[PATCH] TOMOYO: Add recursive directory matching operator support.
Tetsuo Handa
from-ubuntu at I-love.SAKURA.ne.jp
Thu Dec 10 02:07:06 UTC 2009
Andy Whitcroft wrote:
> On Wed, Dec 09, 2009 at 08:50:19PM +0900, Tetsuo Handa wrote:
> > Hello.
> >
> > Is it possible to apply below TOMOYO patch (which was backported from TOMOYO
> > 1.7.1 http://www.youtube.com/watch?v=OjgBRDa53M8 and merged into 2.6.33) to
> > Lucid (and Karmic)?
> >
> > http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=7539cf4b92be4aecc573ea962135f246a7a33401
>
> This is a fairly comprehensive patch, which appears to have some
> performance detrement to the TOMOYO matcher. Though as its already
> upstream I guess its the way things are going.
There is no performance detriment if string does not contain patterns, and
most strings do not contain patterns. Thus, performance detriment by this patch
won't be noticed.
> Does anyone know how extensive our tomoyo userbase is?
TOMOYO suits well on embedded systems like Android as well as PC and servers.
( http://sourceforge.jp/projects/tomoyo/docs/JLS_tomoyo_tutorial.pdf )
TOMOYO is one of candidates for Chromium OS.
( http://sites.google.com/a/chromium.org/dev/chromium-os/chromiumos-design-docs/system-hardening )
People can't get distributor's support if they use modified kernels.
Nonetheless, they have been using TOMOYO 1.x (about 33000 downloads) without
distributor's support. I don't have means to measure your TOMOYO userbase,
but I'm sure that it is worth applying this patch for Lucid.
Regards.
More information about the kernel-team
mailing list