On Fri, Oct 05, 2001 at 07:23:11PM -0700, Crispin Cowan wrote:
> There are two conflicting schools of thought on this issue:
>
> * conditional compilation is bad: hard to maintain, etc. So just
> use straight hooks, and make them as efficient as possible.
> * you can't please everyone, so make LSM config'able.
I think what the "no conditional compilation" is a prohibition against
is actually #ifdefs in the .c files. If our security.h header file has
two different definitions for the hooks, along these lines:
#ifdef CONFIG_LSM_SCAFFOLD
#define foo_hook(x,y,z) _foo_hook((x),(y),(z))
#else
#define foo_hook(x,y,z) do { } while(0)
#endif
I'm sure gregkh will correct me if I am wrong, but my understanding is
that ifdefs for the config options is fine in headers, but is verboten
in kernel code. (An excellent example is spinlocks: under SMP, they are
spinlocks. Under UP, they are nothing.)
> But you can't have both. Most of us in LSM appear to be agnostic on
> this question, so my plan was to go forward with the straight hooks, and
> cooperate if the kernel consensus is that it should be config'able and
> just change it.
Hmm. Maybe not a bad idea. However, these function calls don't come
free; I expect we will need to be able to take our hooks out at the flip
of a switch.
_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Mon Oct 08 2001 - 09:24:31 PDT