Re: [PATCH] [LSM] Rework LSM hooks

From: Kurt Garloff
Date: Wed Aug 11 2004 - 21:04:57 EST

Next message: William Lee Irwin III: "Re: [PATCH][2.6] Completely out of line spinlocks / i386"
Previous message: Aleksey Gorelov: "Re: [linux-usb-devel] USB shared interrupt problem"
In reply to: James Morris: "Re: [PATCH] [LSM] Rework LSM hooks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi James,

On Wed, Aug 11, 2004 at 09:20:22PM -0400, James Morris wrote:
> Also, we still have the option of making COND_SECURITY ia64-specific.

We could do that. The patch sets security_ops to
capabilities_security_ops if no LSM is loaded, so it would be OK to
call into it unconditionally on archs that have a higher penalty for
a branch than for an indirect call.

You could just redefine the macro, depending on the arch, indeed.

We could also drop the unlikely. For the hot paths, the branch
prediction of the CPU can do its job. So, I'm not religious about
it; in practice it should make little difference either way.

My patch was aiming for a zerocost possibility to turn CONFIG_SECURITY
on. With the unlikely(), I should have gotten as close as one ~1 or 2
CPU cycles (compare plus correctly predicted branch). That's why I
put the unlikely.

Regards,
--
Kurt Garloff <kurt@xxxxxxxxxx> [Koeln, DE]
Physics:Plasma modeling <garloff@xxxxxxxxxxxxxxxxxxx> [TU Eindhoven, NL]
Linux: SUSE Labs (Head) <garloff@xxxxxxx> [SUSE Nuernberg, DE]

Attachment: pgp00000.pgp
Description: PGP signature

Next message: William Lee Irwin III: "Re: [PATCH][2.6] Completely out of line spinlocks / i386"
Previous message: Aleksey Gorelov: "Re: [linux-usb-devel] USB shared interrupt problem"
In reply to: James Morris: "Re: [PATCH] [LSM] Rework LSM hooks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]