On Mon, Oct 25, 2010 at 12:38 PM, J.H. <warthog9@xxxxxxxxxx> wrote:
>
> I'll second both points. If IMA is disabled, but compiled in, it *HAS*
> to consume 0 resources.
I disagree. First off, this isn't actually true. Look at things like
quota support: it eats more memory in the inode than IMA does after
this patch-series (two pointers), and most people don't use that
either. So the "it must use zero extra memory" is bogus - it's a
balance between simplicity of the code and memory use.
Secondly, right now we're in the situation that IMA just sucks. Sucks
with all capital letters, in fact. This patch-series may not be
perfect, but it's _so_ much better than the current situation that I
don't really see why people are so adamantly negative about it.
Please do feel free to be constructive about it, and I'm sure there
are ways to improve even more, but right now "constructive" is not
what the objections seem to be.
Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
