* frm chrisat_private "08/21/01 18:11:31 -0700" | sed '1,$s/^/* /' * ** richard offer (offerat_private) wrote: *> *> *> * frm offerat_private "08/21/01 15:27:23 -0700" | sed '1,$s/^/* /' *> * *> * *> *> * I will submit a patch that adds an extra parameter to syscall *> * *> * sys_security(int modid, int cmd, unsigned long *args) *> * *> * for the private use of the module. *> *> *> Attached is the proposal (against ChangeSetat_private, 2001-08-21 *> 11:34:20-04:00 by Stephen) *> *> The prototype is now *> *> int sys_security(unsigned int modid, unsigned int call, unsigned long *> * args); * * you forgot to actually change the implementation of the sys_security * syscall. (note: there is still signed/unsigned mismatch). Doh! Okay, here is something that is based on Chris's patch but :- fixes the signed/unsigned mismatch returns -ENOSYS for the default modules (security, capability_plug) as requested by Stephen at the BOF. Adds a comment to the header file documenting the use of modid and the expected behaviour, regarding returning ENOSYS if the module does not implement sys_security(). There was some discussion regarding which error code to return ENOSYS or ENOPKG. ENOSYS would mean that you couldn't distinguish between a kernel without LSM and a kernel with LSM but running a policy that doesn't provide sys_security(). If this is important we should switch to returning ENOPKG, I'm not sure it is. * * -chris richard. ----------------------------------------------------------------------- Richard Offer Technical Lead, Trust Technology, SGI "Specialization is for insects" _______________________________________________________________________
This archive was generated by hypermail 2b30 : Wed Aug 22 2001 - 08:59:23 PDT