been test compiled yet, so there are still bugs galore, but if anyone wants to
have a look, here it is:
Linux Key Infrastructure: <http://www.tjhsst.edu/~kmoffett/lki.tar.bz2>
Implemented:
- lki_key_t
A single key implemented with a generic blob - lki_keytype_t
A keytype, either auto-generated by calling from user-space or
registered by a kernel module with lki_keytype_register - lki_key_create, lki_key_destroy
Kernel functions to create and destroy keys. They allocate from
a number pool. - lki_key_hash_add, lki_key_hash_remove, lki_key_hash_search
Kernel functions to look up keys by number.In progress:
- lki_key_handle_t
This will be tied to a file-descriptor for access by user processes. If
a process "revokes" a given file-descriptor that it has open, then that
key file-descriptor and any that it created (children) through dup() or
being passed to another process will be destroyed.
- Permissions on lki_key_t
I'm still learning about this posix_acl_t stuff. It would be nice if
somebody could write a patch to seperate the POSIX ACL functions
from inodes so they could be applied to lki_key_t objects even when
the keyfs(TODO) isn't mounted
Not yet started:
- key-rings
They'll be a special case of a key where the BLOB contains a list of
lki_key_handle_t and some extra metadata.
- keyfs
I'm not ready to open _that_ can of worms yet
- syscall "keyctl"
Once I get the kernel-side interfaces finalized, I'll build keyctl to match.
Cheers, Kyle Moffett
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCM/CS/IT/U d- s++: a17 C++++>$ UB/L/X/*++++(+)>$ P+++(++++)>$
L++++(+++) E W++(+) N+++(++) o? K? w--- O? M++ V? PS+() PE+(-) Y+
PGP+++ t+(+++) 5 X R? tv-(--) b++++(++) DI+ D+ G e->++++$ h!*()>++$ r !y?(-)
------END GEEK CODE BLOCK------
_______________________________________________ OpenAFS-devel mailing list [EMAIL PROTECTED] https://lists.openafs.org/mailman/listinfo/openafs-devel
