Re: [RFC] [Stacking v4 3/3] Cleaned up stacker patch

From: Seth Arnold (sarnold@private)
Date: Wed Jan 05 2005 - 15:21:44 PST

Previous message: David A. Wheeler: "Re: LSM Stacker"
Next in thread: Serge Hallyn: "Re: [RFC] [Stacking v4 3/3] Cleaned up stacker patch"
Reply: Serge Hallyn: "Re: [RFC] [Stacking v4 3/3] Cleaned up stacker patch"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Fri, Dec 03, 2004 at 12:04:02PM -0600, Serge Hallyn wrote:
> Attached is a cleaned up version of stacker.

Serge, I'm curious about a design point -- it appears that you've got
some loops here that will query each module in turn for an answer,
and a configurable flag to drop out as soon as a module rejects an access.

However, I don't see any call-backs to modules that have granted access
(and likely updated internal control structures) to notify them that
their decision has been rescinded by a further module, should a module
further in the chain reject the access.

I looked only for the specific case of turning quotas on and off, and
I didn't find any post hooks to allow modules to realign their internal
state based on success or failure of the quota hooks. I expect that many
of the hooks are similar to the quota hooks.

Have I missed this functionality? Or have your initial results determined
that it is a rare module which needs to update internal state if its
"grant" decision is rescinded by another module's "deny" decision?

Thanks Serge

> +#define RETURN_ERROR_IF_ANY_ERROR(BASE_FUNC,FUNC_WITH_ARGS) do { \
> +	int final_result = 0; \
> +	struct module_entry *m; \
> +	rcu_read_lock(); \
> +	list_for_each_entry_rcu(m, &stacked_modules, lsm_list) { \
> +		int result = 0, stop = 0; \
> +		atomic_inc(&m->use); \
> +		rcu_read_unlock(); \
> +		if (m->module_operations.BASE_FUNC) \
> +			result = m->module_operations.FUNC_WITH_ARGS; \
> +		if (result && !final_result) { \
> +			final_result = result; \
> +			if (short_circuit_restrictive) \
> +				stop = 1; \
> +		} \
> +		rcu_read_lock(); \
> +		if (unlikely(atomic_dec_and_test(&m->use))) \
> +			stacker_free_module(m); \
> +		if (stop) \
> +			break; \
> +	} \
> +	rcu_read_unlock(); \
> +	return final_result; \
> +} while (0)
> +
> +/* Call all modules in stacked_modules' routine */
> +#define CALL_ALL(BASE_FUNC,FUNC_WITH_ARGS) do { \
> +	struct module_entry *m; \
> +	rcu_read_lock(); \
> +	list_for_each_entry_rcu(m, &stacked_modules, lsm_list) { \
> +		atomic_inc(&m->use); \
> +		rcu_read_unlock(); \
> +		if (m->module_operations.BASE_FUNC) \
> +			m->module_operations.FUNC_WITH_ARGS; \
> +		rcu_read_lock(); \
> +		if (unlikely(atomic_dec_and_test(&m->use))) \
> +			stacker_free_module(m); \
> +	} \
> +	rcu_read_unlock(); \
> +} while (0)

application/pgp-signature attachment: stored

Previous message: David A. Wheeler: "Re: LSM Stacker"
Next in thread: Serge Hallyn: "Re: [RFC] [Stacking v4 3/3] Cleaned up stacker patch"
Reply: Serge Hallyn: "Re: [RFC] [Stacking v4 3/3] Cleaned up stacker patch"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Wed Jan 05 2005 - 15:22:12 PST