Re: [patch 1/4] Add routine for generating an ID for kernel pointer

From: Cyrill Gorcunov
Date: Wed Dec 28 2011 - 11:53:43 EST

Next message: Alan Cox: "Re: [patch 1/4] Add routine for generating an ID for kernel pointer"
Previous message: Andres Cimmarusti: "firmware loading failure for AR3011 (0cf3:3000 or 0cf3:3005 ?)"
In reply to: Tejun Heo: "Re: [patch 1/4] Add routine for generating an ID for kernel pointer"
Next in thread: Tejun Heo: "Re: [patch 1/4] Add routine for generating an ID for kernel pointer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Dec 28, 2011 at 08:45:22AM -0800, Tejun Heo wrote:
> Hello,
>
> On Wed, Dec 28, 2011 at 08:40:55PM +0400, Cyrill Gorcunov wrote:
> > > We have the whole crypto subsystem dealing with this. It sure would
> > > be more complex than ^ operator but it's not like you have to open
> > > code the whole thing. Is it really that complex to use?
> >
> > No, Tejun, the use of crypto engine is not hard but it means more memory
> > consumption (one need to carry resulting hashes and print them out into
> > /proc) and more cpu consuption while we really need some fast and cheap
> > solution. Unlike other usage of crypto engine (such as encoding for net
> > layer, iirc ipsec uses it) I'm not really convinced we should use that
> > heavy artillery here ;)
>
> But the cost would be attributed to the user requesting that specific
> data and given the amount of data to be hashed, I don't think the
> computational or memory overhead should be the deciding design factor
> here. There are far more grave issues here. Userland visible API and
> security.
>

Well, it is not deciding but it should be taken into account. One could
be reading this IDs again and again and again affecting performance of
the whole system, which means I really would prefer to limit access to such
features (ie root-only). If (as I said) for other cases there is simply no way to
_not_ use crypto, our case might be the one where using crypto is redundant.

> > I see, I could use some other form of output, it's not a problem. The main
> > problem which interface community prefer, should I really switch to crypto
> > usage or we can leave with root-only+plain-pointer approach?
>
> I don't know either but if proper hashing (crypto or not) is simple
> enough, this really isn't a tradeoff we need to make, no?
>

Hell knows, I would prefer to escape strong-crypto usage, but if there is
no other way, of course I'll change the approach ;)

Cyrill
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Alan Cox: "Re: [patch 1/4] Add routine for generating an ID for kernel pointer"
Previous message: Andres Cimmarusti: "firmware loading failure for AR3011 (0cf3:3000 or 0cf3:3005 ?)"
In reply to: Tejun Heo: "Re: [patch 1/4] Add routine for generating an ID for kernel pointer"
Next in thread: Tejun Heo: "Re: [patch 1/4] Add routine for generating an ID for kernel pointer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]