Re: Stacking - anyone care how to report module id's?

Previous message: Lindsay Haisley: "Re: Please confirm your message (fwd)"
In reply to: Greg KH: "Re: Stacking - anyone care how to report module id's?"
Next in thread: Greg KH: "Re: Stacking - anyone care how to report module id's?"
Next in thread: Crispin Cowan: "Re: Stacking - anyone care how to report module id's?"
Reply: Greg KH: "Re: Stacking - anyone care how to report module id's?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

dwheelerat_private

Greg KH wrote:

> On Fri, Aug 23, 2002 at 09:07:20AM -0400, David Wheeler wrote:
> 
>> I'm still interested in completing a stacking module, but
>> I have two questions for everyone:
>> 
>> 1. I need the "module id" of a stacked module, if it has one,
>>    to implement returns from sys_security.
> 
> 
> I don't understand why you need this.
> The "module id" is _only_ for the module itself, for it to check if the
> sys_security call is for itself.  It should not be used to determine who
> to send the sys_security call to.

I thought so too... but it's not so, and it becomes
clear why this isn't so only when you try to WRITE
a stacking module.

Yes, you could call every module.  But sys_security
has a return value.  WHICH return value do you pass back?
If you call every module, you have no idea which value to
pass back.  Checking for values like "-ENOSYS" won't help,
that may be the value you wanted to send back!

I suppose you could return a tuple
("is this a valid value" and "value"), but
that's quite clumsy.  It's more efficient & cleaner to
simply register the module id.

--- David A. Wheeler
     dwheelerat_private

_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module