Re: Implementing hooks

From: Greg KH (gregat_private)
Date: Thu Apr 19 2001 - 16:56:40 PDT

  • Next message: Andrew Morgan: "Re: Implementing hooks"

    On Thu, Apr 19, 2001 at 04:44:18PM -0700, Andrew Morgan wrote:
    > Greg KH wrote:
    > > Remember, with macros, you loose type information which is a very
    > > valuable thing.
    > 
    > What do you mean by this remark? Please could you elaborate?
    
    Sorry for the vagueness, I'll try to explain.
    
    > Here is a program with some bogus argument types. The first involves a
    > macro to do the same thing as the second.
    > 
    > #include <stdio.h>
    > #define my_stuff(x...) (void) printf(x)
    > 
    > int main(int argc, char **argv)
    > {
    >   my_stuff("hello from %s\n", *argv[0]);
    >   (void) printf("hello again from %s\n", *argv[0]);
    >   exit(0);
    > }
    > 
    > Specifically, 'gcc -Wformat' has no problem pointing out the type
    > problem in both cases.
    
    I agree.  Here you are using a varargs macro.  gcc has special things to
    check the parameters of printf functions.  No problem here.
    
    But your macro to pass arbitrary data across it will loose type
    safety.  How can you do:
    	SECURITY_HOOK_RETURN_ERROR(retval,basic_ops,ioperm,(foo, bar),"ioperm...")
    and keep the knowledge that the ioperm parameters foo and bar are of a
    specific type?  That's all I care about, type safety.
    
    If you can, do this, then I totally agree with you.  My knowledge of the
    gcc preprocessor isn't sufficient to figure out how to do this.
    
    > > More efficient from a code typing viewpoint, or a memory usage
    > > viewpoint, or a clarity to the programmer viewpoint?
    > 
    > There is only one that counts: from the point of view of a programmer
    > that's never seen the code before.
    > 99% of code's life is as legacy - destined to be maintained by someone
    > other than the original implementer - who looks to the code as some sort
    > of documentation.
    
    Agreed.
    
    > > Just my reasoning why I like a simple function call, besides it being the
    > > same type of interface used everywhere else in the kernel source :)
    > 
    > I have a hard time with this one too. Are you putting this forward as a
    > reason to make the code more easily camouflaged? [A macro can resolve to
    > a simple function call too.]
    
    No, just stating that the current different module interfaces
    implemented in the kernel look exactly like how I implemented the
    security_ops functionality.  That's all.
    
    thanks,
    
    greg k-h
    
    -- 
    greg@(kroah|wirex).com
    http://immunix.org/~greg
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Thu Apr 19 2001 - 16:59:10 PDT