Re: cleaning up keyrings

> > Exactly, yep. I can write some simple spec up, but first I want to
> > understand all the current thinking (so far it sounds like there's a
> > pretty blank slate for spec'ing this out)

You might want to have a chat with Dave Howells at Red Hat as well. Dave
did the Linux kernel side key management which handles keys on a thread
through to user and group level.

Documentation/key* in the kernel.

This is used to manage keys needed for things like file systems but can be
used for other stuff too. It also supports callbacks so the kernel can
ask user space about keys.

Currently this is used by the ecryptfs and AFS/RXRPC file/net system
layers, and also by the MMC/SD layer for managing passwords to encrypted
cards. It'll probably soon get used by libata to manage passworded disks
(and thus passworded compact flash)

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]