On Thu, Jun 4, 2020 at 11:28 AM Casey Schaufler wrote:
>
> On 6/4/2020 5:45 AM, Stephen Smalley wrote:
> > On Wed, Jun 3, 2020 at 6:39 PM Casey Schaufler
> > wrote:
> >> On 6/3/2020 3:12 PM, James Morris wrote:
> >>> On Wed, 3 Jun 2020, Casey Schaufler wrote:
> >>>
> The use of security
On 6/4/2020 5:45 AM, Stephen Smalley wrote:
> On Wed, Jun 3, 2020 at 6:39 PM Casey Schaufler wrote:
>> On 6/3/2020 3:12 PM, James Morris wrote:
>>> On Wed, 3 Jun 2020, Casey Schaufler wrote:
>>>
The use of security modules was expected to be rare.
>>> This is not correct. Capabilities were
On Wed, Jun 3, 2020 at 6:39 PM Casey Schaufler wrote:
>
> On 6/3/2020 3:12 PM, James Morris wrote:
> > On Wed, 3 Jun 2020, Casey Schaufler wrote:
> >
> >> The use of security modules was expected to be rare.
> > This is not correct. Capabilities were ported to LSM and stacked from the
> >
On Wed, 3 Jun 2020, Casey Schaufler wrote:
> On 6/3/2020 3:12 PM, James Morris wrote:
> > On Wed, 3 Jun 2020, Casey Schaufler wrote:
> >
> >> The use of security modules was expected to be rare.
> > This is not correct. Capabilities were ported to LSM and stacked from the
> > beginning, and
On Wed, Jun 03, 2020 at 03:00:05PM -0700, Casey Schaufler wrote:
> On 6/3/2020 2:02 PM, Alexei Starovoitov wrote:
> > On Wed, Jun 03, 2020 at 10:37:47AM -0700, Linus Torvalds wrote:
> >> On Wed, Jun 3, 2020 at 10:20 AM Casey Schaufler
> >> wrote:
> >>> We could have inode->i_security be the
On Tue, Jun 2, 2020 at 8:31 PM Linus Torvalds
wrote:
> Side note since you mention performance work: in the past when I've
> looked at SELinux performance (generally as part of pathname lookup
> etc VFS loads), the biggest cost by far was that all the SELinux data
> structures take a ton of cache
On 6/3/2020 3:12 PM, James Morris wrote:
> On Wed, 3 Jun 2020, Casey Schaufler wrote:
>
>> The use of security modules was expected to be rare.
> This is not correct. Capabilities were ported to LSM and stacked from the
> beginning, and several major distros worked on LSM so they could ship
>
On Wed, 3 Jun 2020, Casey Schaufler wrote:
> The use of security modules was expected to be rare.
This is not correct. Capabilities were ported to LSM and stacked from the
beginning, and several major distros worked on LSM so they could ship
their own security modules.
--
James Morris
On 6/3/2020 2:02 PM, Alexei Starovoitov wrote:
> On Wed, Jun 03, 2020 at 10:37:47AM -0700, Linus Torvalds wrote:
>> On Wed, Jun 3, 2020 at 10:20 AM Casey Schaufler
>> wrote:
>>> We could have inode->i_security be the blob, rather than a pointer to it.
>>> That will have its own performance
On Wed, Jun 03, 2020 at 10:37:47AM -0700, Linus Torvalds wrote:
> On Wed, Jun 3, 2020 at 10:20 AM Casey Schaufler
> wrote:
> >
> > We could have inode->i_security be the blob, rather than a pointer to it.
> > That will have its own performance issues.
>
> It wouldn't actually really fix
On 6/3/2020 10:37 AM, Linus Torvalds wrote:
> On Wed, Jun 3, 2020 at 10:20 AM Casey Schaufler
> wrote:
>> We could have inode->i_security be the blob, rather than a pointer to it.
>> That will have its own performance issues.
> It wouldn't actually really fix anything, because the inode is so
On Wed, Jun 3, 2020 at 10:20 AM Casey Schaufler wrote:
>
> We could have inode->i_security be the blob, rather than a pointer to it.
> That will have its own performance issues.
It wouldn't actually really fix anything, because the inode is so big
and sparsely accessed that it doesn't even
On 6/2/2020 5:31 PM, Linus Torvalds wrote:
> On Mon, Jun 1, 2020 at 6:07 PM Paul Moore wrote:
>> - A number of improvements to various SELinux internal data structures
>> to help improve performance. We move the role transitions into a hash
>> table. In the content structure we shift from
The pull request you sent on Mon, 1 Jun 2020 21:06:48 -0400:
> git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git
> tags/selinux-pr-20200601
has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/f41030a20b38552a2da3b3f6bc9e7a78637d6c23
Thank you!
--
On Mon, Jun 1, 2020 at 6:07 PM Paul Moore wrote:
>
> - A number of improvements to various SELinux internal data structures
> to help improve performance. We move the role transitions into a hash
> table. In the content structure we shift from hashing the content
> string (aka SELinux label) to
Hi Linus,
Here are the SELinux patches for v5.8. All the patches pass our test
suite and as of about 15 minutes ago they apply cleanly to the top of
your tree. Please merge into v5.8.
The highlights:
- A number of improvements to various SELinux internal data structures
to help improve
16 matches
Mail list logo