From: Cyrill Gorcunov <gorcunov@gmail.com>
To: Tejun Heo <tj@kernel.org>
Cc: linux-kernel@vger.kernel.org,
Pavel Emelyanov <xemul@parallels.com>,
Glauber Costa <glommer@parallels.com>,
Andi Kleen <andi@firstfloor.org>,
Matt Helsley <matthltc@us.ibm.com>,
Pekka Enberg <penberg@kernel.org>,
Eric Dumazet <eric.dumazet@gmail.com>,
Vasiliy Kulikov <segoon@openwall.com>,
Andrew Morton <akpm@linux-foundation.org>,
Alexey Dobriyan <adobriyan@gmail.com>
Subject: Re: [patch 1/4] Add routine for generating an ID for kernel pointer
Date: Wed, 28 Dec 2011 20:53:36 +0400 [thread overview]
Message-ID: <20111228165336.GS27266@moon> (raw)
In-Reply-To: <20111228164522.GO17712@google.com>
On Wed, Dec 28, 2011 at 08:45:22AM -0800, Tejun Heo wrote:
> Hello,
>
> On Wed, Dec 28, 2011 at 08:40:55PM +0400, Cyrill Gorcunov wrote:
> > > We have the whole crypto subsystem dealing with this. It sure would
> > > be more complex than ^ operator but it's not like you have to open
> > > code the whole thing. Is it really that complex to use?
> >
> > No, Tejun, the use of crypto engine is not hard but it means more memory
> > consumption (one need to carry resulting hashes and print them out into
> > /proc) and more cpu consuption while we really need some fast and cheap
> > solution. Unlike other usage of crypto engine (such as encoding for net
> > layer, iirc ipsec uses it) I'm not really convinced we should use that
> > heavy artillery here ;)
>
> But the cost would be attributed to the user requesting that specific
> data and given the amount of data to be hashed, I don't think the
> computational or memory overhead should be the deciding design factor
> here. There are far more grave issues here. Userland visible API and
> security.
>
Well, it is not deciding but it should be taken into account. One could
be reading this IDs again and again and again affecting performance of
the whole system, which means I really would prefer to limit access to such
features (ie root-only). If (as I said) for other cases there is simply no way to
_not_ use crypto, our case might be the one where using crypto is redundant.
> > I see, I could use some other form of output, it's not a problem. The main
> > problem which interface community prefer, should I really switch to crypto
> > usage or we can leave with root-only+plain-pointer approach?
>
> I don't know either but if proper hashing (crypto or not) is simple
> enough, this really isn't a tradeoff we need to make, no?
>
Hell knows, I would prefer to escape strong-crypto usage, but if there is
no other way, of course I'll change the approach ;)
Cyrill
next prev parent reply other threads:[~2011-12-28 16:53 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-12-23 12:47 [patch 0/4] generic object ids, v2 Cyrill Gorcunov
2011-12-23 12:47 ` [patch 1/4] Add routine for generating an ID for kernel pointer Cyrill Gorcunov
2011-12-27 23:23 ` Andrew Morton
2011-12-28 7:42 ` Cyrill Gorcunov
2011-12-28 9:42 ` Andrew Morton
2011-12-28 9:43 ` Cyrill Gorcunov
2011-12-28 9:47 ` Pavel Emelyanov
2011-12-28 10:41 ` Cyrill Gorcunov
2011-12-27 23:33 ` Andrew Morton
2011-12-28 0:48 ` Randy Dunlap
2011-12-28 7:24 ` Cyrill Gorcunov
2011-12-27 23:54 ` Valdis.Kletnieks
2011-12-28 0:02 ` Andrew Morton
2011-12-28 7:22 ` Cyrill Gorcunov
2011-12-28 16:06 ` Tejun Heo
2011-12-28 16:18 ` Cyrill Gorcunov
2011-12-28 16:26 ` Tejun Heo
2011-12-28 16:40 ` Cyrill Gorcunov
2011-12-28 16:45 ` Tejun Heo
2011-12-28 16:53 ` Cyrill Gorcunov [this message]
2011-12-28 17:01 ` Tejun Heo
2011-12-28 17:14 ` Cyrill Gorcunov
2011-12-29 14:24 ` Cyrill Gorcunov
2011-12-29 16:14 ` Tejun Heo
2011-12-29 16:24 ` Cyrill Gorcunov
2011-12-30 0:23 ` Herbert Xu
2011-12-30 7:36 ` Cyrill Gorcunov
2011-12-30 20:31 ` KOSAKI Motohiro
2011-12-30 20:48 ` Cyrill Gorcunov
2011-12-30 23:51 ` KOSAKI Motohiro
2011-12-31 7:51 ` Cyrill Gorcunov
2012-01-02 12:18 ` bastien ROUCARIES
2012-01-02 21:14 ` Cyrill Gorcunov
2011-12-31 4:55 ` Kyle Moffett
2011-12-31 7:57 ` Cyrill Gorcunov
2011-12-23 12:47 ` [patch 2/4] proc: Show namespaces IDs in /proc/pid/ns/* files Cyrill Gorcunov
2012-01-04 6:02 ` Eric W. Biederman
2012-01-04 11:26 ` Cyrill Gorcunov
2012-01-04 17:56 ` Eric W. Biederman
2012-01-04 18:19 ` Cyrill Gorcunov
2011-12-23 12:47 ` [patch 3/4] proc: Show open file ID in /proc/pid/fdinfo/* Cyrill Gorcunov
2011-12-23 12:47 ` [patch 4/4] proc: Show IDs of objects cloned with CLONE_ in proc Cyrill Gorcunov
-- strict thread matches above, loose matches on Subject: below --
2011-12-22 12:56 [patch 0/4] kernel generic object IDs series Cyrill Gorcunov
2011-12-22 12:56 ` [patch 1/4] Add routine for generating an ID for kernel pointer Cyrill Gorcunov
2011-12-28 16:51 ` Alan Cox
2011-12-28 17:05 ` Cyrill Gorcunov
2011-12-28 17:21 ` Alan Cox
2011-12-28 17:35 ` Cyrill Gorcunov
2011-12-28 19:48 ` Cyrill Gorcunov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20111228165336.GS27266@moon \
--to=gorcunov@gmail.com \
--cc=adobriyan@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=andi@firstfloor.org \
--cc=eric.dumazet@gmail.com \
--cc=glommer@parallels.com \
--cc=linux-kernel@vger.kernel.org \
--cc=matthltc@us.ibm.com \
--cc=penberg@kernel.org \
--cc=segoon@openwall.com \
--cc=tj@kernel.org \
--cc=xemul@parallels.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.