On Thu, 9 Aug 2001, Greg KH wrote: > - Non of this registered numbers loonacy. That way is madness. If > you are going to stack modules, the modules themselves are going to > have to handle this themselves. End of story. If you want > userspace to know that the SELinux module is loaded, examine some > userspace visable thing (like a mounted file system, see next > point.) I don't think it is unreasonable to add one more parameter to sys_security to pass a magic number/module id that identifies the desired module, rather than requiring modules to also provide a separate mechanism for indicating their presence. For simplicity, we could also add this parameter to the syscall hook and have sys_security pass it through, leaving the actual checking to the module. As far as registered numbers/ids go, I agree that they should not go into security.h and that we don't have to set up any kind of registry right now. > I think that about covers the whole thread. Comments on the attached > patch, and why it doesn't work for your module? We should probably define __NR_lsm or __NR_security in include/asm-i386/unistd.h (and likewise for other supported architectures). -- Stephen D. Smalley, NAI Labs ssmalleyat_private _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Fri Aug 10 2001 - 07:19:37 PDT