From: josh@joshtriplett.org
To: One Thousand Gnomes <gnomes@lxorguk.ukuu.org.uk>
Cc: Iulia Manda <iulia.manda21@gmail.com>,
serge.hallyn@canonical.com,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org, akpm@linux-foundation.org,
paulmck@linux.vnet.ibm.com, peterz@infradead.org, mhocko@suse.cz
Subject: Re: [PATCH] kernel: Conditionally support non-root users, groups and capabilities
Date: Wed, 21 Jan 2015 08:31:07 -0800 [thread overview]
Message-ID: <20150121163107.GA19618@cloud> (raw)
In-Reply-To: <20150121145219.446d360c@lxorguk.ukuu.org.uk>
On Wed, Jan 21, 2015 at 02:52:19PM +0000, One Thousand Gnomes wrote:
> The proposed patch generates a whole mass of ifdefs all over the place.
> If it's going to be done move all the functions in question together
> somewhere logical and give them a single ifdef or a file of their own.
I assume the header-file ifdefs are not problematic. The functions in
kernel/sys.c are already grouped together in a single block and needed
only one ifdef. So I'd assume the main problem is the multiple ifdefs
in capability.c and groups.c? Might be possible to consolidate those,
sure.
> It also doesn't appear to be dropping all it should - why can't you
> simply not compile in groups.c for example ? If you can't then it says
> the patch is far from complete at this point.
Making groups.c entirely optional has been on the todo list for a while;
it's rather harder than just dropping the syscalls, as some of its
other functions are exported to the rest of the kernel as well, but it's
doable.
- Josh Triplett
prev parent reply other threads:[~2015-01-21 16:31 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-01-20 23:33 [PATCH] kernel: Conditionally support non-root users, groups and capabilities Iulia Manda
2015-01-21 0:05 ` Casey Schaufler
2015-01-21 0:50 ` Josh Triplett
2015-01-21 1:23 ` Casey Schaufler
2015-01-21 5:08 ` Josh Triplett
2015-01-21 14:52 ` One Thousand Gnomes
2015-01-21 16:31 ` josh [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150121163107.GA19618@cloud \
--to=josh@joshtriplett.org \
--cc=akpm@linux-foundation.org \
--cc=gnomes@lxorguk.ukuu.org.uk \
--cc=iulia.manda21@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=mhocko@suse.cz \
--cc=paulmck@linux.vnet.ibm.com \
--cc=peterz@infradead.org \
--cc=serge.hallyn@canonical.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.