Re: [0/many] Acrypto - asynchronous crypto layer for linux kernel 2.6

[Kyle Moffett]

On Mar 08, 2005, at 04:37, Evgeniy Polyakov wrote:
> > Did you include support for the new key/keyring infrastructure
> > introduced a couple versions ago by David Howells?  It allows
> > user-space to create and manage various sorts of "keys" in
> > kernel-space.  If you create and register a few keytypes for
> > various symmetric and asymmetric ciphers, you could then take
> > advantage of its support for securely passing keys around in
> > and out of userspace.
>
> As far as I know, it has different destination - for example
> asynchronous block device, which uses acrypto in one of it's
> filters, may use it.

I'm not exactly familiar with asynchronous block device, but I'm
guessing that it would need to get its crypto keys from the user
somehow, no?  If so, then the best way of managing them is via
the key/keyring infrastructure.  From the point of view of other
kernel systems, it's basically a set of BLOB<=>task associations
that supports a reasonable inheritance and permissions model.

Cheers,
Kyle Moffett

-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCM/CS/IT/U d- s++: a18 C++++>$ UB/L/X/*++++(+)>$ P+++(++++)>$
L++++(+++) E W++(+) N+++(++) o? K? w--- O? M++ V? PS+() PE+(-) Y+
PGP+++ t+(+++) 5 X R? tv-(--) b++++(++) DI+ D+ G e->++++$ h!*()>++$ r  
!y?(-)
------END GEEK CODE BLOCK------


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/