Re: [PATCH 01/11] IMA: use rbtree instead of radix tree for inodeinformation cache

[John Stoffel]

>>>>> "Linus" == Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> writes:

Linus> On Mon, Oct 25, 2010 at 1:57 PM, Christoph Hellwig <hch@xxxxxxxxxxxxx> wrote:
>> 
>> Kyle sent a very useful patch to simply disable the ima tracking unless
>> you enable it on the command line.

Linus> And exactly how does that invalidate _any_ of the patches in
Linus> the IMA series in question? All of them are basically still
Linus> equally valid.

Well, if we're going to keep IMA as an option, then this cleanup is
certainly worthwhile.   And keeping it's impact down as much as
possible is even better.  

Linus> And the "four bytes in 'struct inode' is a total no-no" crowd
Linus> clearly haven't looked at struct inode. As mentioned, we've got
Linus> things like quota stuff there too.

Quota is arguably much more useful than IMA, and to a much larger
audience.  There's a reason it's in there.  As a SysAdmin, one of my
major gripes is how hard it is to manage disk space usage by my users
and track it in useful ways.

Quotas allow me to do a quicker, more targeted response when disk
space fills up and I need to find the biggest users.  Would I like
better quota reporting?  Sure!  Do I want more overhead, not so much.
It's a balancing act.

Linus> And quite frankly, it sounds like the right thing to do for
Linus> Fedora &co is to simply _disable_ CONFIG_IMA. If there is no
Linus> support for it on a distro level, then you shouldn't enable it.

So the Kconfig should have 'default N' for IMA then?

John

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/