Subject: Re: Getting rid of /dev/veriexec
To: Jason Thorpe <email@example.com>
From: Elad Efrat <elad@NetBSD.org>
Date: 12/02/2005 17:51:09
Jason Thorpe wrote:
> As you said before, there is really no change to veriexec here except
> for "sysctl entry point vs device entry point". Since both choices are
> basically non-optimal, I don't see any real benefit to changing
> veriexec at this time, since you're just trading one ugly solution for
While there is no change to the end-user here, I *still* think that
sysctl is a more logical place to have these hooks in.
The change is intended to unify the userland access to Veriexec-related
settings, and like Nathan said -- a matter of taste.
Because the diff reuses the code from sys/dev/verified_exec.c only in
sys/kern/kern_verifiedexec.c, how would it hurt to do this move, even
for the sake of having to maintain one less file?
In time, when sysctl (or part of it) uses a different interface, we'll
have to do the move anyway; why not unify it now, then?