From: David Howells <dhowells@redhat.com>
To: James Morris <jmorris@redhat.com>
Cc: Linus Torvalds <torvalds@osdl.org>,
akpm@osdl.org, linux-kernel@vger.kernel.org, arjanv@redhat.com,
dwmw2@infradead.org, greg@kroah.com,
Chris Wright <chrisw@osdl.org>,
sfrench@samba.org, mike@halcrow.us,
Trond Myklebust <trond.myklebust@fys.uio.no>,
Kyle Moffett <mrmacman_g4@mac.com>
Subject: Re: [PATCH] implement in-kernel keys & keyring management
Date: Mon, 09 Aug 2004 11:01:52 +0100 [thread overview]
Message-ID: <16404.1092045712@redhat.com> (raw)
In-Reply-To: <Xine.LNX.4.44.0408082041010.1123-100000@dhcp83-76.boston.redhat.com>
James Morris <jmorris@redhat.com>
> I'm not disagreeing with the above, but what about performance? Part of
> the reason I suggested Netlink is that it's likely to be more efficient to
> send messages over a socket than to exec a program for each key request
> from the kernel.
>
> It's difficult to know if performance will actually be an issue without
> understanding the potential workload more. What if many thousands of
> clients are connected to a fileserver? Would calling /sbin/request-key
> for each key request be likely to cause performance problems?
I have put in one thing to mitigate this problem. There's a construction
queue. If a user has a key under userspace construction with a particular type
and description, then anyone else who wants the same key will have to wait for
the key construction to complete, and then repeat their search.
The assumption is that the constructor will instantiate the key and link it
into one of the calling process's keyrings (probably the session
keyring). This then acts as a cache, where subsequent key accesses should
hopefully find it.
However, there are two issues this.
(1) Key lookup failure: I think that maybe I need to add the concept of a
"negative" key.
Key search would then proceed in this manner: the keyring tree is
searched for a positive key, terminating the search when one is
found. Any matching negative keys are noted in passing, but nothing is
done about them until the search fails; in which case an error will be
returned immediately rather than going to userspace.
(2) What if the new key is not made available to the next process that wants
it, perhaps because it's in a different session? Should it be possible
for the constructor to say "don't use this key, use that one instead",
and substitute an existing key from its cache?
David
next prev parent reply other threads:[~2004-08-09 10:02 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-08-07 0:31 [PATCH] implement in-kernel keys & keyring management David Howells
2004-08-07 8:17 ` Andrew Morton
2004-08-08 2:52 ` Greg KH
2004-08-09 9:23 ` David Howells
2004-08-09 20:27 ` Greg KH
2004-08-07 8:59 ` Trond Myklebust
2004-08-07 16:33 ` [PATCH] implement in-kernel keys & keyring management [try #2] David Howells
2004-08-08 4:45 ` James Morris
2004-08-09 9:33 ` David Howells
2004-08-09 14:08 ` James Morris
2004-08-09 14:35 ` David Howells
2004-08-09 15:47 ` James Morris
2004-08-10 18:49 ` David Howells
2004-08-07 17:45 ` [PATCH] implement in-kernel keys & keyring management David Howells
2004-08-07 17:48 ` [PATCH] implement in-kernel keys & keyring management [try #3] David Howells
2004-08-08 5:14 ` [PATCH] implement in-kernel keys & keyring management James Morris
2004-08-08 5:25 ` Linus Torvalds
2004-08-09 1:14 ` James Morris
2004-08-09 4:27 ` Linus Torvalds
2004-08-09 6:32 ` bert hubert
2004-08-09 14:51 ` Alan Cox
2004-08-09 10:01 ` David Howells [this message]
2004-08-09 10:16 ` David Howells
2004-08-09 9:40 ` David Howells
2004-08-09 9:45 ` David Howells
2004-08-09 15:24 ` [PATCH] implement in-kernel keys & keyring management [try #4] David Howells
2004-08-09 21:13 ` Kyle Moffett
2004-08-10 17:59 ` [PATCH] implement in-kernel keys & keyring management [try #5] David Howells
2004-08-11 6:37 ` Chris Wright
2004-08-11 9:46 ` David Howells
2004-08-11 12:34 ` [PATCH] implement in-kernel keys & keyring management [try #6] David Howells
2004-08-11 19:10 ` [PATCH] keys & keyring management: key filesystem David Howells
[not found] <200410191615.i9JGF8IW002712@hera.kernel.org>
2004-10-20 12:52 ` [PATCH] implement in-kernel keys & keyring management Arjan van de Ven
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=16404.1092045712@redhat.com \
--to=dhowells@redhat.com \
--cc=akpm@osdl.org \
--cc=arjanv@redhat.com \
--cc=chrisw@osdl.org \
--cc=dwmw2@infradead.org \
--cc=greg@kroah.com \
--cc=jmorris@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mike@halcrow.us \
--cc=mrmacman_g4@mac.com \
--cc=sfrench@samba.org \
--cc=torvalds@osdl.org \
--cc=trond.myklebust@fys.uio.no \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).