Re: [RFC v2 2/7] keys: initialize root uid and session keyrings early
From: Eric W. Biederman
Date: Fri Aug 17 2012 - 17:27:45 EST
Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> writes:
> On Thu, 2012-08-16 at 15:59 -0400, Josh Boyer wrote:
>> On Thu, Aug 16, 2012 at 3:45 PM, Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> wrote:
>> > On Thu, 2012-08-16 at 15:13 -0400, Josh Boyer wrote:
>> >> On Thu, Aug 16, 2012 at 3:08 PM, Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> wrote:
>> >> >> > +#include "internal.h"
>> >> >> > +static int __init init_root_keyring(void)
>> >> >> > +{
>> >> >> > + return install_user_keyrings();
>> >> >> > +}
>> >> >> > +
>> >> >> > +late_initcall(init_root_keyring);
>> >> >> > --
>> >> >>
>> >> >> Why is this in an entirely new file instead of just being added to
>> >> >> process_keys.c ?
>> >> >>
>> >> >> josh
>> >> >
>> >> > Only when "CONFIG_INTEGRITY_SIGNATURE" is selected, does this get built.
>> >>
>> >> Yes, I noticed that. It doesn't explain why it's in its own file. You
>> >> could accomplish the same thing by wrapping the function and initcall
>> >> in #ifdef CONFIG_INTEGRITY_SIGNATURE in process_keys.c.
>> >
>> > I was under the impression using 'ifdefs' in 'C' code was frowned upon
>> > (Documentation/SubmittingPatches section 2.2). This would be an
>> > exception?
>>
>> If it makes a big ugly mess it's frowned upon. But if you're adding 7
>> lines of code in a new file that will almost certainly never get more
>> code added to it, I'm not sure. IMHO, it can go into an existing file.
>> Others might disagree. Isn't Linux development fun?!
>
> This is just a case where if I had 'ifdef's in 'C' code, I'm sure
> someone would have complained. :)
Why does the code need to be dependent on security modules at all. The
code should work regardless either way.
Eric
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/