* Lachlan McIlroy (lachlanat_private) wrote: > > There is a problem with unloading subordinate modules while > another process is executing one of its hooks. This can even > happen on uniprocessor systems if a process is sleeping in a > hook. When the module is removed from memory the other > process will cause an oops or panic when it continues. One This problem exists w/out the multiplexor module. You have two choices. Live with the danger. Or MOD_INC_USE_COUNT upon module_init() (before loading the security_ops) so that you really can't unload the module. A scheme like you've outlined will work (in the multiplexor module), and in fact, can be generalized and optimized to work in the non-stacked case. But corner cases still exist, and the overhead isn't mitigated by the usefulness. See Rusty's evil module unloading talk ;-) thanks, -chris -- Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Mon Jul 22 2002 - 12:20:39 PDT