On Wed, 3 Jul 2002, Seth Arnold wrote: > On Wed, Jul 03, 2002 at 04:04:50PM -0400, jmjonesat_private wrote: > > Things I'd Like To See As a Module Maintainer: > > [...] > > 2) Have the module pass the length of the structure it is registering when > > it registers the structure (most likely as "number of hooks".) This could > > be simply another integer in the registration function call, since the > > registration code would probably know the size of a pointer. > > Where would you get the size of this structure? Count all the entries? > izeof(security_ops)? sizeof(void *) * number_of_entries perhaps my i386 focus is showing, but isn't the structure populated ENTIRELY with pointers, now, making it an array of pointers, after flattening? > Perhaps the biggest downside to this approach is that it would require > some novel approach to populating a structure with function pointers, > rather than relying on the compiler to get all the details right. All my > attempts to sketch out what it might look like make me think it would > never be allowed into the kernel. How novel is requiring the registration code to duplicate pointers throughout its expected structure? The compiler can't get it all right now, really... the pointer to the structure is passed, but a simple cast COULD mess things up. > One other thing to consider: to my knowledge, no other kernel system > tries to prevent out of date modules from doing Stupid Things. If LSM > does, it would be the first, aside from the message insmod prints when > it refuses to laod a module compiled for a different kernel version. This may be true, and I don't mind kernel panics when I am testing a module against the current version (in fact, i kind of prefer to see them, so I can track down my problem before I test my system against my suite of attackers.) I submitted this only because it changes my situation not-at-all, in a purely general sense. I can fill a pointer with a "not supported" function easily, and I expect to track kernel changes on a minor-revision-per-minor-revision basis... but have no assertion that the LSM interface will so do. With my proposed solution in place, though, I can get notices that I can use to inform my customers, which is somewhat useful, in a general sense. Sincerely, J. Melvin Jones *------------------------------------------------------- * J. Melvin Jones http://www.jmjones.com/ * Webmaster, System Administrator, Network Administrator * ------------------------------------------------------ _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed Jul 03 2002 - 15:10:44 PDT