Re: Updated stacker.c (the real one, ignore the last post)

From: Seth Arnold (sarnoldat_private)
Date: Sat Jul 20 2002 - 13:26:11 PDT

  • Next message: Crispin Cowan: "Re: Problem stacking sys_security; need id in security_ops or mod_reg_security"

    On Sat, Jul 20, 2002 at 01:09:25AM -0400, dwheelerat_private wrote:
    >  * "Stacker" LSM security module.
    >  * Load this module first as the primary LSM module,
    
    David, thanks for starting work on the stacking module. At this point,
    you know the LSM interface much better than I do, but I thought the
    sys_security() had been designed to allow userspace to contact a
    specific module through the module numeric id. (Which is computed with
    the md5sum of the module name, by convention.) The stacking module
    should be able to just call every stacked module with the paramters
    unchanged and allow the stacked module to recognize that the call was
    intended for some other security module, and return with a specific
    errno. It isn't effecient (and wli must be upset about the introduction
    of Yet Another Linear Search :) but it should be simple.
    
    > #define COMPUTE_ERROR_IF_ANY_ERROR(CALL) \
    > 	int final_result = 0; \
    > 	int result; \
    > 	struct module_entry *module_p; \
    > 	for (module_p = stacked_modules; module_p; module_p->next) { \
    > 		result = module_p->module_operations->CALL; \
    > 		if (result && !final_result) final_result = result; \
    > 	}
    
    This will give errors: 
    > 	for (module_p = stacked_modules; module_p; module_p->next) { \
    use this instead:
    > 	for (module_p = stacked_modules; module_p; module_p = module_p->next) { \
    
    
    > #define COMPUTE_SUCCESS_IF_ANY_SUCCESS(CALL) \
    [...]
    > 	for (module_p = module_p->next; module_p; module_p->next) { \
    
    Same here.
    
    > /* Call all modules in stacked_modules' CALL routine */
    > #define CALL_ALL(CALL) \
    > 	struct module_entry *module_p; \
    > 	for (module_p = stacked_modules; module_p; module_p->next) { \
    > 		module_p->module_operations->CALL; \
    > 	}
    
    Same here.
    
    This is as far as I made it before I had to leave; as a final parting
    comment, I suggest that your stacking module should use some form of
    locking to protect the module stack, and acquire that lock when
    traversing the stack to compute error returns. (I suggest using the RCU
    locking mechanism, presented at OLS, as that would make the stack
    traversal very cheap, while pushing the locking costs onto the stack
    change procedures, which is likely going to be very rare in a system's
    uptime. A first cut should probably use a simpler locking primitive, but
    mark it with a TODO for some enterprising chap in the future. :)
    
    Thanks again David
    
    -- 
    http://www.wirex.com/
    
    
    

    _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module



    This archive was generated by hypermail 2b30 : Sat Jul 20 2002 - 13:29:40 PDT