Re: A Comment from User Space

Previous message: Steve Beattie: "Re: A Comment from User Space"
In reply to: Steve Beattie: "Re: A Comment from User Space"
Next in thread: Crispin Cowan: "Re: A Comment from User Space"
Next in thread: David Wagner: "Re: A Comment from User Space"
Reply: Crispin Cowan: "Re: A Comment from User Space"
Reply: jmjonesat_private: "Re: A Comment from User Space"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

dawat_private

Steve Beattie  wrote:
>It seems unlikely to me that using /proc or a private fs can NOT be
>slower.

The important question is not whether it is slower.  The real question
is whether it is too slow.  Those are *very* different questions.

The latter can only be settled with measurements.  (Note that even a
1ms overhead per user-kernel interaction might be perfectly acceptable
if it is only called 10 times/second.)  And if we want to present the
most compelling case possible to Linus and linux-kernel, I suggest
that it is in our interests to have our ducks in order first.

(Note also that I explained how to avoid doing an open() on every /proc
call: If you call open("/proc/whatever") once, and cache the fd, then
you can ensure that each call to the module only has to use a single
write(), amortizing the cost of the open() across all such interactions.
But again, without measurements, it is hard to know whether this is even
needed in practice.)

_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module