Re: Possible performance bug
* Steve Grubb (sgrubb(a)redhat.com) wrote:
So, what about re-enabling these for existing processes when
audit_enabled
changes to 1 again? That's the part I was kinda stuck at. I don't think we
constantly want to set the thread info.
fresh out of good ideas ;-)
that's partly why i'm curious if that patch makes a difference. if it
doesn't then we can go with current method. same issue for lsm, and the
rule of thumb is to make sure you're enabled from bootup, otherwise you
have to check every process either at load time or lazily at syscall
entrance. doing it at load time is ugly and discouraged (requires
walking tasklist), and lazy method undoes the benefits of the patch.
thanks,
-chris