On Fri, Jun 27, 2014 at 01:02:19PM +0200, Daniel Mack wrote: > On 06/27/2014 12:46 PM, Kay Sievers wrote: > > On Fri, Jun 27, 2014 at 12:32 PM, Djalal Harouni <tix...@opendz.org> wrote: > >> For connections with the KDBUS_HELLO_CACHE_META flag dup the > >> metadata/credentials from handle or from the HELLO cmd, and use it to > >> construct kdbus kmsg object, this improves benchmark by ~50% > >> > >> The KDBUS_HELLO_CACHE_META flag is only for privileged bus users, others > >> will fail with -EPERM. Privileged bus users can do what ever they want. > > > > Metadata contains timestamps, global message sequence numbers, PIDs, > > none of that should be cached or faked, I think. > > By no means, even for 'trusted' connections. The entire concept of > metadata breaks if we cache things here. Yes, I do agree, that was a quick hack to see how much we gain...
The thing is that for privileged processes or connections we already support faking creds and seclabal, and in the kernel there is already support for the no_new_privs bit: https://www.kernel.org/doc/Documentation/prctl/no_new_privs.txt So I was exploring things, don't know if it would worth it to make kdbus smarter and check the no_new_privs bit if set, and cache some fields... Anyway, yes I do realize, providing real time metadata is part of the design and really a nice *race-free* feature. Thanks for the comments! > > Daniel > -- Djalal Harouni http://opendz.org _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel