Re: Problems with some of the current hooks

• Previous message: jmjonesat_private: "Re: Making forward progress"
• In reply to: Stephen Smalley: "Re: Problems with some of the current hooks"
• Next in thread: richard offer: "Re: Problems with some of the current hooks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* frm sdsat_private "08/06/01 10:56:14 -0400" | sed '1,$s/^/* /'
*
* 
* On Mon, 6 Aug 2001, richard offer wrote:
* 
*> So that I can decipher the arguments appropriately. For pread we're going
*> to have to pass the offset, for readv the iovec
*> 
*> And we still have to get fds in there, we need them. 
* 
* Ok, you're confusing me.  First, you say that you are ok with dropping
* the separate read/readv/write/writev hooks and just using the permision
* hook for all of these operations.  Then you say that you want to pass
* information like the offset and iovec which is specific to particular
* operations.  If you want specialized arguments, then you want separate
* hooks.  Then each hook can pass the right set of arguments for
* the operation, and the module knows where it was called from and
* the argument values.  I don't think we want a permission hook with
* an arbitrary number of typeless parameters.

I thought that was what you were proposing.


[snip]

* 
* So, why do you want these parameters?  If you can make the case for them,
* then I would suggest that you really want separate hooks with specialized
* arguments rather than the single permission hook.

You're right, my mistake, I withdraw the argument.

* 
*> * And
*> * why exactly do you want separate hooks for readdir and sendfile?
*> 
*> Because they have different enough APIs and usages that I think it would
*> be worth it. Otherwise the general purpose hook is going to have too many
*> parameters.
* 
* Again, the file_ops->permission hook works fine for these operations
* with only the struct file * and the permissions mask for typical
* access control modules.

Yes, but _if_ readdir was a separate hook, then we could get rid of the
abombination of not having a FD available at the time of that hook call. By
forcing it to use the same hook, your forcing us to do something ugly which
everyone agrees is a wart.

That would make it easier to add FDs, as now we have reduced the number of
hooks that would need modifying (no read/write etc), and one of the two
places that was causing a problem has suddenly gone.

The fact that readdir/getdents exists as distinct system calls and not
multiplxed through read seems to me that there was some thought that they
should be handled differently.


* Stephen D. Smalley, NAI Labs
* ssmalleyat_private

richard.

-----------------------------------------------------------------------
Richard Offer                     Technical Lead, Trust Technology, SGI
"Specialization is for insects"
_______________________________________________________________________


_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: jmjonesat_private: "Re: Making forward progress"
• Previous message: jmjonesat_private: "Re: Making forward progress"
• In reply to: Stephen Smalley: "Re: Problems with some of the current hooks"
• Next in thread: richard offer: "Re: Problems with some of the current hooks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Aug 06 2001 - 11:23:37 PDT