lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 01 Sep 2017 16:52:00 +0100
From:   David Howells <dhowells@...hat.com>
To:     linux-afs@...ts.infradead.org
Cc:     dhowells@...hat.com, linux-fsdevel@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: [RFC PATCH 00/11] AFS: Namespacing part 1

Here are some changes to the AFS filesystem that form the first part of
network-namespacing and IPv6 enabling the AFS filesystem.  AF_RXRPC is
already namespaced.

This is built on AF_RXRPC changes tagged with rxrpc-next-20170829 (which is
also in net-next).

The AFS changes are:

 (1) Create a dummy AFS network namespace and shift a bunch of global
     things into it and start using it.

 (2) Add some more AFS RPC protocol definitions.

 (3) Update the cache infrastructure to remove some stuff that is redundant
     or not actually useful and increment the version.

 (4) Keep track of internal addresses in terms of sockaddr_rxrpc structs
     rather than in_addr structs.  This will enable the use of IPv6.

 (5) Allow IPv6 addresses for VL servers to be specified.  Note that this
     doesn't help with finding FS servers as that requires a protocol
     change.  Such a protocol extension is available in the AuriStor
     AFS-compatible server, though I haven't implemented that yet.

 (6) Overhaul cell database management to manage them better, making them
     automatically kept up to date from the DNS server.

 (7) Make use of the new AF_RXRPC call-retry to implement address rotation
     for VL servers and FS servers without the need to re-encrypt client
     call data.

To make this work, I've added some extensions to the core kernel:

 (1) Add a decrement-after-return function for workqueues that allows a
     work item to ask the workqueue manager to decrement an atomic_t and
     'wake it up' if it reaches 0.  This is analogous to
     complete_and_exit() and can be used to protect rmmod against code
     removal.

 (2) Add refcount_inc/dec_return() functions that return the new value of
     the refcount_t.  This makes maintaining a cache easier where you want
     to schedule timed garbage collection when the refcount reaches 1.  It
     also makes tracing easier as the value is obtained atomically.

 (3) Pass the wait mode to wait_on_atomic_t() and provide a default action
     function.  This allows various default actions scattered about the
     place to be deleted.

 (4) Add a function to start or reduce the timeout on a timer if it's
     already running.  This makes it easier to maintain a single timer for
     multiple events without requiring extra locking to check/modify the
     timer (the timer has its own lock after all).


The patches can be found here also:

	http://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-fs.git/log/?h=afs

David

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ