[PATCH v15 0/4] Reduce overhead of LSMs with static calls
Tetsuo Handa
penguin-kernel at I-love.SAKURA.ne.jp
Sun Aug 18 04:37:37 UTC 2024
On 2024/08/17 0:43, KP Singh wrote:
> # v13 to v14
>
> * Dropped Patch 5 based on the ongoing discussion in
> https://lore.kernel.org/linux-security-module/20240629084331.3807368-4-kpsingh@kernel.org/, BPF
> LSM will still have default callbacks enabled.
Why not use
struct lsm_callback {
struct list_head list;
struct static_call_key key;
}
for each callback given that the latency is mostly caused by use of indirect function call?
Then, we don't need "lsm: count the LSMs enabled at compile time" (which I'm NACKing).
> * Dropped Patch 4 as recommended by Paul, indirect calls will remain in some LSM hooks for now.
> https://lore.kernel.org/linux-security-module/20240629084331.3807368-5-kpsingh@kernel.org/
> * Fixed minor nits in Patch 3
More information about the Linux-security-module-archive
mailing list