On Fri, Aug 23, 2002 at 05:28:45PM -0400, David Wheeler wrote: > > Well, if all the other modules CHECKED the id before > doing anything else, and returned -ENOSYS if it wasn't theirs, > I guess that's okay. That is the requirement for the sys_security function. If it isn't specified in the documentation for it, it should be added. > BTW, I don't have to lock the list at all in most cases > if I'm going to assume that pointer writes are atomic. Sorry, force of habit when writing code... > Instead, I'll make removing modules slightly harder. > If you want to remove a stacked module, you'll first have to > "disable" it, and then it's up to the administrator to make sure > that all threads have completed calling the list before > removing the disabled module (and the administrator will have > to decide when it's safe to do so). Basically, I plan to > trade away safety in module removal in order to gain speed. Sounds reasonable, "removing modules can be dangerous" is a good thing to state :) thanks, greg k-h _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Fri Aug 23 2002 - 14:46:42 PDT