From: "Serge E. Hallyn" <serue@us.ibm.com>
To: David Howells <dhowells@redhat.com>
Cc: torvalds@osdl.org, akpm@linux-foundation.org, jmorris@namei.org,
linux-kernel@vger.kernel.org,
linux-security-module@vger.kernel.org
Subject: Re: [PATCH 4/6] KEYS: Add garbage collection for dead, revoked and expired keys. [ver #2]
Date: Tue, 4 Aug 2009 18:39:06 -0500 [thread overview]
Message-ID: <20090804233906.GA17407@us.ibm.com> (raw)
In-Reply-To: <20090804203938.25094.21014.stgit@warthog.procyon.org.uk>
Quoting David Howells (dhowells@redhat.com):
> Add garbage collection for dead, revoked and expired keys. This involved
> erasing all links to such keys from keyrings that point to them. At that
> point, the key will be deleted in the normal manner.
>
> Keyrings from which garbage collection occurs are shrunk and their quota
> consumption reduced as appropriate.
>
> Dead keys (for which the key type has been removed) will be garbage collected
> immediately.
>
> Revoked and expired keys will hang around for a number of seconds, as set in
> /proc/sys/kernel/keys/gc_delay before being automatically removed. The default
> is 5 minutes.
>
> Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Serge Hallyn <serue@us.ibm.com>
next prev parent reply other threads:[~2009-08-04 23:39 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-08-04 20:39 [PATCH 1/6] KEYS: Deal with dead-type keys appropriately [ver #2] David Howells
2009-08-04 20:39 ` [PATCH 2/6] KEYS: Allow keyctl_revoke() on keys that have SETATTR but not WRITE perm " David Howells
2009-08-04 20:39 ` [PATCH 3/6] KEYS: Flag dead keys to induce EKEYREVOKED " David Howells
2009-08-04 20:39 ` [PATCH 4/6] KEYS: Add garbage collection for dead, revoked and expired keys. " David Howells
2009-08-04 23:39 ` Serge E. Hallyn [this message]
2009-08-05 0:29 ` James Morris
2009-08-05 9:40 ` David Howells
2009-08-04 20:39 ` [PATCH 5/6] KEYS: Make /proc/keys use keyid not numread as file position " David Howells
2009-08-05 22:59 ` James Morris
2009-08-04 20:39 ` [PATCH 6/6] KEYS: Do some whitespace cleanups " David Howells
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090804233906.GA17407@us.ibm.com \
--to=serue@us.ibm.com \
--cc=akpm@linux-foundation.org \
--cc=dhowells@redhat.com \
--cc=jmorris@namei.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=torvalds@osdl.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.