Re: The price of SELinux (CPU)

Dan C Marinescu wrote:

the benchmark "results" _look_ like being authored by
some qa engineers... or sysadmins or something...

*** only a deep/intimate knowledge of kernel and fs
and acl implementation details and many other areas
could suggest a credible conclusion (most likely
without even needing any "profiling" at all... on pure
theoretical basis, mostly because you would know what
goes where and when and how and why and how much it
adds here and there, etc, etc, etc)

Any results not based on actual measurement are called "guesses" rather than "data." Such deep knowlege is useful to determine what to measure, not what you would measure if you thought it were necessary.

The measurements are very useful, in that they show the magnitude of the performance impact using a benchmark which was constructed to emulate certain real world loads. Since no one number or even series of numbers can fully describe what *will* happen, but these numbers show what *could* happen.

and i personally have a strong doubt that if the cpu
activity was statistically increased with 7% for the
very same elementary I/O, linus would have accepted
this degradation... my $0.02... :-)

For some applications the issue isn't how fast the O/S runs, but if it is secure enough to be run at all. Given the speed of even commodity computers, it's probable that even a 2:1 slowdown would still result in useful operation, compared to doing the work without a computer.

I can't speak for Linus' thinking of course, but I have worked in secure environments before, both DOD and DOE, and information control is vital.

--
   -bill davidsen ([email protected])
"The secret to procrastination is to put things off until the
 last possible moment - but no longer"  -me
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• Follow-Ups:
  • Re: The price of SELinux (CPU)
    • From: Dan C Marinescu <[email protected]>

• References:
  • Re: The price of SELinux (CPU)
    • From: John Richard Moser <[email protected]>
  • Re: The price of SELinux (CPU)
    • From: Dan C Marinescu <[email protected]>

• Prev by Date: [PATCHSET] 2.6.14-rc3-git4-bird1
• Next by Date: Re: 2.6.14-rc3-rt2
• Previous by thread: Re: The price of SELinux (CPU)
• Next by thread: Re: The price of SELinux (CPU)
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]