On 2 July 2014 21:33, Dave Hansen <dave.hansen@xxxxxxxxx> wrote: > On 07/01/2014 01:12 PM, Dmitry Kasatkin wrote: >> + ima_ahash= [IMA] Asynchronous hash usage parameters >> + Format: <min_file_size> >> + Set the minimal file size when use asynchronous hash. >> + If ima_ahash is not provided, ahash usage is disabled. > > <groan> ... another boot option... > > Can we just set this to something sane, and then make a sysctl or > something else at runtime to tweak it? The kernel won't use IMA much > before userspace comes up, and it can surely live with a slightly > suboptimal tuning until the boot scripts have a chance to go bang the > tunable. > > We should reserve command-line parameters for things that really need > tweaking in early boot or are _needed_ to boot. Thanks... Good that you commented about it. I thought to have module_param, but as IMA is not a module, ended up with __setup.. Quite many always-builtin stuff use module_param... Also in LSM... Runtime can then tweak it for better performance... Is module param good enough or it should be sysctl? - Dmitry -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
