lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20150331030340.10464.30272.stgit@pluto.fritz.box>
Date:	Tue, 31 Mar 2015 11:14:34 +0800
From:	Ian Kent <raven@...maw.net>
To:	Kernel Mailing List <linux-kernel@...r.kernel.org>
Cc:	David Howells <dhowells@...hat.com>,
	Oleg Nesterov <onestero@...hat.com>,
	Trond Myklebust <trond.myklebust@...marydata.com>,
	"J. Bruce Fields" <bfields@...ldses.org>,
	Benjamin Coddington <bcodding@...hat.com>,
	Al Viro <viro@...IV.linux.org.uk>,
	Jeff Layton <jeff.layton@...marydata.com>,
	"Eric W. Biederman" <ebiederm@...ssion.com>
Subject: [RFC PATCH v5 0/7] Another attempt at contained helper execution

Following Eric's comments and in light of the most recent nfs and
keys patches here is yet another attempt at the basis of contained
usermode helper execution.

Initially I thought that creating threads to be used when executing
a helper wouldn't be feasible because the number of threads would be
far too large but the recent nfs and keys patches make me think that's
probably not the case.

There's more work to do on this, namely identifying already existing
threads for a requested environment, error handling for environments
that have gone away due to summary execution and similar. But I'd
like to get feedback as to whether I'm on the right track and what I
might be missing before spending more time on it.

---

Ian Kent (7):
      kmod - add workqueue service thread store
      kmod - teach usermodehelper to use service workqueues
      nfsd - use service thread if not executing in init namespace
      nfs - cache_lib use service thread if not executing in init namespace
      nfs - objlayout use service thread if not executing in init namespace
      KEYS - use correct memory allocation flag in call_usermodehelper_keys()
      KEYS: exec request key within service thread of key creator


 fs/nfs/cache_lib.c           |    7 +
 fs/nfs/objlayout/objlayout.c |   14 +++
 fs/nfsd/netns.h              |    3 +
 fs/nfsd/nfs4recover.c        |   48 ++++++---
 fs/nfsd/nfsctl.c             |    6 +
 include/linux/key.h          |    3 +
 include/linux/kmod.h         |    8 ++
 include/linux/sunrpc/cache.h |    2 
 kernel/kmod.c                |  217 ++++++++++++++++++++++++++++++++++++++++--
 net/sunrpc/cache.c           |    5 +
 security/keys/gc.c           |    2 
 security/keys/key.c          |    5 +
 security/keys/request_key.c  |   38 ++++++-
 13 files changed, 323 insertions(+), 35 deletions(-)

--
Ian
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ