From: David Howells <dhowells@redhat.com>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: dhowells@redhat.com, torvalds@linux-foundation.org,
kwc@citi.umich.edu, arunsr@cse.iitk.ac.in, dwalsh@redhat.com,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH 3/3] KEYS: Make the keyring quotas controllable through /proc/sys
Date: Fri, 14 Mar 2008 02:39:46 +0000 [thread overview]
Message-ID: <4288.1205462386@redhat.com> (raw)
In-Reply-To: <20080313152850.c76ab240.akpm@linux-foundation.org>
Andrew Morton <akpm@linux-foundation.org> wrote:
> > #define key_serial(key) ((key) ? (key)->serial : 0)
>
> err, why was that a macro? It could have been implemented as an inline.
> One which doesn't evaluate its argument twice (or once if it was -1).
Probably because the CONFIG_KEYS=n version of key_serial() has to be a macro
(so as to discard key without any attempt at evaluation).
However, that doesn't apply to the CONFIG_KEYS=y case, so I'll whip up a patch
to alter that for you.
> > +#ifdef CONFIG_SYSCTL
> > +extern ctl_table key_sysctls[];
> > +#endif
>
> I've been going around telling people to not bother with the ifdefs here.
> Upside: looks nicer. Downside: defers the build error from compile-time to
> link-time.
Downside #2: the #ifdef is documentation of a sort. Personally, I prefer the
extra #ifdef here as it makes it clearer to someone looking at the .h file why
their code doesn't compile/link rather than them having to know to go fishing
in Makefiles.
> open-coded knowledge of uid==0 might be problematic for containerisation.
> Maybe it's on the containers team's radar, maybe it's actually not a
> problem, don't know. (adds cc).
As I understand it, the same applies to any UID. UID 0/root is typically
special, but I don't know how this is normally handled in alternate containers
for other kernel objects. I can't just go and look at a capability on current
because the quota belongs to the user, not the process.
I have become aware in the last couple of days that the container people
missed or left out keys. Possibly key IDs as well as key quotas should be
separated.
David
next prev parent reply other threads:[~2008-03-14 2:44 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-03-13 19:14 [PATCH 1/3] KEYS: Allow clients to set key perms in key_create_or_update() David Howells
2008-03-13 19:14 ` [PATCH 2/3] KEYS: Don't generate user and user session keyrings unless they're accessed David Howells
2008-03-13 22:20 ` Andrew Morton
2008-03-14 2:30 ` David Howells
2008-03-13 19:14 ` [PATCH 3/3] KEYS: Make the keyring quotas controllable through /proc/sys David Howells
2008-03-13 22:28 ` Andrew Morton
2008-03-14 2:39 ` David Howells [this message]
2008-03-14 11:46 ` David Howells
2008-03-13 22:47 ` Andrew Morton
2008-03-14 2:30 ` David Howells
2008-03-19 0:04 ` Andrew Morton
2008-03-19 11:19 ` David Howells
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4288.1205462386@redhat.com \
--to=dhowells@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=arunsr@cse.iitk.ac.in \
--cc=dwalsh@redhat.com \
--cc=kwc@citi.umich.edu \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox