From: Daniel J Walsh <dwalsh@redhat.com>
To: Stephen Smalley <sds@tycho.nsa.gov>,
"Carlos O'Donell" <carlos@redhat.com>
Cc: Eric Paris <eparis@redhat.com>,
selinux@tycho.nsa.gov, codonell@redhat.com
Subject: Re: Handling unknown permissions in userspace object managers
Date: Fri, 01 Nov 2013 17:21:48 -0400 [thread overview]
Message-ID: <52741B6C.8010006@redhat.com> (raw)
In-Reply-To: <5273DEB3.5050808@tycho.nsa.gov>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 11/01/2013 01:02 PM, Stephen Smalley wrote:
> On 11/01/2013 01:00 PM, Carlos O'Donell wrote:
>> On 11/01/2013 12:00 PM, Stephen Smalley wrote:
>>> But selinux_check_access() is IMHO a better way to go for any new code
>>> unless it is so performance-critical that the context, class, and perm
>>> lookups per check are prohibitive.
>>
>> The code in question is from glibc's nscd and used when determining if
>> the user should or should not have access to specific cache results, and
>> therefore it is performance sensitive. The faster we can determine if
>> access is allowed the faster we can return a result to a client that
>> needs an answer about a particular credential. I'm happing doing the
>> translations at startup when the daemon is initializing, but I'm not
>> happy to do them at every request arriving to the daemon. Unless someone
>> says this needs to be fully dynamic I'd like to avoid any costs during
>> the request handling phase.
>
> I doubt the overhead of the SID/class/perm lookup compares to the IPC
> overhead, but I can't say that I've measured it. But feel free to use
> whichever interface you prefer.
>
>
>
>
> -- This message was distributed to subscribers of the selinux mailing
> list. If you no longer wish to subscribe, send mail to
> majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes
> as the message.
>
We could potentially optimize the calls similarly to what we did with
procattr, where we cache the previous lookup. Since the
source,type,class,perm flags will often be repeated.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlJ0G2wACgkQrlYvE4MpobM5twCeN14XzW+AaRpnMHf58EAETeuu
IVYAoOmXkl9dIh4ARQjQDkl3JIH1WUnj
=5ZEm
-----END PGP SIGNATURE-----
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
prev parent reply other threads:[~2013-11-01 21:21 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-11-01 15:18 Handling unknown permissions in userspace object managers Eric Paris
2013-11-01 15:48 ` Stephen Smalley
2013-11-01 15:54 ` Eric Paris
2013-11-01 16:00 ` Stephen Smalley
[not found] ` <5273DE3D.4070402@redhat.com>
2013-11-01 17:02 ` Stephen Smalley
[not found] ` <5273E261.3050100@redhat.com>
2013-11-01 17:20 ` Stephen Smalley
2013-11-01 21:21 ` Daniel J Walsh [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=52741B6C.8010006@redhat.com \
--to=dwalsh@redhat.com \
--cc=carlos@redhat.com \
--cc=codonell@redhat.com \
--cc=eparis@redhat.com \
--cc=sds@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.