Re: [TOMOYO #10 (linux-next) 7/8] File operation restriction part.

From: Kentaro Takeda
Date: Thu Oct 16 2008 - 00:06:07 EST


Paul E. McKenney wrote:
> A few comments below -- some rcu_dereference()s are needed.
This list doesn't use RCU since it is for Write-Once-Read-Many
situation (i.e. no-update and no-delete). TOMOYO Linux uses this list
for storing policy elements. Most of elements are allocated when the
kernel is loaded, and they are referred during lifetime of the kernel.

Since read_lock is not needed when referring this list, code of
TOMOYO keeps its simplicity. If TOMOYO used RCU or reader/writer lock,
the code would be a jumble of read_lock and it would be almost
impossible to maintain and review the code... X-p This is the reason
why TOMOYO uses this WORM list.

Though size of policy increases with learning mode, the same
pathnames once learned will be reused. So memory usage of TOMOYO
doesn't increase infinitely; if still worried, we can set memory
quota.

> The general idea looks sound, at least as long as the lists remain
> short. Otherwise, the list scan in list1_add_tail_mb() will take
> too long.
Typically less than 100. The length of list won't matter since the
frequency of append is very low.

Paul, would you review this list from the perspective of WORM list?

Regards,

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/