Re: Implementing hooks

• Previous message: Andrew Morgan: "Re: Implementing hooks"
• In reply to: Andrew Morgan: "Re: Implementing hooks"
• Next in thread: Andrew Morgan: "Re: Implementing hooks"
• Reply: Andrew Morgan: "Re: Implementing hooks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Apr 19, 2001 at 04:44:18PM -0700, Andrew Morgan wrote:
> Greg KH wrote:
> > Remember, with macros, you loose type information which is a very
> > valuable thing.
> 
> What do you mean by this remark? Please could you elaborate?

Sorry for the vagueness, I'll try to explain.

> Here is a program with some bogus argument types. The first involves a
> macro to do the same thing as the second.
> 
> #include <stdio.h>
> #define my_stuff(x...) (void) printf(x)
> 
> int main(int argc, char **argv)
> {
>   my_stuff("hello from %s\n", *argv[0]);
>   (void) printf("hello again from %s\n", *argv[0]);
>   exit(0);
> }
> 
> Specifically, 'gcc -Wformat' has no problem pointing out the type
> problem in both cases.

I agree.  Here you are using a varargs macro.  gcc has special things to
check the parameters of printf functions.  No problem here.

But your macro to pass arbitrary data across it will loose type
safety.  How can you do:
	SECURITY_HOOK_RETURN_ERROR(retval,basic_ops,ioperm,(foo, bar),"ioperm...")
and keep the knowledge that the ioperm parameters foo and bar are of a
specific type?  That's all I care about, type safety.

If you can, do this, then I totally agree with you.  My knowledge of the
gcc preprocessor isn't sufficient to figure out how to do this.

> > More efficient from a code typing viewpoint, or a memory usage
> > viewpoint, or a clarity to the programmer viewpoint?
> 
> There is only one that counts: from the point of view of a programmer
> that's never seen the code before.
> 99% of code's life is as legacy - destined to be maintained by someone
> other than the original implementer - who looks to the code as some sort
> of documentation.

Agreed.

> > Just my reasoning why I like a simple function call, besides it being the
> > same type of interface used everywhere else in the kernel source :)
> 
> I have a hard time with this one too. Are you putting this forward as a
> reason to make the code more easily camouflaged? [A macro can resolve to
> a simple function call too.]

No, just stating that the current different module interfaces
implemented in the kernel look exactly like how I implemented the
security_ops functionality.  That's all.

thanks,

greg k-h

-- 
greg@(kroah|wirex).com
http://immunix.org/~greg

_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Andrew Morgan: "Re: Implementing hooks"
• Previous message: Andrew Morgan: "Re: Implementing hooks"
• In reply to: Andrew Morgan: "Re: Implementing hooks"
• Next in thread: Andrew Morgan: "Re: Implementing hooks"
• Reply: Andrew Morgan: "Re: Implementing hooks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Apr 19 2001 - 16:59:10 PDT