On Fri, Oct 18, 2002 at 02:36:31AM -0700, Crispin Cowan wrote: > So: does it help to specify that the sys_security arguments be (say) > "unsigned int"? Then you can just zero-pad them, or truncate them. Yes that works fine. But the problem is when people pass pointers to structures and copy_*_user them later. And they near always do. Structures need to be converted when they contain pointers or long long (on x86-64/ia64 long long has different alignment than ia32 long long) > > And even if the 32bit emulation layer doesn't perfectly translate the > sys_security arguments: that just breaks LSM modules. It would not > surprise me that something like an application trying to talk to a > security module might not cleanly port from 32 to 64 bits. By carefully The application does not need to be ported. That's the whole point of the emulation layer. Just the in kernel stuff needs to be. > stating the assumptions (clean data types) most of these problems should > be addressed. You can specify clean data types. But it's very likely that eventually someone fucks up and adds something that needs to be translated (at least it's very likely with such an 'designed to be extensible' interface like you have) And then having a basic design that makes translation impossible would be unfortunate. -Andi _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Fri Oct 18 2002 - 02:45:31 PDT