Stephen Smalley wrote: >Actually, we can avoid the trouble of even this kind of pervasive >change simply by restoring the capable() static inline function >in sched.h and then replacing its contents with a call to the >LSM capable hook. Presumably you could use a macro, too: #define capable(x) security_ops->capable_hook(x) Is that right? Then I guess that you could even consider having an #ifdef to detect whether this is being used in a module, using the above in the base kernel but using a function call in a module. Am I right in thinking that this might be possible? (Is this too much at the level of grungy performance tuning when we should instead be focusing on correctness first? If so, I'll stop.) _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Fri Jun 08 2001 - 16:24:57 PDT