Re: [PATCH 2/3] integrity: Linux Integrity Module(LIM)

From: Dave Hansen
Date: Fri Oct 31 2008 - 12:41:20 EST

Next message: Chris Snook: "Re: [PATH -mm -v2] Fix a race condtion of oops_in_progress"
Previous message: David Rientjes: "Re: [patch 0/7] cpuset writeback throttling"
In reply to: Serge E. Hallyn: "Re: [PATCH 2/3] integrity: Linux Integrity Module(LIM)"
Next in thread: Mimi Zohar: "Re: [PATCH 2/3] integrity: Linux Integrity Module(LIM)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 2008-10-13 at 13:17 -0400, Mimi Zohar wrote:
> Concern was raised on the lkml mailing list, about adding i_integrity
> to the inode structure. This patch adds a comment clarifying that
> i_integrity is only included in the inode if INTEGRITY is configured.

Mimi, it is nice that you made this a config option. That definitely
helps the embedded folks and those compiling their own kernels. But, it
doesn't really help those who run distros.

The distributions basically ship one kernel for everybody, and it has to
have CONFIG_KITCHEN_SINK=y in order to support everyone's individual
users. Although you provided a config option, in practice, this always
bloats distro kernels which are the vast majority of users.

Is this even useful for filesystems like proc or sysfs? Should we bloat
those inodes for a feature which might not possibly apply there?

-- Dave

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Chris Snook: "Re: [PATH -mm -v2] Fix a race condtion of oops_in_progress"
Previous message: David Rientjes: "Re: [patch 0/7] cpuset writeback throttling"
In reply to: Serge E. Hallyn: "Re: [PATCH 2/3] integrity: Linux Integrity Module(LIM)"
Next in thread: Mimi Zohar: "Re: [PATCH 2/3] integrity: Linux Integrity Module(LIM)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]