On Mon, 30 Sep 2002, Greg KH wrote: > Why not just use the existing _initcall levels instead of creating a new > one? Isn't one of them early enough for security modules to use? Some security modules (like SELinux) want to initialize before any security hooks would be called, just as you presently initialize the security framework via security_scaffolding_startup() in start_kernel() in init/main.c. Otherwise, we have to provide some mechanism for handling kernel objects allocated before SELinux has initialized, like the precondition functions (which make it very difficult to reason about control flow and locking issues) or explicitly locating all such objects during module initialization (which isn't always feasible). -- Stephen D. Smalley, NAI Labs ssmalleyat_private _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Mon Sep 30 2002 - 11:39:26 PDT