Re: [PATCH] 5/5: LSM hooks rework
Hi James, On Mon, Feb 14, 2005 at 11:50:01AM -0500, James Morris wrote: > On Sun, 13 Feb 2005, Kurt Garloff wrote: > > > /* Condition for invocation of non-default security_op */ > > #define COND_SECURITY(seop, def) \ > > - (likely(security_ops == _security_ops))? def: > > security_ops->seop > > + (unlikely(security_enabled))? security_ops->seop: def > > So this will cause a false unlikely() for every single SELinux hook, > again. A correct unlikely() in my book. Yes, that was one of the reasons that I split up the patches. There are people who believe that we should optimize for the slow path (SELinux) or at least not penalize it. Fine with me, feel free to ignore patches 4, 5 then. > This was rejected last year. It wasn't. The discussion did not come to a conclusion. Best regards, -- Kurt Garloff, Director SUSE Labs, Novell Inc. pgpAydeVcylqn.pgp Description: PGP signature
Re: [PATCH] 5/5: LSM hooks rework
On Sun, 13 Feb 2005, Kurt Garloff wrote: > /* Condition for invocation of non-default security_op */ > #define COND_SECURITY(seop, def) \ > - (likely(security_ops == _security_ops))? def: > security_ops->seop > + (unlikely(security_enabled))? security_ops->seop: def So this will cause a false unlikely() for every single SELinux hook, again. This was rejected last year. The thread you pointed to has some discussion of dealing with the problematic ia64 case, although there's no evidence in these patches that anything has progressed in that area since then. - James -- James Morris <[EMAIL PROTECTED]> - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH] 5/5: LSM hooks rework
On Sun, 13 Feb 2005, Kurt Garloff wrote: /* Condition for invocation of non-default security_op */ #define COND_SECURITY(seop, def) \ - (likely(security_ops == capability_security_ops))? def: security_ops-seop + (unlikely(security_enabled))? security_ops-seop: def So this will cause a false unlikely() for every single SELinux hook, again. This was rejected last year. The thread you pointed to has some discussion of dealing with the problematic ia64 case, although there's no evidence in these patches that anything has progressed in that area since then. - James -- James Morris [EMAIL PROTECTED] - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH] 5/5: LSM hooks rework
Hi James, On Mon, Feb 14, 2005 at 11:50:01AM -0500, James Morris wrote: On Sun, 13 Feb 2005, Kurt Garloff wrote: /* Condition for invocation of non-default security_op */ #define COND_SECURITY(seop, def) \ - (likely(security_ops == capability_security_ops))? def: security_ops-seop + (unlikely(security_enabled))? security_ops-seop: def So this will cause a false unlikely() for every single SELinux hook, again. A correct unlikely() in my book. Yes, that was one of the reasons that I split up the patches. There are people who believe that we should optimize for the slow path (SELinux) or at least not penalize it. Fine with me, feel free to ignore patches 4, 5 then. This was rejected last year. It wasn't. The discussion did not come to a conclusion. Best regards, -- Kurt Garloff, Director SUSE Labs, Novell Inc. pgpAydeVcylqn.pgp Description: PGP signature
