kdbus and kernel keys
Simon McVittie
simon.mcvittie at collabora.co.uk
Thu Jan 16 04:34:11 PST 2014
On 15/01/14 20:10, Kay Sievers wrote:
> On Wed, Jan 15, 2014 at 8:38 PM, David Howells <dhowells at redhat.com> wrote:
>> Can it be made possible to pass kernel keys around (ie. ones created with the
>> add_key() syscall) with kdbus messages?
>
> Isn't that a bit like file descriptor passing what you look for?
Is there any possibility of the kernel letting these keys be passed
around as fds? Then D-Bus, and anything else that uses fd-passing to
transfer capabilities[1], automatically gets that feature with no
additional design, maintenance or feature-discovery needed in D-Bus
implementations. That seems a more graceful way to do it than
introducing a new D-Bus type or header, #ifdef tests in implementations
to see whether the OS/libc support the necessary underlying feature,
runtime tests in implementations to see whether the running kernel
supports it, and API to query support.
(You do need that whole mess to be able to ask "does this D-Bus
implementation support fd-passing?", but we already have that - there
seems no point in doing it again.)
I'm very much in favour of the "everything is a fd" trend in
Linux<->userland API design - eventfd, kdbus memfds, inotify etc. - for
that sort of reason.
Regards,
S
[1] as in <https://en.wikipedia.org/wiki/Capability-based_security> -
not to be confused with POSIX draft 1003.1e capabilities as seen in
Linux, which are something rather different
More information about the dbus
mailing list