tech-kern: Re: kauth machdep actions (Re: CVS commit: src)

Subject: Re: kauth machdep actions (Re: CVS commit: src)
To: None <elad@NetBSD.org>
From: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
List: tech-kern
Date: 12/23/2006 15:36:39

> YAMAMOTO Takashi wrote:
> >> at the moment I don't see a serious benefit to changing the code,
> > 
> > reduce code duplication?
> > 
> >> and I
> >> tend to prefer the explicit version (what we have now).
> > 
> > why?
> 
> in the example you provided, can you elaborate on what you mean
> by "unifdef -D"?

i meant, don't bother to have __HAVE_*, and just do:

	switch (action) {
	case KAUTH_MACHDEP_UNMANAGEDMEM
			:
			:
		break;
	case KAUTH_MACHDEP_IOPL
			:
			:
		break;
	}

> iiuc, the secmodel code *we* ship (the one in our
> cvs repository) will have those #ifdefs.

i'm not sure what you mean here.

> also, there are requests that have different handling depends on the
> arch. for example, access to unmanaged memory on alpha requires code
> in the securelevel listener, but for powerpc requires code in the
> suser listener. how do you suggest to handle that?
> 
> -e.

in the case of UNMANAGEDMEM, i don't see why they require
different handlings.  i suggest just to unify them.
ie. do both for KAUTH_MACHDEP_UNMANAGEDMEM.

if something really needs different handling, we can use either of
separate KAUTH_MACHDEP_xxx or an MD helper function.

YAMAMOTO Takashi