Re: ima: use of radix tree cache indexing == massive waste ofmemory?

[Peter Zijlstra]

On Sun, 2010-10-17 at 15:59 +0200, Peter Zijlstra wrote:

> Me, I'm henceforth making sure to have CONFIG_IMA disabled...

Signed-off-by: Peter Zijlstra <a.p.zijlstra@xxxxxxxxx>
---
 security/integrity/ima/Kconfig |    4 ++++
 1 files changed, 4 insertions(+), 0 deletions(-)

diff --git a/security/integrity/ima/Kconfig b/security/integrity/ima/Kconfig
index b6ecfd4..278362c 100644
--- a/security/integrity/ima/Kconfig
+++ b/security/integrity/ima/Kconfig
@@ -24,6 +24,10 @@ config IMA
 	  whether or not critical system files have been modified.
 	  Read <http://www.usenix.org/events/sec04/tech/sailer.html>
 	  to learn more about IMA.
+
+	  When built-in (Y) this option will consume considerable
+	  resources even when effectively disabled.
+
 	  If unsure, say N.
 
 config IMA_MEASURE_PCR_IDX

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/