On Wed, 10 Jul 2002, Wayne Salamon wrote: > > - Pass priority arg through to socket_sock_alloc_security(). > > > > Should we address the other alloc hooks (skb_alloc_security, etc.) then > too? Yes, I think so. > > > - Pointer save not needed in tcp_create_openreq_child(). > > > > > newsk->security is set before this code in the sk_alloc() call, and we > need to prevent this pointer from being overwritten with the listening > sock's security pointer. You're right, sorry. > > > - The socket_sock_connect() hook is TCP specific, probably better to call > > it tcp_create_openreq_child(). > > > > Well, I went back and forth on this. I'm not sure this hook will always > be TCP specific. > It's only called from tcp_create_openreq_child(), and is not a generic socket or sock event. Also, calling it socket_sock_connect() may cause confusion with the connect() hook -- better to make the API as clear and simple as possible, rather than try and cater for something generic which may happen in the future. - James -- James Morris <jmorrisat_private> _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed Jul 10 2002 - 06:05:30 PDT