Re: Using fs views to isolate untrusted processes: I need an assistant architect in the USA for Phase I of a DARPA funded linux kernel project

[Kyle Moffett]

On Aug 25, 2004, at 21:06, Chris Wright wrote:
> * Kyle Moffett (mrmacman_g4@xxxxxxx) wrote:
> > I would find this much more useful if there was a really lightweight
> > bind
> > mount called a "filebind" or somesuch that could only bindmount files
> This already works.
>
> # cd /tmp
> # echo foo > a
> # touch b
> # mount --bind a b
> # cat b
> foo

I'm well aware of the technique, but I was wondering if there was any
extra VFS baggage associated with a normal bind mount that might
be eliminated by restricting a different version of a bind mount to only
files.  That's why I asked later if anybody had benchmarked the bind
mount system to see how well it would scale to 1000 bound files and
directories.  If it's not a performance issue then I really don't care 
less,
but I have a somewhat old box that must make do as a fileserver, so
I'm very interested in maximizing the performance. I don't care much
about extra RAM consumption, only about CPU and bus usage.

Cheers,
Kyle Moffett

-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCM/CS/IT/U d- s++: a17 C++++>$ UB/L/X/*++++(+)>$ P+++(++++)>$
L++++(+++) E W++(+) N+++(++) o? K? w--- O? M++ V? PS+() PE+(-) Y+
PGP+++ t+(+++) 5 X R? tv-(--) b++++(++) DI+ D+ G e->++++$ h!*()>++$ r  
!y?(-)
------END GEEK CODE BLOCK------


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/