Hi,
I went back and looked at the data and found my initial post to be
ambiguous, so here is a more concrete analysis.
Here are the data that we have collected:
(1) that 21.4% of the Linux basic blocks are executed by lmbench (kernel
build is 26.1%)
(2) 33 of the 152 LSM functions are run by Linux in the "quiescent state"
on the test machine (I can give you the list of user processes if you would
like)
- 9 new when ip_glue is added
(3) in addition to some of these 33, 28 of the remaining 152 LSM functions
are run by lmbench (thus, the total number of LSM function called by
lmbench on our test machine is 40%)
(4) I also had some numbers for the number of in kernel hooks that were
used (that was about 27%, 59/214), but they turned out to be based on an
incomplete kernel, so we need to run those again. The missing component
ip_glue may add 10 more to 32%.
We used the Linux 2.4.9 with the 9/4/01 LSM patch for this test. I can
provide details of the lmbench run status (test machine and lmbench
configuration and LSM functions called) to those that are interested.
Regardless, more work on benchmarks is necessary. We are still interested
in pursuing this, but we have been consumed with getting the verification
tools working as we would like. So, doing other tests, like the kernel
build that Seth suggested are in our area of interest, but we won't get to
it for a couple of weeks.
Sorry for any confusion that my initial post may have caused.
Regards,
Trent.
_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed Oct 31 2001 - 14:07:43 PST