Re: SELinux performance issue with large systems (32 cpus)

From: Stephen Smalley
Date: Tue Nov 23 2004 - 16:02:40 EST

Next message: Valdis . Kletnieks: "Re: SELinux performance issue with large systems (32 cpus)"
Previous message: Joerg Sommrey: "Re: oops with dual xeon 2.8ghz 4gb ram +smp, software raid, lvm, and xfs"
In reply to: keith: "Re: SELinux performance issue with large systems (32 cpus)"
Next in thread: Valdis . Kletnieks: "Re: SELinux performance issue with large systems (32 cpus)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 2004-11-23 at 14:22, keith wrote:
> After some lock profiling (keeping track of what locks were last used
> and how many cycles were spent waiting) it became quite clean the the
> avc_lock was to blame. The avc_lock is a SELinux lock.

Thanks to work by Kaigai Kohei of NEC, the global avc spinlock has been
replaced by an RCU-based scheme. Those changes are in the -mm patches
(e.g. 2.6.10-rc2-mm3) and will hopefully go upstream after 2.6.10 is
released. There is also ongoing work on baseline performance.

--
Stephen Smalley <sds@xxxxxxxxxxxxxx>
National Security Agency

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Valdis . Kletnieks: "Re: SELinux performance issue with large systems (32 cpus)"
Previous message: Joerg Sommrey: "Re: oops with dual xeon 2.8ghz 4gb ram +smp, software raid, lvm, and xfs"
In reply to: keith: "Re: SELinux performance issue with large systems (32 cpus)"
Next in thread: Valdis . Kletnieks: "Re: SELinux performance issue with large systems (32 cpus)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]