[PATCH] 0/5: LSM hooks rework

From: Kurt Garloff
Date: Sun Feb 13 2005 - 16:07:00 EST

Next message: Mariusz Mazur: "Re: [PATCH] linux-libc-headers-2.6.10.0: if_tunnel.h relies on byteorder.h having been included"
Previous message: Jeff Garzik: "netdev-2.6 queue updated"
Next in thread: Kurt Garloff: "[PATCH] 1/5: LSM hooks rework"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

this goes back to a discussion in August last year:
http://www.ussg.iu.edu/hypermail/linux/kernel/0408.1/0623.html

The following patchset addresses three issues of the security.h stub
collection:
* All the functions are implemented twice, once for
CONFIG_SECURITY enabled and once for disabled.
Makes it harder than necessary to keep in sync
and the file much longer than needed.
* We do lots of indirect (and thus non-inlined) calls to
mostly noop functions, which has a performance impact.
By using a branch (as suggested by David Mosberger and
implemented by Brian Baker) we can save a number of cycles.
Especially visible on IA64, where we can get > 3% improvement
on netperf -t TCP_RR
* The default of dummy if CONFIG_SECURITY is enabled is not
desirable as it does differ from the CONFIG_SECURITY disabled
default. Thus make capabilities the default.

Patches are against 2.6.11-rc4 and follow in subsequent mails.
--
Kurt Garloff, Director SUSE Labs, Novell Inc.

Attachment: pgp00000.pgp
Description: PGP signature

Next message: Mariusz Mazur: "Re: [PATCH] linux-libc-headers-2.6.10.0: if_tunnel.h relies on byteorder.h having been included"
Previous message: Jeff Garzik: "netdev-2.6 queue updated"
Next in thread: Kurt Garloff: "[PATCH] 1/5: LSM hooks rework"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]