On Sun, 2005-04-17 at 20:22 -0700, Dave Peterson wrote: > It looks to me like the main reason the syscall was removed has to do > with architectures in which the kernel executes in 64-bit mode and > user-space code may execute in 32-bit mode. I think x86_64, ia64, > and sparc64 is a comprehensive list of such architectures that are > supported by Linux; is this correct? IMHO, the more important reason was that it opened up a gateway for arbitrary interfaces into the kernel without peer review, much like ioctl. The trend in kernel development seems to be away from ioctl-like interfaces and toward much more well-defined interfaces, with a particular emphasis on implementing new interfaces via pseudo filesystems rather than syscalls. For SELinux, we re-implemented (a subset of) its API via a combination of a new /proc/pid/attr API for process security attribute manipulation, the existing xattr API (with the addition of a new security namespace) for file security attribute manipulation, and a selinuxfs pseudo filesystem for SELinux-specific interfaces. See http://www.nsa.gov/selinux/papers/module/x360.html -- Stephen Smalley <sds@private> National Security Agency
This archive was generated by hypermail 2.1.3 : Mon Apr 18 2005 - 05:22:58 PDT