lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 14 Mar 2008 02:39:46 +0000
From:	David Howells <dhowells@...hat.com>
To:	Andrew Morton <akpm@...ux-foundation.org>
Cc:	dhowells@...hat.com, torvalds@...ux-foundation.org,
	kwc@...i.umich.edu, arunsr@....iitk.ac.in, dwalsh@...hat.com,
	linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 3/3] KEYS: Make the keyring quotas controllable through /proc/sys

Andrew Morton <akpm@...ux-foundation.org> wrote:

> >  #define key_serial(key) ((key) ? (key)->serial : 0)
> 
> err, why was that a macro?  It could have been implemented as an inline. 
> One which doesn't evaluate its argument twice (or once if it was -1).

Probably because the CONFIG_KEYS=n version of key_serial() has to be a macro
(so as to discard key without any attempt at evaluation).

However, that doesn't apply to the CONFIG_KEYS=y case, so I'll whip up a patch
to alter that for you.

> > +#ifdef CONFIG_SYSCTL
> > +extern ctl_table key_sysctls[];
> > +#endif
> 
> I've been going around telling people to not bother with the ifdefs here. 
> Upside: looks nicer.  Downside: defers the build error from compile-time to
> link-time.

Downside #2: the #ifdef is documentation of a sort.  Personally, I prefer the
extra #ifdef here as it makes it clearer to someone looking at the .h file why
their code doesn't compile/link rather than them having to know to go fishing
in Makefiles.

> open-coded knowledge of uid==0 might be problematic for containerisation. 
> Maybe it's on the containers team's radar, maybe it's actually not a
> problem, don't know.  (adds cc).

As I understand it, the same applies to any UID.  UID 0/root is typically
special, but I don't know how this is normally handled in alternate containers
for other kernel objects.  I can't just go and look at a capability on current
because the quota belongs to the user, not the process.

I have become aware in the last couple of days that the container people
missed or left out keys.  Possibly key IDs as well as key quotas should be
separated.

David
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ