Re: Enabling built-in modules earlier in init

[Antti Kantee <pooka%cs.hut.fi@localhost>]

On Wed Jun 16 2010 at 04:13:54 -0700, Paul Goyette wrote:
> >With the current ways of secmodel register, I'd be damn careful to not
> >push it around.  The effect is that if it's called 0 times, you have a
> >system which allows everything.  So if your suggestion is implemented
> >and you're testing a new secmodel which buggily omits register alongside
> >another correctly registering secmodel, things will appear to work fine,
> >But if in some scenario the buggy one is loaded alone, well ... welcome
> >to the wishing well.
> 
> I had some concern about this as well, wondering if I would be able to 
> be sure I'd found all the secmodel modules that might exist.

Especially ones which aren't in src!

> Perhaps it would be best to retain MODULE_CLASS_SECMODEL and also add 
> the suggested MODULE_CLASS_EARLY?

That would be my vote.

But, "early" is a little vague.  What if in the future we want
modules which are initialized even earlier.  Will those be called
MODULE_CLASS_EARLIER_THAN_EARLY?  If the class means "intialized before
autoconf", why not use that in the name?

> >Also, the modclass id is exported to userland and used as an index to
> >a table in modstat.  I think I filed a PR about this being suboptimal.
> 
> Yeah, I was planning to update modstat(8) as well.

The better choice is to update modctl(2) to pass down the information
as a proplist.  That way even module classes are pluggable and other
information is easy to add if necessary.  I'm secretly hoping someone
will do this before 6.0 ... ;)