From: "Luís Henriques" <lhenriques@suse.de>
To: David Howells <dhowells@redhat.com>
Cc: Eric Biggers <ebiggers@kernel.org>,
Jarkko Sakkinen <jarkko@kernel.org>,
keyrings@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [RFC PATCH] keys: flush work when accessing /proc/key-users
Date: Thu, 14 Dec 2023 14:44:28 +0000 [thread overview]
Message-ID: <ZXsUzBRR2uc81FK0@suse.de> (raw)
In-Reply-To: <2744563.1702303367@warthog.procyon.org.uk>
Hi David,
On Mon, Dec 11, 2023 at 02:02:47PM +0000, David Howells wrote:
<snip>
> > However, that would only fix the flakiness of the key quota for fs/crypto/,
> > not for other users of the keyrings service. Maybe this suggests that
> > key_put() should release the key's quota right away if the key's refcount
> > drops to 0?
>
> That I would be okay with as the key should be removed in short order.
>
> Note that you'd have to change the spinlocks on key->user->lock to irq-locking
> types. Or maybe we can do without them, at least for key gc, and use atomic
> counters. key_invalidate() should probably drop the quota also.
I was trying to help with this but, first, I don't think atomic counters
would actually be a solution. For example, we have the following in
key_alloc():
spin_lock(&user->lock);
if (!(flags & KEY_ALLOC_QUOTA_OVERRUN)) {
if (user->qnkeys + 1 > maxkeys ||
user->qnbytes + quotalen > maxbytes ||
user->qnbytes + quotalen < user->qnbytes)
goto no_quota;
}
user->qnkeys++;
user->qnbytes += quotalen;
spin_unlock(&user->lock);
Thus, I don't think it's really possible to simply stop using a lock
without making these checks+changes non-atomic.
As for using spin_lock_irq() or spin_lock_irqsave(), my understanding is
that the only places where this could be necessary is in key_put() and,
possibly, key_payload_reserve(). key_alloc() shouldn't need that.
Finally, why would key_invalidate() require handling quotas? I'm probably
just missing some subtlety, but I don't see the user->usage refcount being
decremented anywhere in that path (or anywhere else, really).
Cheers,
--
Luís
next prev parent reply other threads:[~2023-12-14 14:44 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-12-06 14:57 [RFC PATCH] keys: flush work when accessing /proc/key-users Luis Henriques
2023-12-06 16:04 ` David Howells
2023-12-06 17:55 ` Luis Henriques
2023-12-07 2:43 ` Eric Biggers
2023-12-11 14:02 ` David Howells
2023-12-12 3:03 ` Eric Biggers
2023-12-14 14:44 ` Luís Henriques [this message]
2024-01-15 12:03 ` [RFC PATCH v2] keys: update key quotas in key_put() Luis Henriques
2024-01-19 21:10 ` Jarkko Sakkinen
2024-01-22 11:50 ` Luis Henriques
2024-01-22 19:45 ` Jarkko Sakkinen
2024-01-24 22:12 ` Eric Biggers
2024-01-26 16:12 ` Luis Henriques
2024-01-27 6:42 ` Eric Biggers
2024-01-29 11:23 ` Luis Henriques
2023-12-07 4:33 ` [RFC PATCH] keys: flush work when accessing /proc/key-users Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZXsUzBRR2uc81FK0@suse.de \
--to=lhenriques@suse.de \
--cc=dhowells@redhat.com \
--cc=ebiggers@kernel.org \
--cc=jarkko@kernel.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.