[RFC][PATCH 00/10] Associative array & Massive expansion of keyring capacity

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Here's a set of patches that do two main things:

 (1) Provide a general purpose associative array implementation.

 (2) Use the associative array implementation to provide key pointer storage
     for keyrings thereby massively increasing capacity.

There are numerous smaller patches also that are split out of (2) to make the
patch in (2) smaller, plus a fix patch that didn't get taken into the last
merge window.

The patches can also be found at:

	http://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-fs.git/log/?h=keys-devel


The impetus for these is that the NFS ID mapper uses keyrings to store name to
ID mappings, but is running up against the limitation imposed by the flat
array currently used by the keyring.

The associative array implementation does all the work.  To quickly summarise
its capabilities: no capacity limit; objects don't need to be modified to go
in it (no list_head/rb_node equivalent needed); objects need a unique index
key of arbitrary length; objects can be anything; modifications are generally
RCU-safe; the contents can be iterated over and it can directly walk to an
object in O(log(N)-ish) time given the key; and lastly, there are several
features to reduce the memory footprint (node sharing and shortcuts).
Documentation is included in the patch.

Note that the associative array implementation was developed in userspace and
has been thoroughly valground and tested inserting new objects whilst
iterating over 2,000,000 objects amongst other things.

The keyutils testsuite has been run successfully against a kernel with these
patches applied, though the testsuite did need some tweaks: (a) previously
keys added to a keyring with no removals appeared to be ordered and (b) some
of the errors have changed.

David
---
David Howells (10):
      KEYS: Skip key state checks when checking for possession
      Add a generic associative array implementation.
      KEYS: Use bool in make_key_ref() and is_key_possessed()
      KEYS: key_is_dead() should take a const key pointer argument
      KEYS: Consolidate the concept of an 'index key' for key access
      KEYS: Introduce a search context structure
      KEYS: Search for auth-key by name rather than targt key ID
      KEYS: Define a __key_get() wrapper to use rather than atomic_inc()
      KEYS: Drop the permissions argument from __keyring_search_one()
      KEYS: Expand the capacity of a keyring


 Documentation/assoc_array.txt    |  583 +++++++++++++
 Documentation/security/keys.txt  |   20 
 include/keys/keyring-type.h      |   17 
 include/linux/assoc_array.h      |   94 ++
 include/linux/assoc_array_priv.h |  159 +++
 include/linux/key-type.h         |    5 
 include/linux/key.h              |   48 +
 lib/Kconfig                      |   14 
 lib/Makefile                     |    1 
 lib/assoc_array.c                | 1734 ++++++++++++++++++++++++++++++++++++++
 security/keys/Kconfig            |    1 
 security/keys/gc.c               |   30 -
 security/keys/internal.h         |   65 +
 security/keys/key.c              |   91 +-
 security/keys/keyring.c          | 1447 ++++++++++++++++----------------
 security/keys/proc.c             |   17 
 security/keys/process_keys.c     |  131 +--
 security/keys/request_key.c      |   56 +
 security/keys/request_key_auth.c |   31 -
 security/keys/user_defined.c     |   18 
 20 files changed, 3596 insertions(+), 966 deletions(-)
 create mode 100644 Documentation/assoc_array.txt
 create mode 100644 include/linux/assoc_array.h
 create mode 100644 include/linux/assoc_array_priv.h
 create mode 100644 lib/assoc_array.c

--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux Filesystem Development]     [Linux USB Development]     [Linux Media Development]     [Video for Linux]     [Linux NILFS]     [Linux Audio Users]     [Yosemite Info]     [Linux SCSI]

  Powered by Linux