Re: New stacker performance results

From: James Morris (jmorris@private)
Date: Wed May 25 2005 - 18:32:31 PDT

On Wed, 25 May 2005, Tony Jones wrote:
> On Wed, May 25, 2005 at 08:10:47PM -0400, James Morris wrote:
> > Note: out of tree kernel code does not count for anything.  It's not
> > really part of the Linux kernel.  Mainline maintainers don't care about it
> > and should not be expected to.  
> If I recall correctly LSM was created precisely because Linus didn't care 
> about security and didn't want to.  In the context of this I don't understand 
> most of the above.

My reading is that he didn't want to have to choose the security model, to 
paint Linux into a particular corner.

> > As for choice, your LSM module is not in the mainline kernel, so only
> > users of your particular kernel really get that choice.  Why does LSM then
> > need to be in the upstream kernel?  Why not just keep it in yours, to
> > support your out of tree security module.  Why impose the burdens and
> > limitations of LSM on the upstream kernel.
> a) Is LSM as it's currently defined a burden and limitation on the upstream
>    kernel? Serious question. I'm curious if it is actually viewed this way. I 
>    can see that the interface doesn't let you easily do what you'd like (it 
>    doesn't for us either) and that changes you would like expose a potential 
>    additional burden and thus get rejected but this isn't the same thing.

It's a burden in that it needs to be taken into account by several core
and other kernel maintainers when they modify the kernel or review patches
which modify the kernel.  If SELinux is to be the only user, then it's
difficult to justify the continued presence of the LSM code.

I'm not talking about the burden to SELinux developers of implementing and
upstreaming new LSM hooks if required (which, as I said, is even often
useful as it requires more generalized design).

> b) LSM exists in the kernel to support a variety of modules which _users_ can
>    choose to load on their stock 2.6 kernel as they see fit.    It is of
>    course hard to form any lucid argument once it's been decided that 
>    maintainers are the only ones who count.

I don't understand the second sentence.

- James
James Morris

This archive was generated by hypermail 2.1.3 : Wed May 25 2005 - 18:33:15 PDT