Hello David,
Amended a piece here after Eugene's note about encrypted keys.
On 13 December 2016 at 13:43, Michael Kerrisk (man-pages)
<mtk.manpages@xxxxxxxxx> wrote:
> Hi David,
>
> On 12/13/2016 12:35 PM, David Howells wrote:
>> Michael Kerrisk <mtk@xxxxxxxx> wrote:
>>
>>> "big_key" (since Linux 3.13)
>>> This key type is similar to the "user" key type, but it
>>> may hold a payload of up to 1MiB in size. The data may
>>> be stored in the swap space rather than in kernel memory
>>
>> stored encrypted (as of 4.8).
>
> Added "encrypted".
So, I've updated this piece a couple of times since the draft that you
reviewed, and by now it reads:
"big_key" (since Linux 3.13)
This key type is similar to the "user" key type, but it may
hold a payload of up to 1 MiB in size. This key type is
useful for tasks such as holding Kerberos ticket caches.
The payload data may be stored in the swap space rather
than in kernel memory if the data size exceeds the overhead
of storing the data encrypted in swap space. (A tmpfs file
is used, which requires filesystem structures to be allo‐
cated in the kernel; The size of these structures deter‐
mines the size threshold above which the tmpfs storage
method is used.) Since Linux 4.8, payload data is
encrypted, to prevent it being written unencrypted into
swap space.
Okay?
Thanks,
Michael
--
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Linux/UNIX System Programming Training: http://man7.org/training/
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
