On 24 Apr 2001, David Wagner wrote:
> Well, using a /proc interface takes at worst only two syscalls:
> fd = open("/proc/subdomain", O_RDWR);
> write(fd, "change_hat foo_perm ...", ...);
> If you cache the fd, it takes only one syscall. So, while I cannot
> guarantee that it will be fast enough for your purposes, I would expect
> that it most likely is about as good as a syscall. Without measurements
> to the contrary, I would expect a difficult time getting acceptance
> from linux-kernel residents (although that's just a guess).
Why is such an approach preferable to reserving an actual
system call for use by security modules? Since Linus is
willing to consider accepting security hooks into the kernel,
it doesn't seem unreasonable to request that a system call
be reserved for such use. If implementing system calls
via pseudo file systems is the way to go, then why
aren't the kernel developers migrating most of the
existing system calls to such an approach? I would suggest
that we make the attempt to gain acceptance for a reserved
call, and fall back to using pseudo file systems only if our
request is rejected.
--
Stephen D. Smalley, NAI Labs
ssmalleyat_private
_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Tue Apr 24 2001 - 12:12:58 PDT