Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Mandatory Access Control Kernel

From: Linus Torvalds
Date: Tue Oct 02 2007 - 17:20:38 EST

Next message: Jean Delvare: "Re: 2.6.23-rc8 build failure: __you_cannot_kmalloc_that_much indmi_id_init"
Previous message: Bartlomiej Zolnierkiewicz: "Re: [PATCH 4/4] hpt366: MWDMA filter for SATA cards (take 2)"
In reply to: Bill Davidsen: "Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Mandatory Access Control Kernel"
Next in thread: Linus Torvalds: "Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Mandatory Access Control Kernel"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 2 Oct 2007, Bill Davidsen wrote:
>
> And yet you can make the exact same case for schedulers as security, you can
> quantify the behavior, but if your only choice is A it doesn't help to know
> that B is better.

You snipped a key part of the argument. Namely:

Another difference is that when it comes to schedulers, I feel like I
actually can make an informed decision. Which means that I'm perfectly
happy to just make that decision, and take the flak that I get for it. And
I do (both decide, and get flak). That's my job.

which you seem to not have read or understood (neither did apparently
anybody on slashdot).

> You say "performance" as if it had universal meaning.

Blah. Bogus and pointless argument removed.

When it comes to schedulers, "performance" *is* pretty damn well-defined,
and has effectively universal meaning.

The arguments that "servers" have a different profile than "desktop" is
pure and utter garbage, and is perpetuated by people who don't know what
they are talking about. The whole notion of "server" and "desktop"
scheduling being different is nothing but crap.

I don't know who came up with it, or why people continue to feed the
insane ideas. Why do people think that servers don't care about latency?
Why do people believe that desktop doesn't have multiple processors or
through-put intensive loads? Why are people continuing this *idiotic*
scheduler discussion?

Really - not only is the whole "desktop scheduler" argument totally bogus
to begin with (and only brought up by people who either don't know
anything about it, or who just want to argue, regardless of whether the
argumen is valid or not), quite frankly, when you say that it's the "same
issue" as with security models, you're simply FULL OF SH*T.

The issue with LSM is that security people simply cannot even agree on the
model. It has nothing to do with performance. It's about management, and
it's about totally different models. Have you even *looked* at the
differences between AppArmor and SELinux? Did you look at SMACK? They are
all done by people who are interested in security, but have totally
different notions of what "security" even *IS*ALL*ABOUT.

In contrast, anybody who claims that the CPU scheduler doesn't know what
it's all about is just tripping. And anybody who claims that desktop
workloads are so radically different from server workloads (or that the
hardware is so different) is just totally out to lunch.

So next time, think five minutes before you start your argument.

Linus
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jean Delvare: "Re: 2.6.23-rc8 build failure: __you_cannot_kmalloc_that_much indmi_id_init"
Previous message: Bartlomiej Zolnierkiewicz: "Re: [PATCH 4/4] hpt366: MWDMA filter for SATA cards (take 2)"
In reply to: Bill Davidsen: "Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Mandatory Access Control Kernel"
Next in thread: Linus Torvalds: "Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Mandatory Access Control Kernel"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]