[PATCH] TOMOYO: Add recursive directory matching operator support.
John Johansen
john.johansen at canonical.com
Wed Dec 9 19:52:06 UTC 2009
Andy Whitcroft wrote:
> On Wed, Dec 09, 2009 at 08:50:19PM +0900, Tetsuo Handa wrote:
>> Hello.
>>
>> Is it possible to apply below TOMOYO patch (which was backported from TOMOYO
>> 1.7.1 http://www.youtube.com/watch?v=OjgBRDa53M8 and merged into 2.6.33) to
>> Lucid (and Karmic)?
>>
>> http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=7539cf4b92be4aecc573ea962135f246a7a33401
>
> This is a fairly comprehensive patch, which appears to have some
> performance detrement to the TOMOYO matcher. Though as its already
> upstream I guess its the way things are going.
>
> Would there be userspace component interlock required if the kernel
> had this support, if there is taking this now might help with the LTS
> backports effort? Though I assume our TOMOYO userbase is pretty small,
> I assum its not a default option. Does anyone know how extensive our
> tomoyo userbase is?
>
I am not sure what is required from the Tomoyo user space but I did spend
enough time with this patch to be comfortable with it.
I know from a policy pov having the recursive matching is a big win and it will
be a feature that is worth having for the LTS backports efforts.
With this patch being upstream and knowing what kind of impact it can have
on TOMOYO I feel comfortable ACKing it for Lucid.
john
More information about the kernel-team
mailing list