James Sutherland wrote:
> Linus and/or Alan have complained in the past about people submitting
> enormous patches in one block, expressing a preference for getting patches
> in "piecemeal". I'd tend to agree with this approach - if Linda's first
> patch, just adding these hooks, can be added, tested and trusted, then
> integrating and testing the rest of the audit support code will be easier.
--- Thanks.> > If that is not the case, I would be happy to have my assumptions and > > (mis)-observations corrected. > > > > I don't know about auditing implementations but if your patch was able to > > actually implement all that is necessary, it was *very* impressively > > compact :) > > It looks like a pretty good implementation, IMHO. I'd have preferred > getaudit_id() to be split into two functions, one returning the uid_t > (luid), the other returning the (signed or unsigned??) long long sess_id. > Similarly, splitting setaudit_id() into audit_newsess_id() and > audit_setluid(). Is there some reason why you didn't do that, Linda?? --- I wanted to reduce the usage of kernel call space. I wouldn't be opposed at all to splitting them if kernel-call #'s are considered plentiful -- which I guess they fairly are. I dunno, Alan, Linus? Rik? Anyone? Preferences for separate calls? Note there is still the 64-bit call being abused to call a 32-bit call. I haven't explored all the parameters on that yet -- but it isn't forgotten.
> The other potential problem is claiming interrupt 0x81 for the new 64-bit > syscall - I'd guess this SHOULD be ok, but is it?? --- Could be asked of any interrupt vector. I know it wasn't used in any of the ia32 specific kernel code.
-l
-- Linda A Walsh | Trust Technology, Core Linux, SGI law@sgi.com | Voice: (650) 933-5338
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun May 07 2000 - 21:00:13 EST