On 1/28/2019 10:37 AM, Paul Moore wrote: > On Sun, Jan 27, 2019 at 3:10 AM Leon Romanovsky <leon@xxxxxxxxxx> wrote: >> From: Daniel Jurgens <danielj@xxxxxxxxxxxx> >> >> --- >> drivers/infiniband/core/security.c | 34 ++++-------------------------- >> include/rdma/ib_mad.h | 3 --- >> 2 files changed, 4 insertions(+), 33 deletions(-) > Perhaps predictably, I'm not very excited about this change. Have you > looked closer into the slowdown to see where the cycles are being > spent? I'm wondering if the issue is that a large number of notifiers > are being registered with the same priority causing the while loop in > notifier_chain_register() to take a significant amount of time. That's what's happening, each MAD agent is registering it's own notifier. The bug reporter was creating hundreds or thousands of short lived MAD agents. With IRQs disabled too long it resulted in timeouts. When I initially added the notifier mechanism I thought it was you that said it wasn't really needed, since access wasn't generally revoked in these types of scenarios. Given that I didn't think this would be especially controversial. It was nice to have, unfortunately it causes problems even for users that don't enable SELinux.
