dazuko-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Dazuko-devel] spinlocks, userspace?


From: bert hubert
Subject: Re: [Dazuko-devel] spinlocks, userspace?
Date: Thu, 23 Dec 2004 10:22:07 +0100
User-agent: Mutt/1.3.28i

On Thu, Dec 23, 2004 at 09:46:44AM +0100, John Ogness wrote:

> This is interesting. I was not aware of this either. Dazuko uses only 
> the inode_permission() hook. Unfortunately I do not have an SMP machine 
> to try this out.

You can have nearly all of the fun by compiling a preemptive kernel. You may
even find that it does not build then, as for example LIDS doesn't.

Also, I'm not really sure what would happen when going to userspace. It may
be hard for a userspace process to perform system calls under spinlock.

> [1]RSBAC includes Dazuko and also offers this feature. It would work 

I tend to shy away from intrusive patches. The great thing about dazuko and
lids is that they don't have to touch a lot, if anything, outside their own
domain. Some scribbling is ok, but RSBAC touches too much for my taste.

The SMP issue is important to me though, and it might be to you as well, as
I'm unsure if even security_inode_permission is safe from spinlocks. On a
first glance it does look safe.

Thanks.

-- 
http://www.PowerDNS.com      Open source, database driven DNS Software 
http://lartc.org           Linux Advanced Routing & Traffic Control HOWTO




reply via email to

[Prev in Thread] Current Thread [Next in Thread]