Re: [PATCH] implement in-kernel keys & keyring management [try #2]
From: James Morris
Date: Sat Aug 07 2004 - 23:48:03 EST
On Sat, 7 Aug 2004, David Howells wrote:
> > I guess the pure way to do it is to add 13 new syscalls....
>
> I don't really want to add any syscalls, though I wouldn't be too upset to add
> just one:-/
>
> What're other people's thoughts on this?
Implement a filesystem interface, e.g. /proc/<pid>/keys
>From here you can have:
/create
/<keyid>/update
/revoke
/chown
/chmod
...
Rather than syscalls/prctls for each of these.
For keyrings, you could have:
/proc/<pid>/keyring/thread
/session
/process
...
Instead of having /proc/keys and associated locking/seqfile overhead in
the kernel, a userspace library could instead traverse /proc to build a
global list of keys.
In general, I think you may be able to move logic out of the kernel this
way, e.g. userspace searching for keys.
- James
--
James Morris
<jmorris@xxxxxxxxxx>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/