Re: [PATCH 11/14] CacheFiles: Permit an inode's security ID to beobtained [try #2]

From: James Morris
Date: Thu Aug 09 2007 - 14:44:39 EST


On Thu, 9 Aug 2007, David Howells wrote:

> James Morris <jmorris@xxxxxxxxx> wrote:
>
> > > + u32 (*inode_get_secid)(struct inode *inode);
> >
> > To maintain API consistency, please return an int which only acts as an
> > error code, and returning the secid via a *u32 function parameter.
>
> Does that apply to *all* the functions, irrespective of whether or not they
> return an error?

LSM is theoretically an API, so we generally don't know if a security
module will return an error or not.

If they were simply calls directly into SElinux, where we could always
know the semantics, then that would be a different story.



- James
--
James Morris
<jmorris@xxxxxxxxx>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/