Subject: Re: veriexec by default (Re: CVS commit: src/sys/arch)
To: None <elad@NetBSD.org>
From: YAMAMOTO Takashi <email@example.com>
Date: 10/27/2006 12:21:50
> >> What do you mean "it doesn't seem the case"?
> > i meant, it's far from no-op.
> Oh, yes, no argue about that. I think that the cost of it is relatively
> small. Anyway, I thought that, like myself, nobody else found it too
> expensive. But, see below:
my concern is not only about its runtime costs.
i concern its code quality as well.
for example, when veriexec is compiled in,
vn_open uses MAXPATHLEN-sized buffer on kernel stack.