Re: [PATCH] remove sys_security

From: Crispin Cowan (crispin@wirex.com)
Date: Mon Oct 21 2002 - 16:12:50 EST

Next message: Andrew Morton: "Re: ZONE_NORMAL exhaustion (dcache slab)"
Previous message: Michael Thorpe: "FusionMPT in 2.4.18"
In reply to: Alan Cox: "Re: [PATCH] remove sys_security"
Next in thread: Greg KH: "Re: [PATCH] remove sys_security"
Reply: Greg KH: "Re: [PATCH] remove sys_security"
Reply: Stephen Smalley: "Re: [PATCH] remove sys_security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Alan Cox wrote:

>On Thu, 2002-10-17 at 21:10, Greg KH wrote:
>
>
>>Ok, I think it's time for someone who actually cares about the security
>>syscall to step up here to try to defend the existing interface. I'm
>>pretty sure Ericsson, HP, SELinux, and WireX all use this, so they need
>>to be the ones defending it.
>>
>>
>The existing interface is basically the one Linus asked for, although
>perhaps with a little less thought on the structure side than it would
>have benefitted
>
The intent behind the syscall interface was that it needed to be generic
enough to support the 50+ syscalls that SELinux wants, and also be
generic enough to support potential modules that have not been invented
yet. That's why it is a MUX, and why the signature definition is enough
to deal with stacked modules and then pass a generic argv list to the
module itself.

Unfortunately, this design goal (highly generic interface) is
incompatible with the 32/64 bit transparancy layer that several
supported architectures need. As Christoph says, this is unfixable.
IMHO, it is unfixable because of conflicting design goals: you cannot
have a truly generic syscall interface and hope for it to port clean
from 32 bits to 64 bits.

Therefore, the sys_security syscall has been removed. LSM-aware
applications that want to talk to security modules can do so through a
file system interface. This will work for WireX, and Smalley says it
will work for SELinux. I hope it will work for others.

Again, my thanks for eveyone's help in cleaning up this issue, and my
apologies to anyone I may have offended. We should have thought about
the 32/64 bit issue when we defined that interface. Kudos to Greg K-H,
who told me that this syscall would be a problem.

Thanks,
Crispin

application/pgp-signature attachment: stored

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andrew Morton: "Re: ZONE_NORMAL exhaustion (dcache slab)"
Previous message: Michael Thorpe: "FusionMPT in 2.4.18"
In reply to: Alan Cox: "Re: [PATCH] remove sys_security"
Next in thread: Greg KH: "Re: [PATCH] remove sys_security"
Reply: Greg KH: "Re: [PATCH] remove sys_security"
Reply: Stephen Smalley: "Re: [PATCH] remove sys_security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Wed Oct 23 2002 - 22:00:55 EST