Re: [PATCH 1/2] KEYS: Implement a big key type that can save to tmpfs

From: David Howells
Date: Thu Aug 08 2013 - 10:47:07 EST

Next message: Arnaldo Carvalho de Melo: "Re: [PATCH 1/2] perf kvm: option to print events that exceed aduration -v2"
Previous message: Christoph Lameter: "Re: [PATCH] idr: Use this_cpu_ptr() for percpu_ida"
Next in thread: Nico Williams: "Re: [PATCH 1/2] KEYS: Implement a big key type that can save to tmpfs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Nico Williams <nico@xxxxxxxxxxxxxxxx> wrote:

> b) how to create tmpfs locations in which to store credentials (which
> can be unbounded in size, so storing them in the kernel is silly;

Ummm... tmpfs stores them in the kernel too - though it can page them out to
swap.

I have altered my big-key implementation to just store small items in an
internal buffer and big items in a tmpfs file. This means that small items
will use up _less_ kernel memory if they're in a key because they won't require
the overhead of a dentry struct and an inode struct.

> (b) can be solved in many ways, and the simplest is to have a
> filesystem where top-level directories named after UIDs "exist" as
> soon as they are referenced and as long as they are non-empty. You
> can use autofs + tmpfs, or a variant of tmpfs for this.

Don't forget to add user namespaces into the mix :-/

David
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Arnaldo Carvalho de Melo: "Re: [PATCH 1/2] perf kvm: option to print events that exceed aduration -v2"
Previous message: Christoph Lameter: "Re: [PATCH] idr: Use this_cpu_ptr() for percpu_ida"
Next in thread: Nico Williams: "Re: [PATCH 1/2] KEYS: Implement a big key type that can save to tmpfs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]