Quoting Tony Jones ([EMAIL PROTECTED]): Thanks, Tony. I'll address each of these in the next patchset. Just two things I wanted to actually converse about:
> 5) /* > * Workarounds for the fact that get and setprocattr are used only by > * selinux. (Maybe) > */ > > No complaints on selinux getting to avoid the (module), they are intree. > Just a FYI that SubDomain/AppArmor uses these hooks also. And is it ok with using the "some_data (apparmor)" convention? The special handling of selinux is intended to be temporary, due to the large base of installed userspace which hasn't yet been updated. I would imagine that at some point that code would go away. > I noticed the conditional CONFIG_SECURITY_STACKER code went away, previously > it would look at the value chain head only for the !case. But this comment > still remains. Yes, after I added the unlink function, it started to seem that the special cases for !CONFIG_SECURITY_STACKER wouldn't be any faster than the stacker versions. They still might be, but I'll have to think about it. If I just ditch those, then I can probably ditch the whole security-stack.h file, and move those declarations into security.h. They were just in their own file because Stephen had pointed out that switching between stacker and non-stacker would cause too much code to be recompiled. thanks, -serge - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/