[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Enabling built-in modules earlier in init
On Wed Jun 16 2010 at 04:13:54 -0700, Paul Goyette wrote:
> >With the current ways of secmodel register, I'd be damn careful to not
> >push it around. The effect is that if it's called 0 times, you have a
> >system which allows everything. So if your suggestion is implemented
> >and you're testing a new secmodel which buggily omits register alongside
> >another correctly registering secmodel, things will appear to work fine,
> >But if in some scenario the buggy one is loaded alone, well ... welcome
> >to the wishing well.
> I had some concern about this as well, wondering if I would be able to
> be sure I'd found all the secmodel modules that might exist.
Especially ones which aren't in src!
> Perhaps it would be best to retain MODULE_CLASS_SECMODEL and also add
> the suggested MODULE_CLASS_EARLY?
That would be my vote.
But, "early" is a little vague. What if in the future we want
modules which are initialized even earlier. Will those be called
MODULE_CLASS_EARLIER_THAN_EARLY? If the class means "intialized before
autoconf", why not use that in the name?
> >Also, the modclass id is exported to userland and used as an index to
> >a table in modstat. I think I filed a PR about this being suboptimal.
> Yeah, I was planning to update modstat(8) as well.
The better choice is to update modctl(2) to pass down the information
as a proplist. That way even module classes are pluggable and other
information is easy to add if necessary. I'm secretly hoping someone
will do this before 6.0 ... ;)
Main Index |
Thread Index |