[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 2/2] xen/evtchn: optimize evtchn_security_struct

On 03/20/2014 06:23 AM, Jan Beulich wrote:
On 19.03.14 at 20:18, Daniel De Graaf <dgdegra@xxxxxxxxxxxxx> wrote:
Because FLASK is the only implementation of the XSM hooks in Xen, some
of the abstractions required to handle multiple XSM providers are
redundant and only produce unneeded overhead.  This patch reduces the
memory overhead of enabling XSM on event channels by replacing the
untyped ssid pointer from struct evtchn with the sid field that it would
point to when FLASK is enabled.  This avoids an additional heap
allocation for every event channel, and on 64-bit systems, reduces the
size of struct evtchn by 4 bytes.

Considering the comments on patch 1 I think it goes without
saying that this is going too far, locking out any eventual other
XSM provider.


The existing code was already locking out other XSM providers from using
this particular field (it was #ifdef FLASK_ENABLE not #ifdef XSM_ENABLE),
probably because ACM did not use it. I will fix that issue in addition to
making the next version more capable of supporting other XSM providers
that wish to mark event channels.

Daniel De Graaf
National Security Agency

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.