From: Rik van Riel <riel@redhat.com>
To: Andy Isaacson <adi@hexapodia.org>
Cc: Kyle Moffett <mrmacman_g4@mac.com>,
Davide Libenzi <davidel@xmailserver.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: [patch 0/4] MAP_NOZERO v2 - VM_NOZERO/MAP_NOZERO early summer madness
Date: Mon, 02 Jul 2007 15:03:02 -0400 [thread overview]
Message-ID: <46894BE6.1040302@redhat.com> (raw)
In-Reply-To: <20070702190043.GN9157@hexapodia.org>
Andy Isaacson wrote:
> On Sat, Jun 30, 2007 at 08:21:52PM -0400, Kyle Moffett wrote:
>> That's why you'd need to call an LSM hook to get a unique identifier,
>> as the LSM would actually need to allocate identifiers for
>> equivalence classes. Secondly, processes may change labels as they
>> run, so you couldn't just call it once and cache the result, you
>> would need to call it for every freed page (or every re-use of a page).
>
> Davide's patch adds a owner_uid field to mm_struct. Assuming that turns
> into a "mm security equivalence class identifier", the LSM can simply
> update it when a label-change-event occurs. No need to call out to
> (potentially heavyweight!) LSM code in page allocation critical paths.
>
> I'm a bit concerned that tracking the equivalence classes will get
> expensive. I think you can end up with quadratic explosion in the worst
> case (every user using every permutation of LSM bits).
That should not happen. The default SELinux configuration
in Fedora (and Debian?) runs a few daemons in their own
restricted modes and has most of the system running in
unconfined_t, including the majority of user programs.
--
Politics is the struggle between those who want to make their country
the best in the world, and those who believe it already is. Each group
calls the other unpatriotic.
next prev parent reply other threads:[~2007-07-02 19:03 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-06-28 18:49 [patch 0/4] MAP_NOZERO v2 - VM_NOZERO/MAP_NOZERO early summer madness Davide Libenzi
2007-06-29 2:57 ` Kyle Moffett
2007-06-29 3:04 ` Rik van Riel
2007-06-29 5:09 ` Ulrich Drepper
2007-06-29 5:20 ` Davide Libenzi
2007-06-29 19:39 ` Andy Isaacson
2007-06-29 20:12 ` Davide Libenzi
2007-06-29 23:48 ` Kyle Moffett
2007-06-30 19:03 ` Davide Libenzi
2007-06-30 23:46 ` Kyle Moffett
2007-06-30 23:57 ` Davide Libenzi
2007-07-01 0:21 ` Kyle Moffett
2007-07-01 4:25 ` Davide Libenzi
2007-07-02 19:00 ` Andy Isaacson
2007-07-02 19:03 ` Rik van Riel [this message]
2007-07-02 19:06 ` Ulrich Drepper
2007-07-02 22:46 ` Davide Libenzi
2007-07-02 22:55 ` Rik van Riel
2007-07-02 23:46 ` Davide Libenzi
2007-07-04 21:53 ` Andy Isaacson
2007-07-04 23:42 ` Davide Libenzi
2007-07-02 18:38 ` Andy Isaacson
2007-07-02 22:38 ` Davide Libenzi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=46894BE6.1040302@redhat.com \
--to=riel@redhat.com \
--cc=adi@hexapodia.org \
--cc=davidel@xmailserver.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mrmacman_g4@mac.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox