From mboxrd@z Thu Jan 1 00:00:00 1970 From: Casey Schaufler Subject: Re: [PATCH 1/3] IMA: move read/write counters into struct inode Date: Thu, 21 Oct 2010 09:15:29 -0700 Message-ID: <4CC06721.8020308@schaufler-ca.com> References: <20101019011650.25346.99614.stgit@paris.rdu.redhat.com> <1287506215.2530.187.camel@localhost.localdomain> <20101019165530.GT19804@ZenIV.linux.org.uk> <1287528546.2530.277.camel@localhost.localdomain> <20101020143845.GB22271@elte.hu> <1287585996.2530.294.camel@localhost.localdomain> <20101020151555.GC22271@elte.hu> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: Eric Paris , Linus Torvalds , Al Viro , linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, linux-fsdevel@vger.kernel.org, hch@infradead.org, zohar@us.ibm.com, warthog9@kernel.org, david@fromorbit.com, jmorris@namei.org, kyle@mcmartin.ca, hpa@zytor.com, akpm@linux-foundation.org To: Ingo Molnar Return-path: In-Reply-To: <20101020151555.GC22271@elte.hu> Sender: linux-security-module-owner@vger.kernel.org List-Id: linux-fsdevel.vger.kernel.org On 10/20/2010 8:15 AM, Ingo Molnar wrote: > * Eric Paris wrote: > >> On Wed, 2010-10-20 at 16:38 +0200, Ingo Molnar wrote: >>> * Eric Paris wrote: >>> >>>> Executive summary of the day's work: >>>> Yesterday morning: 944 bytes per inode in core >>>> Yesterday night: 24 bytes per inode in core >>>> Tonight: 4 bytes per inode in core. >>>> >>>> That's a x236 time reduction in memory usage. No I didn't even start looking >>>> at a freezer. Which could bring that 4 down to 0, but would add a scalability >>>> penalty on all inodes when IMA was enabled. >>> Why not use inode->i_security intelligently? That already exists so that way >>> it's 0 bytes. >>> >>> Thanks, >> It still wouldn't be 0 bytes since there would be a 1-1 mapping from inode to >> i_security structs. [...] > Only for IMA-affected files, right? > > My point is to keep it 0 overhead for the _non IMA common case_. > >> The real reason I don't pursue this route is because of the litany of different >> ways this pointer is used in different LSMs (or not used at all.) And we all know >> that LSM authors aren't known for seeing the world the same way as each other. As >> a maintainer of one of those LSMs even I'm scared to try pushing that forward.... > Ugh. That's a perfect reason to do it exactly like i suggested. If you would like to make a proposal on LSM stacking other than the traditional "rip the LSM out" I am sure that everyone in the IMA, SELinux, TOMOYO, AppArmor and Smack communities would be happy to have a look. Short of having a viable mechanism for multiple LSMs to coexist IMA needs its separate space. Yes, people do use both IMA and LSMs on the same machine at the same time. > Thanks, > > Ingo > -- > To unsubscribe from this list: send the line "unsubscribe linux-security-module" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html > >