Hi,
The final version of what I would like to check in is available here:
http://www.netbsd.org/~elad/issuser.diff
(it's ~100k so I didn't attach it.)
It contains both earlier diffs, plus some similar, mechanical changes
to file-system code and changes to the kauth(9) man-page.
It will
Hi,
The current code confuses lock_state for something that it isn't. I
discussed this a while ago with hannken@ and blymn@ and came up with
the attached patch. We change the semantics to require locking and add
a KASSERT to make sure they're followed. Missing locking bits are
added in two places
I don't understand what the problems are. In any case, this does not
violate anything. The language used to describe the supposed issues
with the new API is ridiculous.
What the new API allows is interaction between secmodels that are
built by people who are not part of NetBSD and don't want
Thor Lancelot Simon wrote:
According to kauth(9):
Listeners might sleep, so no locks can be held when calling
an authorization wrapper.
According to uipc_socket.c:sobind():
solock(so);
error = (*so-so_proto-pr_usrreq)(so, PRU_BIND, NULL,
Masao Uebayashi wrote:
On Fri, Apr 9, 2010 at 1:16 AM, Thor Lancelot Simon t...@panix.com wrote:
I just confused myself considerably because this config file fragment
didn't work:
no options SECMODEL_BSD44
options SECMODEL_OVERLAY
It turns out these kernel options (in
On Sat, Mar 20, 2010 at 3:24 PM, David Holland dholland-t...@netbsd.org wrote:
On Sat, Mar 20, 2010 at 01:54:49PM -0400, Elad Efrat wrote:
Thor Lancelot Simon wrote:
If not, I don't think this adds any benefit to your proposal and is likely
to simply be a distraction; I'd urge you in that case