Re: [PATCH] Properly share process and session keyrings withCLONE_THREAD

From: Linus Torvalds
Date: Sat Feb 26 2005 - 12:59:20 EST




On Sat, 26 Feb 2005, David Howells wrote:
>
> There's a per-thread keyring available too; and that is strictly per thread.

Ahh, I'd forgotten about that. Yeah, as long as the per-thread thing is
still there, I guess I'm ok with it (what I _really_ don't want to lose is
the ability to have independent threads - threaded servers using
per-request keys etc, and that's my main gripe with the stupid POSIX
threading model: it takes away per-thread data).

Can you not do the "thread_group_lock()" thing, though? I hate hiding
locks in "helper functions". You search for the lock, and now you've
hidden that "siglock" usage away and made it very different from all the
other siglock usage. You've also hidden the fact that it accesses
"current->signal" (while not hiding it would mean that the code would
likely be more cleanly done as

struct sighand *grp = current->sighand;

spin_lock_irq(grp->siglock);
.. access group keys ..
spin_unlock_irq(grp->siglock);

Also, you have "current->thread_group" in there:

+ key_check(current->thread_group->session_keyring);
+ key_check(current->thread_group->process_keyring);

which seems to have gotten through only because your key debug stuff is
disabled..

Linus

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/