On Thu, 13 Sep 2007 08:58:32 -0400
Stephen Smalley wrote:
On Wed, 2007-09-12 at 17:51 +0900, Yuichi Nakamura wrote:
snip
Thanks, a few comments below.
Thanks for comments!
* Description of patch
This patch improves performance of read/write in SELinux.
It improves performance
to capture the necessary state at
open time to allow this optimization.
Signed-off-by: Yuichi Nakamura[EMAIL PROTECTED]
---
fs/open.c |4 ++
include/linux/security.h | 18
security/dummy.c |6
security/selinux/avc.c
security module.
Fixed.
Thanks.
--
Stephen Smalley
National Security Agency
Next is updated patch.
Signed-off-by: Yuichi Nakamura[EMAIL PROTECTED]
---
fs/open.c |5 +
include/linux/security.h | 16
security/selinux/avc.c
in SELinux.
It improves performance by skipping permission check in
selinux_file_permission. Permission is only checked when
sid change or policy load is detected after file open.
To detect sid change, new LSM hook securiy_dentry_open is added.
Signed-off-by: Yuichi Nakamura[EMAIL PROTECTED]
---
fs
I found syscall audit does not work on SH(SuperH).
I made patch to support syscall audit for SH.
Signed-off-by: Yuichi Nakamura[EMAIL PROTECTED]
---
arch/sh/kernel/entry-common.S |8 ++--
arch/sh/kernel/ptrace.c | 19 +++
include/asm-sh/thread_info.h |2
On Wed, 7 Nov 2007 10:15:33 -0500
Steve Grubb wrote:
On Wednesday 07 November 2007 12:04:46 am Yuichi Nakamura wrote:
I found syscall audit does not work on SH(SuperH).
I made patch to support syscall audit for SH.
I think this is close, but it looks like you missed the syscall
(Before 130.5)
Simple write2.072.28 10.5(Before 146.6)
Performance has improved a lot.
I want comments from community.
Signed-off-by: Yuichi Nakamura<[EMAIL PROTECTED]>
---
fs/open.c |5 +++
include/linux/security.h | 11 +++
security/s
dentry.
> > + *
> > * Security hooks for task operations.
> > *
> > * @task_create:
> > @@ -1253,6 +1258,7 @@ struct security_operations {
> > int (*file_send_sigiotask) (struct task_struct * tsk,
> > struct fown_stru
oves performance of read/write in SELinux.
It improves performance by skipping permission check in
selinux_file_permission. Permission is only checked when
sid change or policy load is detected after file open.
To detect sid change, new LSM hook securiy_dentry_open is added.
Signed-off-by: Yuichi N
On Thu, 13 Sep 2007 08:58:32 -0400
Stephen Smalley wrote:
> On Wed, 2007-09-12 at 17:51 +0900, Yuichi Nakamura wrote:
> Thanks, a few comments below.
Thanks for comments!
> >
> > * Description of patch
> > This patch improves performance of read/write in SELinux.
>
to capture the necessary state at
open time to allow this optimization.
Signed-off-by: Yuichi Nakamura<[EMAIL PROTECTED]>
---
fs/open.c |4 ++
include/linux/security.h | 18
security/dummy.c |6
security/selinux
I found syscall audit does not work on SH(SuperH).
I made patch to support syscall audit for SH.
Signed-off-by: Yuichi Nakamura<[EMAIL PROTECTED]>
---
arch/sh/kernel/entry-common.S |8 ++--
arch/sh/kernel/ptrace.c | 19 +++
include/asm-sh/thread_info.h
On Wed, 7 Nov 2007 10:15:33 -0500
Steve Grubb wrote:
> On Wednesday 07 November 2007 12:04:46 am Yuichi Nakamura wrote:
> > I found syscall audit does not work on SH(SuperH).
> > I made patch to support syscall audit for SH.
>
> I think this is close, but it looks like y
13 matches
Mail list logo
