Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S932711AbcLMM5k (ORCPT <rfc822;w@1wt.eu>);
        Tue, 13 Dec 2016 07:57:40 -0500
Received: from mail-wj0-f193.google.com ([209.85.210.193]:34288 "EHLO
        mail-wj0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S932312AbcLMM5i (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 13 Dec 2016 07:57:38 -0500
MIME-Version: 1.0
Reply-To: mtk.manpages@gmail.com
In-Reply-To: <9f32a79b-5795-bff4-b741-bf927a525149@gmail.com>
References: <51643019-bb42-4066-c824-c55b9e668ac6@man7.org>
 <25262.1481628931@warthog.procyon.org.uk> <9f32a79b-5795-bff4-b741-bf927a525149@gmail.com>
From: "Michael Kerrisk (man-pages)" <mtk.manpages@gmail.com>
Date: Tue, 13 Dec 2016 13:57:16 +0100
Message-ID: <CAKgNAkh9JLN4P+Fu+yRCNo96E3VwjYLRquuaf43XRWeuC7gnNw@mail.gmail.com>
Subject: Re: Revised keyrings(7) man page for review
To: David Howells <dhowells@redhat.com>, Michael Kerrisk <mtk@man7.org>
Cc: Michael Kerrisk <mtk.manpages@gmail.com>,
        lkml <linux-kernel@vger.kernel.org>,
        Eugene Syromyatnikov <evgsyr@gmail.com>, keyrings@vger.kernel.org,
        linux-man <linux-man@vger.kernel.org>
Content-Type: text/plain; charset=UTF-8
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by mail.home.local id uBDCvjUU032237
Content-Length: 1757
Lines: 49

Hello David,

Amended a piece here after Eugene's note about encrypted keys.

On 13 December 2016 at 13:43, Michael Kerrisk (man-pages)
<mtk.manpages@gmail.com> wrote:
> Hi David,
>
> On 12/13/2016 12:35 PM, David Howells wrote:
>> Michael Kerrisk <mtk@man7.org> wrote:
>>
>>>        "big_key" (since Linux 3.13)
>>>               This  key type is similar to the "user" key type, but it
>>>               may hold a payload of up to 1MiB in size.  The data  may
>>>               be stored in the swap space rather than in kernel memory
>>
>> stored encrypted (as of 4.8).
>
> Added "encrypted".

So, I've updated this piece a couple of times since the draft that you
reviewed, and by now it reads:

       "big_key" (since Linux 3.13)
              This key type is similar to the "user" key type, but it may
              hold  a  payload  of up to 1 MiB in size.  This key type is
              useful for tasks such as holding Kerberos ticket caches.

              The payload data may be stored in  the  swap  space  rather
              than in kernel memory if the data size exceeds the overhead
              of storing the data encrypted in swap space.  (A tmpfs file
              is  used,  which requires filesystem structures to be allo‐
              cated in the kernel; The size of  these  structures  deter‐
              mines  the  size  threshold  above  which the tmpfs storage
              method  is  used.)   Since  Linux  4.8,  payload  data   is
              encrypted,  to  prevent  it  being written unencrypted into
              swap space.

Okay?

Thanks,

Michael


-- 
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Linux/UNIX System Programming Training: http://man7.org/training/