From: David Howells <dhowells@redhat.com>
To: unlisted-recipients:; (no To-header on input)
Cc: "J. Bruce Fields" <bfields@fieldses.org>,
neilb@suse.de, Trond.Myklebust@netapp.com,
linux-kernel@vger.kernel.org, dhowells@redhat.com,
linux-security-module@vger.kernel.org, nfs@lists.sourceforge.net,
selinux@tycho.nsa.gov, casey@schaufler-ca.com, sds@tycho.nsa.gov
Subject: Re: [NFS] [PATCH 06b/26] Security: Make NFSD work with detached security
Date: Thu, 17 Jan 2008 23:02:06 +0000 [thread overview]
Message-ID: <29216.1200610926@redhat.com> (raw)
In-Reply-To: <28942.1200610127@redhat.com>
David Howells <dhowells@redhat.com> wrote:
> J. Bruce Fields <bfields@fieldses.org> wrote:
>
> > Just curious--why? Are get_kernel_security(), etc., particularly
> > expensive?
>
> It involves a kmalloc(). That means an extra possibility for an error. Plus
> it may allow you to cache the result of checking whether, say, SELinux
> security labels are allowed to be set when passed over NFS (if such is
> possible).
Apart from that, though, no, it's not particularly expensive.
David
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
NFS maillist - NFS@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfs
_______________________________________________
Please note that nfs@lists.sourceforge.net is being discontinued.
Please subscribe to linux-nfs@vger.kernel.org instead.
http://vger.kernel.org/vger-lists.html#linux-nfs
prev parent reply other threads:[~2008-01-17 23:02 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20080115234724.22183.9603.stgit@warthog.procyon.org.uk>
[not found] ` <20080115234652.22183.24850.stgit@warthog.procyon.org.uk>
[not found] ` <20080115234724.22183.9603.stgit-S6HVgzuS8uM4Awkfq6JHfwNdhmdF6hFW@public.gmane.org>
2008-01-17 17:17 ` [NFS] [PATCH 06b/26] Security: Make NFSD work with detached security David Howells
[not found] ` <20849.1200590240@redhat.com>
2008-01-17 20:48 ` J. Bruce Fields
[not found] ` <20080117204804.GC6416@fieldses.org>
2008-01-17 22:48 ` David Howells
[not found] ` <28942.1200610127@redhat.com>
2008-01-17 23:02 ` David Howells [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=29216.1200610926@redhat.com \
--to=dhowells@redhat.com \
--cc=Trond.Myklebust@netapp.com \
--cc=bfields@fieldses.org \
--cc=casey@schaufler-ca.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=neilb@suse.de \
--cc=nfs@lists.sourceforge.net \
--cc=sds@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox