Re: Possible system call interface for LSM

From: Seth Arnold (sarnoldat_private)
Date: Thu Aug 09 2001 - 09:31:16 PDT

  • Next message: richard offer: "Re: Possible system call interface for LSM"

    On Thu, Aug 09, 2001 at 08:50:46AM -0700, richard offer wrote:
    > In light of that case does it make sense to change the prototype from 
    >     int  (* syscall)        (int cmd, char *data, int length);
    > to
    >     int  (* syscall)        (int cmd, int copy_flag, void *data, int
    > *length);
    > I personally would rather have length pass by value than reference.
    > with copy_flag either DATA_IS_USER_SPACE or DATA_IS_KERNEL_SPACE ? (ToDo:
    > make up better names)
    Please forgive my ignorance, but is it common for kernel space to call
    syscalls? (The gist of my question is actually aimed at a specific
    point: why would the pointers in the arguments to this syscall ever be
    kernel space?)
    > It seems that the general case would be to copy data (so removing the
    > code seems like a bad idea), SELinux has specific requirements where
    > that would cause a significant problem, so lets let them not have to
    > copy when they don't want too.
    Hmm. My initial reaction is to suggest just copying the pointers about,
    and let the module handle copy_from_user and copy_to_user. If SELinux
    wants the original pointers, it is possible someone else will want the
    original pointers too.
    linux-security-module mailing list

    This archive was generated by hypermail 2b30 : Thu Aug 09 2001 - 09:30:31 PDT