David Howells <[EMAIL PROTECTED]> wrote:
> J. Bruce Fields <[EMAIL PROTECTED]> wrote:
>
> > Just curious--why? Are get_kernel_security(), etc., particularly
> > expensive?
>
> It involves a kmalloc(). That means an extra possibility for an error. Plus
> it may allow you to cache the result of
J. Bruce Fields <[EMAIL PROTECTED]> wrote:
> Just curious--why? Are get_kernel_security(), etc., particularly
> expensive?
It involves a kmalloc(). That means an extra possibility for an error. Plus
it may allow you to cache the result of checking whether, say, SELinux
security labels are allo
On Thu, Jan 17, 2008 at 05:17:20PM +, David Howells wrote:
>
> Make NFSD work with detached security, using the patches that excise the
> security information from task_struct to struct task_security as a base.
>
> Each time NFSD wants a new security descriptor (to do NFS4 recovery or just to
Make NFSD work with detached security, using the patches that excise the
security information from task_struct to struct task_security as a base.
Each time NFSD wants a new security descriptor (to do NFS4 recovery or just to
do NFS operations), a task_security record is derived from NFSD's *objec