On Sun, Dec 01, 2002 at 07:07:40PM -0800, Seth Arnold wrote:
> On Sun, Dec 01, 2002 at 12:30:56AM -0800, Greg KH wrote:
> > I'm _really_ tired of all of the "empty" functions that all security
> > modules need to provide. So here's a brute force patch that lets any
>
> Heh, it is sort-of brute-force.. :) I really like the idea, but if we
> are going to allow filling in only portions of the ops structure, would
> it make more sense to use the if(op->foo) op->foo() hook style? (Given
> that benchmarks didn't seem to show much difference between the two
> styles anyway..) That way, there wouldn't be any cpp magic glue to hold
> it all together.
>
> (Or, if that style is particularly ideous to developers, just pretend I
> never said it. :)
No, I never ran any benchmarks with that kind of hook style. And yes, I
do not think we want to do that :)
> > +void security_fixup_ops (struct security_operations *ops)
> > +{
> > + set_to_dummy_if_null(ops, capget);
> > + set_to_dummy_if_null(ops, ptrace);
> > + set_to_dummy_if_null(ops, capget);
>
> capget duplicate..
Ah, thanks, good catch.
greg k-h
_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Sun Dec 01 2002 - 22:00:42 PST