ima: use of radix tree cache indexing == massive waste of memory?
James Morris
jmorris at namei.org
Mon Oct 18 00:49:02 UTC 2010
On Sun, 17 Oct 2010, Christoph Hellwig wrote:
> Especially as our merge requirements for security/ are a lot lower than
> for the rest of the kernel given that James is very afraid of getting
> whacked by Linux for not mering things.
I think historically you'll see that I'm not afraid of getting whacked by
Linus.
A procedure for merging security features has been adopted by consensus,
based on suggestions from Arjan, with the aim of preventing the literally
endless arguments which arise from security feature discussions. It's
sometimes referred to as the Arjan protocol, essentially:
If the feature correctly implements a well-defined security goal, meets
user needs without incurring unreasonable overheads, passes technical
review, and is supported by competent developers, then it is likely to
be merged.
If you disagree with a specific feature, you need to step up while it's
being reviewed and make a case against it according to the above criteria.
If you disagree with the protocol, then you need to come up with a better
one, and probably implement it yourself, to the satisfaction of all
parties.
- James
--
James Morris
<jmorris at namei.org>
More information about the kernel
mailing list