Re: [PATCH] implement in-kernel keys & keyring management

[James Morris]

On Sat, 7 Aug 2004, Linus Torvalds wrote:

> On Sun, 8 Aug 2004, James Morris wrote:
> > 
> > I would suggest that the /sbin/request-key interface be done via Netlink
> > messaging instead.  

> I really disagree. 
> 
> If you want to use netlink, do so. But do it from the /sbin/request-key
> script or binary.
> 
> I've never seen a good binary deamon listening for things. It's a horrible 
> interface. It's undebuggable, it's inflexible, and it's just plain nasty. 
> 
> I'm just looking at how _well_ /sbin/hotplug has worked out. I believe 
> that it would have been a disaster done with a binary messaging setup.

I'm not disagreeing with the above, but what about performance?  Part of
the reason I suggested Netlink is that it's likely to be more efficient to
send messages over a socket than to exec a program for each key request
from the kernel.

It's difficult to know if performance will actually be an issue without
understanding the potential workload more.  What if many thousands of
clients are connected to a fileserver?  Would calling /sbin/request-key
for each key request be likely to cause performance problems?


- James
-- 
James Morris
<jmorris@xxxxxxxxxx>


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/