On Sat, 29 Jun 2002, Chris Wright wrote: > * James Morris (jmorrisat_private) wrote: > > On Thu, 27 Jun 2002, Seth Arnold wrote: > > > > > Chris offfers a beer to whoever can come up with a slick solution so > > > that module authors don't have to define functions they don't care > > > about. > > > > I think this can be done relatively simply once the hooks are flattened > > out (I looked at this some months ago, and managing the double pointers > > was the only problem, IIRC). > > the main thing i want to avoid is fooling the module into thinking it > has filled in all callbacks when defaults are automagically used. > As king of the "relatively stupid questions", can I ask somebody to briefly explain: ASSUMPTION: the interface still allows ONE registration of the LSM structure, and all subsequent MUST be subordinately registered by the primary module. (I've been working off-the-tree for some time.) If the module isn't filling in the pointer when it registers the structure, and module-families MUST be interoperable, how can the module be fooled? There's a strong prohibition here to module composition and providing help for the "bad programmer writing modules." Any GOOD module will account for ALL the hooks, one way or another. Most correctly, based on my experiences. IF the module_doesn't_register THEN the default is in place, I would think. I somewhat like the idea of "mixed modules" who don't step on each other's hooks, but think that's perfectly possible ABOVE the interface, and, the interface owes much of its efficiency to it's "non-severable" nature. -------- Alternatively, a single check function that compares the address in the registered function or even returns the entire structure for the module to do it's "magic comparison" upon should be quite able to compare the address of the hook against the default, if the module wants to poll the structure. This would not have to be done very often... only on registrations, so it's a trivial overhead, and it's somewhat protected by the module_id idea. Still Thinking In An Other Context, Apologies if I'm totally Off-Base, J. Melvin Jones > > cheers, > -chris > -- > Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net > _______________________________________________ > linux-security-module mailing list > linux-security-moduleat_private > http://mail.wirex.com/mailman/listinfo/linux-security-module > *------------------------------------------------------- * J. Melvin Jones http://www.jmjones.com/ * Webmaster, System Administrator, Network Administrator * ------------------------------------------------------ _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Sat Jun 29 2002 - 10:01:44 PDT