Re: [PATCH 2/3] SELinux: add security_task_movememory calls to mm code

From: Serge E. Hallyn
Date: Thu Jun 22 2006 - 08:30:07 EST

Next message: Andi Kleen: "Re: [RFC, patch] i386: vgetcpu(), take 2"
Previous message: Chuck Ebbert: "Re: [RFC, patch] i386: vgetcpu(), take 2"
In reply to: James Morris: "Re: [PATCH 2/3] SELinux: add security_task_movememory calls to mmcode"
Next in thread: Christoph Lameter: "Re: [PATCH 2/3] SELinux: add security_task_movememory calls to mmcode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Quoting James Morris (jmorris@xxxxxxxxx):
> From: David Quigley <dpquigl@xxxxxxxxxxxxx>
>
> This patch inserts security_task_movememory hook calls into memory
> management code to enable security modules to mediate this operation
> between tasks.
>
> Since the last posting, the hook has been renamed following feedback from
> Christoph Lameter.
>
> This patch is aimed at 2.6.18 inclusion.
>
> Please apply.

Hi,

sorry if I'm being dense - what is actually being protected against
here? The only thing I can think of is one process causing performance
degradation to another by moving it's memory further from it's cpu on a
NUMA machine.

Is there something more? (And is what I'm guessing even possible?)

I'm not arguing against this hook, just wondering whether there's
more to this than I see.

thanks,
-serge
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andi Kleen: "Re: [RFC, patch] i386: vgetcpu(), take 2"
Previous message: Chuck Ebbert: "Re: [RFC, patch] i386: vgetcpu(), take 2"
In reply to: James Morris: "Re: [PATCH 2/3] SELinux: add security_task_movememory calls to mmcode"
Next in thread: Christoph Lameter: "Re: [PATCH 2/3] SELinux: add security_task_movememory calls to mmcode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]