On Wed, May 17, 2017 at 10:00 AM, Sebastien Buisson
<[email protected]> wrote:
> 2017-05-17 18:04 GMT+02:00 William Roberts <[email protected]>:
>> I'm assuming in the Lustre code you're going to call security_policy_brief(),
>> how would the caller know how big that buffer is going to be?
>
> We can determine it at configure time for instance, given that len as
> an output parameter would give the size necessary to store the policy
> brief info.
>
>> I'm looking at both v5 patches, I don't see where it's being called with
>> alloc
>> set to false.
>
> It would be called with alloc set to false from network and
> distributed file systems like Lustre.
That doesn't seem like a good way at all.
1. What happens as the brief is changed, all callers with false
would potentially need there buffer size increased.
2. There is no guarantee at runtime that as brief changes,
that the size will remain bounded. fields could be
added/changed/removed.
3. If/when stacking needs to be supported, brief size can
change dramatically, bringing us back to issue 1.
--
Respectfully,
William C Roberts
