[PATCH 1/1] cr: lsm: actually cache entries

Serge E. Hallyn serue at us.ibm.com
Thu Oct 8 14:41:11 PDT 2009


Quoting Serge E. Hallyn (serue at us.ibm.com):
> Somewhere along the way, the lsm c/r patchset seems to have
> dropped the code caching whether a particular void*security
> had already been checkpointed.  Note that checkpoint a
> void* security means allocing a struct containing the secref
> and the string representation of the context.  That leaves us
> with no way to tell, given only the void*security, whether
> that context has been checkpointed before (as part of checkpointing
> a different object of the same object type and security context).
> 
> This patch re-introduces a moronic unsorted per-checkpoint list
> of checkpointed contexts, used only at checkpoint time, so that
> we can re-use secrefs.  Converting this to an rblist or hash will
> be trivial, but isn't done here to try and make clear why we
> actually need this.
> 
> (applies on top of existing LSM c/r patches at
> git://git.kernel.org/pub/scm/linux/kernel/git/sergeh/linux-cr.git)
> 
> Signed-off-by: Serge E. Hallyn <serue at us.ibm.com>

Matt called me on this over irc, and as a result I think I've
found a trivial way to do this much better...  pls ignore for
now.

thanks,
-serge


More information about the Containers mailing list