Received: by 2002:a05:7412:5112:b0:fa:6e18:a558 with SMTP id fm18csp1398513rdb; Wed, 24 Jan 2024 14:12:35 -0800 (PST) X-Google-Smtp-Source: AGHT+IG3853Jsoc9TbbRsCyMprh1/R8ws6qfPNayrOoOZw6t4ZIpzVbOoPww/7CLfc6rdivXRT0e X-Received: by 2002:a37:e209:0:b0:783:a452:ada6 with SMTP id g9-20020a37e209000000b00783a452ada6mr69647qki.143.1706134355699; Wed, 24 Jan 2024 14:12:35 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1706134355; cv=pass; d=google.com; s=arc-20160816; b=G+LRg/mZHIqo69ubRBBhrfxRu82jyrMOfIfa5xl9qBsJIyNtsg3rgZUiQmb7CaMIcg 0aZL5j0sk8H4Y/yHLdowgaw9FamPAu4H7rCAC5o4vQJfhkh+0EHxLp8nLiifRbcrWbUn LJ79g7mwyVW+uEGNpFxoOg2kKh8WV0xL1adF+OYlsnc+8cagA47Hp159kGnlJEBZkBBl uRnlpd9JihL6OeX0XskFw8MOMm4ZudxG0IByi/H9oxckNTHaIL7+fHn+DsJPrIjHOyQQ 6SBTS2Y5FdsUxVp3QDKSdRN9B9z73riVTlpPPjJbm016ICU+nbBjsBdiYawDp+oLxrrj r+zw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=i7ATGxu9Lo6Hr10gDGp7B6tbV4XaO9yvHFG9OOm9hZg=; fh=acH0gTckwMfUzlDrrgidJamSm8+YQiPTEyohyOdAJh8=; b=ee2QFsUS2vWmI0IcX2wqbGu0F+1NXcJ3YzE1EQYNBfyM9xGAIBIgyb7+XXCXGqXK1f rwoeiLqI4ygd0XQ2rJS9MIYVRY7llIO+gHg62Zy6Z1T1gKjeCyQznoZgxpJzSkVqXA4P N+NoyaMnpR2mYsv+NVm9T377JBLy4wJViWr4hwRrI4+K19/0Vo9TSZvYU+0L5P1Dvvoa tUUcsVbbpouZsRcJsTnFdSF7hK0pHy9greHgXMY2rT8Y7/KkEtIUYbDkLMMhrkB2SiCY 6/OA37le+Pj9FSIDVIkmT5EIsckxN4ltGNVJvjyorJR2Ifjtb0WDcQ/XPfZO4fFLC5oP wFFw== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=DnylZEIr; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-37731-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-37731-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id v2-20020a05620a0f0200b007839bfb63ccsi9418762qkl.172.2024.01.24.14.12.35 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 24 Jan 2024 14:12:35 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-37731-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=DnylZEIr; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-37731-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-37731-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 72AA71C234C8 for ; Wed, 24 Jan 2024 22:12:35 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 6ADA6135A42; Wed, 24 Jan 2024 22:12:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="DnylZEIr" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 91D87135406; Wed, 24 Jan 2024 22:12:28 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706134348; cv=none; b=beV3UGoIy0O/53tdGMDJERaBAIN3QCqa4R6+tVvSBGaVqF5sXiX/ODpEXst+rO0+f/OIwSvEZNdINGR0lxG9qWXPJg6hA5StMbs2j8M7icEv2SWYQHKUs3mWd2astqMuCS92ss5P+gN/HXujGDjwywVdWX6mzYJzRsLy2nF17Cw= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706134348; c=relaxed/simple; bh=gc13NGs1cozYsps1K1Aw7bZhty0AXw1eubkb+LJzZZA=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=AcFp7WanWZkmuPnZrBXLFsfwhUMN9v+VjNLA3Ie89QLcizLLtYr/MmXoSN14BWo7S9m73SdeE5LXV6ypTf3Lzeu1yezkDr7Ll1A7It1wFAUTNp+5aU+V5pYSkLFz8ywNfMICk6bFi7iI0IxgDt7Hgz1e9iL88hJhc0t/WX7gQeY= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=DnylZEIr; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id BC775C433C7; Wed, 24 Jan 2024 22:12:27 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1706134348; bh=gc13NGs1cozYsps1K1Aw7bZhty0AXw1eubkb+LJzZZA=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=DnylZEIrzTT5YlkpQFG0beg+X37lzo9YLQA68KJZNFySMJy+Yai3KtMhCAB7RFZMO 46i0C2iQTyLvzzKYHWCmjSZE15Kot2WAsI84EJUbpgHxi4Ft6D22HUi/bCxDsyJdXC 2KdTQp9fMGGs5/lXOenlMuv+dbg921lE5ofaTi8HHPH1+jcQIoyCSIHXmPV0Moe5nG im2jNUZeHol1xO8QpNKjnzc/UzwHfpt+iSq2WT5PrWnD3oarKi4QGhzg1/DWqD1ZCZ f0Js5fOa9AjdJlszpBGSom1WNZqCl1zlz3RtX2MVzEHxkEUYDxwdAvUEm3HAUCeXaN Lit3HSibP79Dg== Date: Wed, 24 Jan 2024 14:12:25 -0800 From: Eric Biggers To: Luis Henriques Cc: David Howells , Jarkko Sakkinen , keyrings@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [RFC PATCH v2] keys: update key quotas in key_put() Message-ID: <20240124221225.GD1088@sol.localdomain> References: <2744563.1702303367@warthog.procyon.org.uk> <20240115120300.27606-1-lhenriques@suse.de> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240115120300.27606-1-lhenriques@suse.de> On Mon, Jan 15, 2024 at 12:03:00PM +0000, Luis Henriques wrote: > Delaying key quotas update when key's refcount reaches 0 in key_put() has > been causing some issues in fscrypt testing. This patches fixes this test > flakiness by dealing with the quotas immediately, but leaving all the other > clean-ups to the key garbage collector. Unfortunately, this means that we > also need to switch to the irq-version of the spinlock that protects quota. > > Signed-off-by: Luis Henriques > --- > Hi David! > > I have these changes in my local disk for a while; I wanted to send them > before EOY break but... yeah, it didn't happen. Anyway, I'm still sending > it as an RFC as I'm probably missing something. > > security/keys/gc.c | 8 -------- > security/keys/key.c | 32 ++++++++++++++++++++++---------- > security/keys/keyctl.c | 11 ++++++----- > 3 files changed, 28 insertions(+), 23 deletions(-) This patch seems reasonable to me, though I'm still thinking about changing fs/crypto/ to manage its key quotas itself which would avoid the issue entirely. Note that as I said before, fs/crypto/ does key_put() on a whole keyring at once, in order to release the quota of the keys in the keyring. Do you plan to also change fs/crypto/ to keyring_clear() the keyring before putting it? Without that, I don't think the problem is solved, as the quota release will still happen asynchronously due to the keyring being cleared asynchronously. - Eric