[kernel-xen] IMA in kernel-xen
Steven Haigh
netwiz at crc.id.au
Thu Jan 21 21:17:04 AEDT 2016
On 9/12/2015 11:55 AM, Steven Haigh wrote:
> On 2015-12-01 21:11, Steven Haigh wrote:
>> On 1/12/2015 3:11 PM, Glenn Enright wrote:
>>> Hi all
>>>
>>> I've raised a bug report about having CONFIG_IMA disabled in kernel-xen
>>> packages. Does anyone have any constructive comments either way, or
>>> notes about how they actually use that option?
>>>
>>> http://xen.crc.id.au/bugs/view.php?id=64
>>
>> I would also like to know if anyone uses either AMI or the TPM modules
>> within the Xen Dom0 and how they are utilised etc....
>
> Hi all,
>
> It's been just over a week with no feedback from the list on this. Is
> there any strong feelings one way or another on this?
Hi all,
kernel-xen-4.1.15-5 has been pushed to el6-testing and el7-testing. It
has CONFIG_IMA disabled and is available for testing.
Various people noticed that ~10% of RAM in a Dom0 was used to track data
for IMA. IMA data remains in memory whether it was enabled or not.
This should reclaim this memory, as well as disable the overhead in
processing.
As always, feedback welcome.
--
Steven Haigh
Email: netwiz at crc.id.au
Web: https://www.crc.id.au
Phone: (03) 9001 6090 - 0412 935 897
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.wireless.org.au/pipermail/kernel-xen/attachments/20160121/9a797589/attachment.sig>
More information about the kernel-xen
mailing list