tech-kern archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: jit code and securelevel
On Thu, Jan 01, 2015 at 08:34:44PM +0000, Alexander Nasonov wrote:
> > Perhaps having a sysctl to enable/disable it that can only be enabled
> > at a low securelevel can let people choose the behavior they want.
>
> I implemented it, see below, but I feel it's not right to query
> securelevel directly, adding new KAUTH_SYSTEM_BPFJIT would be
> a better approach. Not sure it's worth the effort.
Until we manage to retire kauth I think we'd better keep its
abstraction barriers in place, such as they are. :-/
--
David A. Holland
dholland%netbsd.org@localhost
Home |
Main Index |
Thread Index |
Old Index