[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Dazuko-devel] spinlocks, userspace?
From: |
bert hubert |
Subject: |
Re: [Dazuko-devel] spinlocks, userspace? |
Date: |
Thu, 23 Dec 2004 10:22:07 +0100 |
User-agent: |
Mutt/1.3.28i |
On Thu, Dec 23, 2004 at 09:46:44AM +0100, John Ogness wrote:
> This is interesting. I was not aware of this either. Dazuko uses only
> the inode_permission() hook. Unfortunately I do not have an SMP machine
> to try this out.
You can have nearly all of the fun by compiling a preemptive kernel. You may
even find that it does not build then, as for example LIDS doesn't.
Also, I'm not really sure what would happen when going to userspace. It may
be hard for a userspace process to perform system calls under spinlock.
> [1]RSBAC includes Dazuko and also offers this feature. It would work
I tend to shy away from intrusive patches. The great thing about dazuko and
lids is that they don't have to touch a lot, if anything, outside their own
domain. Some scribbling is ok, but RSBAC touches too much for my taste.
The SMP issue is important to me though, and it might be to you as well, as
I'm unsure if even security_inode_permission is safe from spinlocks. On a
first glance it does look safe.
Thanks.
--
http://www.PowerDNS.com Open source, database driven DNS Software
http://lartc.org Linux Advanced Routing & Traffic Control HOWTO