjanv@redhat.com, dwmw2@infradead.org, greg@kroah.com,
       Chris Wright <chrisw@osdl.org>, sfrench@samba.org, mike@halcrow.us,
       Trond Myklebust <trond.myklebust@fys.uio.no>,
       Kyle Moffett <mrmacman_g4@mac.com>,
       viro@parcelfarce.linux.theplanet.co.uk
Subject: [PATCH] implement in-kernel keys & keyring management [try #6] 
User-Agent: EMH/1.14.1 SEMI/1.14.5 (Awara-Onsen) FLIM/1.14.5 (Demachiyanagi) APEL/10.6 Emacs/21.3 (i386-redhat-linux-gnu) MULE/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.5 - "Awara-Onsen")
Content-Type: text/plain; charset=US-ASCII
Date: Wed, 11 Aug 2004 13:34:11 +0100
Message-ID: <16655.1092227651@redhat.com>
Sender: linux-kernel-owner@vger.kernel.org
X-Mailing-List: linux-kernel@vger.kernel.org


Hi Linus, Andrew,

> I've modified my patch to avoid a locking error that Al Viro pointed out. If
> you have two keyrings A and B, if one process tries to link A to B, whilst
> in parallel another process tries to link B to A, it could end up creating a
> cycle in the graph. I've added code to serialise link calls with respect to
> one another to obviate that problem.

I've fixed another looking bug that that introduced.

Following a reply from Chris Wright, I've also sorted out session keyring
management to what is probably a more sane approach. Processes now start off
without session keyrings being assigned. A process is automatically subscribed
to the user's default session if it doesn't have a session keyring when it
tries to access it. Processes inherit their parents session keyring or lack
thereof at fork time. Processes can still manually join a session.

The patch can be found at:

	http://people.redhat.com/~dhowells/keys/keys-268rc2-6.diff.bz2

David.