Re: [PATCH] remove sys_security

Crispin Cowan (crispin@wirex.com)
Fri, 18 Oct 2002 02:36:31 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Gregoire Favre: "Can't eject ZIP IDE with 2.5.* (works in 2.4)"
Previous message: Rusty Russell: "Re: [patch] futex-2.5.42-A2"
Maybe in reply to: Christoph Hellwig: "[PATCH] remove sys_security"
Next in thread: David Wagner: "Re: [PATCH] remove sys_security"

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig575D92046349DE4D99C4A5F0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

Andi Kleen wrote:

>Crispin Cowan <crispin@wirex.com> writes:
>
>
>>Could you elaborate on why this is a sign of trouble, design wise?
>>
>>
>David refers to the 32bit emulation issues. Some ports have a 64bit
>kernel, but support 64bit and 32bit userland (e.g. ia64 or x86-64).
>Some ports even only have 32bit userland but 64bit kernel (like sparc64 or
>mips64)
>
Thank you very much for clarifying.

>The 32bit and the 64bit worlds have different data types. Structure
>layout are different. To handle this the kernel has an emulation
>layer that converts the arguments of ioctls and system calls between
>32bit and 64bit.
>
>This emulation layer sits at the 'edge' of the kernel. For example
>to convert an ioctl it first figures out the ioctl, converts it
>then reissues the same ioctl internally with 64bit arguments. When
>the ioctl returns outgoing arguments are converted too as needed.
>
>For this to work all data structures need to be transparent.
>The emulation layer needs to have a way to figure out what and
>how to convert without looking at internal state in the kernel.
>Otherwise it cannot do its job.
>
>Without working emulation sparc64 won't work and David will be unhappy.
>
I'm all for 64-bit support, and for easy transition from 32 to 64 bits.
Really: I was around to watch the pain of transition from 16 bits to 32
bits, and I'm thrilled to see people taking the problem more seriously
this time.

So: does it help to specify that the sys_security arguments be (say)
"unsigned int"? Then you can just zero-pad them, or truncate them.

And even if the 32bit emulation layer doesn't perfectly translate the
sys_security arguments: that just breaks LSM modules. It would not
surprise me that something like an application trying to talk to a
security module might not cleanly port from 32 to 64 bits. By carefully
stating the assumptions (clean data types) most of these problems should
be addressed.

I don't get why this is a hard problem.

Crispin

--------------enig575D92046349DE4D99C4A5F0
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE9r9Yg5ZkfjX2CNDARAfteAKDJ0z4d96nkBvUw0dptQZD1SVP7fwCgjPok
Pq1sGs3y7Lob1rbrk/tsgPQ=
=IhQN
-----END PGP SIGNATURE-----

--------------enig575D92046349DE4D99C4A5F0--

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Gregoire Favre: "Can't eject ZIP IDE with 2.5.* (works in 2.4)"
Previous message: Rusty Russell: "Re: [patch] futex-2.5.42-A2"
Maybe in reply to: Christoph Hellwig: "[PATCH] remove sys_security"
Next in thread: David Wagner: "Re: [PATCH] remove sys_security"