How about getting inclusion of these patches that I submitted before? Thanks, > -----Original Message----- > From: owner-selinux@xxxxxxxxxxxxx [mailto:owner-selinux@xxxxxxxxxxxxx] > On Behalf Of KaiGai Kohei > Sent: 27 January 2011 01:03 > To: SELinux-NSA > Cc: Kohei KaiGai > Subject: Re: libselinux: add selinux_status_* interfaces for > /selinux/status > > I updated my patch to reference /selinux/status entry. > > The interface of selinux_status_open() and selinux_status_updated() was > revised to eliminate an argument of 'last_seqlock' that holds a > sequence value when we call this function last time. > At first, I tried to give this storage externally for thread-safing, > but fallback routine was not thread-safe anyway, so it became nonsense. > > The attached status.c is an example program to call these APIs. > > Any comments please. Thanks, > > (2011/01/22 22:42), Kohei KaiGai wrote: > > The attached patch adds several interfaces to reference > > /selinux/status according to sequential-lock logic. > > > > selinux_status_open() open the kernel status page and mmap it with > > read-only mode, or open netlink socket as a fallback in older kernels. > > > > Then, we can obtain status information from the mmap'ed page using > > selinux_status_updated(), selinux_status_getenfoce(), > > selinux_status_policyload() or selinux_status_deny_unknown(). > > > > It enables to help to implement userspace avc with heavy access > > control decision; that we cannot ignore the cost to communicate with > > kernel for validation of userspace caches. > > > > Thanks, > -- > KaiGai Kohei <kaigai@xxxxxxxxxxxxx> -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
