Re: ima: use of radix tree cache indexing == massive waste ofmemory?

[James Morris]

On Sun, 17 Oct 2010, Christoph Hellwig wrote:

> Especially as our merge requirements for security/ are a lot lower than
> for the rest of the kernel given that James is very afraid of getting
> whacked by Linux for not mering things.

I think historically you'll see that I'm not afraid of getting whacked by 
Linus.

A procedure for merging security features has been adopted by consensus, 
based on suggestions from Arjan, with the aim of preventing the literally 
endless arguments which arise from security feature discussions.  It's 
sometimes referred to as the Arjan protocol, essentially:

  If the feature correctly implements a well-defined security goal, meets 
  user needs without incurring unreasonable overheads, passes technical 
  review, and is supported by competent developers, then it is likely to 
  be merged.

If you disagree with a specific feature, you need to step up while it's 
being reviewed and make a case against it according to the above criteria.

If you disagree with the protocol, then you need to come up with a better 
one, and probably implement it yourself, to the satisfaction of all 
parties.



- James
-- 
James Morris
<jmorris@xxxxxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/