[RFC PATCH v2] KEYS: Add a list for unreferenced keys

[Jarkko Sakkinen]

On Sun, Mar 30, 2025 at 02:16:49PM +0300, Jarkko Sakkinen wrote:
> diff --git a/security/keys/key.c b/security/keys/key.c
> index 7198cd2ac3a3..b34b4cba6ce7 100644
> --- a/security/keys/key.c
> +++ b/security/keys/key.c
> @@ -22,6 +22,7 @@ DEFINE_SPINLOCK(key_serial_lock);
>  
>  struct rb_root	key_user_tree; /* tree of quota records indexed by UID */
>  DEFINE_SPINLOCK(key_user_lock);
> +LIST_HEAD(key_graveyard);
>  
>  unsigned int key_quota_root_maxkeys = 1000000;	/* root's key count quota */
>  unsigned int key_quota_root_maxbytes = 25000000; /* root's key space quota */
> @@ -658,8 +659,10 @@ void key_put(struct key *key)
>  				key->user->qnbytes -= key->quotalen;
>  				spin_unlock_irqrestore(&key->user->lock, flags);
>  			}
> -			smp_mb(); /* key->user before FINAL_PUT set. */
> -			set_bit(KEY_FLAG_FINAL_PUT, &key->flags);
> +			spin_lock(&key_serial_lock);

	kdebug("unrefd key %d", key->serial);

Now this message gets spuriously deleted so maybe better just carry it
(just noticed)?

> +			rb_erase(&key->serial_node, &key_serial_tree);
> +			list_add_tail(&key->graveyard_link, &key_graveyard);
> +			spin_unlock(&key_serial_lock);
>  			schedule_work(&key_gc_work);
>  		}
>  	}
> -- 
> 2.39.5
> 
> 

BR, Jarkko