Re: [RFC] [PATCH] Replace security fields with hashtable

From: Chris Wright (chrisw@private)
Date: Wed Oct 27 2004 - 09:59:44 PDT

* James Morris (jmorris@private) wrote:
> On Wed, 27 Oct 2004, Serge E. Hallyn wrote:
> > I always liked the trusted bsd approach of an array inode->i_security[NUM_LSMS]
> > better. but this is more flexible than that, while hopefully faster and cleaner
> > than the purely voluntary chaining approach.
> I think you'll find there is some wisdom in the BSD code :-)
> Indexing an array is surely faster and cleaner than probing a hash chain?

Certainly.  Only tradeoff is per-object overhead, but anything with
lists and id/keys could be traded for an array of 4 or 5 for free, plus
no locking, etc.  It does mean the core has to cycle through the module

> For flexibility, you could make the array size tunable at boot.  How much
> do we really care about out of tree LSMs?  And composing more than a very
> small number of LSMs could be unsafe in any case, so a small static array 
> should be enough.

I think it'd have to be compile time, not boot time.  I'm not that wild
about making it configurable though.

Linux Security Modules

This archive was generated by hypermail 2.1.3 : Wed Oct 27 2004 - 10:00:10 PDT