From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from bombadil.infradead.org (bombadil.infradead.org [18.85.46.34]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by ozlabs.org (Postfix) with ESMTPS id 32E00B6F06 for ; Fri, 13 May 2011 22:40:13 +1000 (EST) Subject: Re: [PATCH 3/5] v2 seccomp_filters: Enable ftrace-based system call filtering From: Peter Zijlstra To: Ingo Molnar In-Reply-To: <20110513122646.GA3924@elte.hu> References: <1304017638.18763.205.camel@gandalf.stny.rr.com> <1305169376-2363-1-git-send-email-wad@chromium.org> <20110512074850.GA9937@elte.hu> <20110512130104.GA2912@elte.hu> <20110513121034.GG21022@elte.hu> <1305289146.2466.8.camel@twins> <20110513122646.GA3924@elte.hu> Content-Type: text/plain; charset="UTF-8" Date: Fri, 13 May 2011 14:39:30 +0200 Message-ID: <1305290370.2466.14.camel@twins> Mime-Version: 1.0 Cc: linux-mips@linux-mips.org, linux-sh@vger.kernel.org, Frederic Weisbecker , Heiko Carstens , Oleg Nesterov , David Howells , Paul Mackerras , Eric Paris , "H. Peter Anvin" , sparclinux@vger.kernel.org, Jiri Slaby , linux-s390@vger.kernel.org, Russell King , x86@kernel.org, James Morris , Linus Torvalds , Ingo Molnar , linux-arm-kernel@lists.infradead.org, kees.cook@canonical.com, "Serge E. Hallyn" , microblaze-uclinux@itee.uq.edu.au, Steven Rostedt , Martin Schwidefsky , Thomas Gleixner , Roland McGrath , Michal Marek , Michal Simek , Will Drewry , linuxppc-dev@lists.ozlabs.org, linux-kernel@vger.kernel.org, Ralf Baechle , Paul Mundt , Tejun Heo , linux390@de.ibm.com, Andrew Morton , agl@chromium.org, "David S. Miller" List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , On Fri, 2011-05-13 at 14:26 +0200, Ingo Molnar wrote: > * Peter Zijlstra wrote: >=20 > > On Fri, 2011-05-13 at 14:10 +0200, Ingo Molnar wrote: > > > err =3D event_vfs_getname(result); > >=20 > > I really think we should not do this. Events like we have them should b= e=20 > > inactive, totally passive entities, only observe but not affect executi= on=20 > > (other than the bare minimal time delay introduced by observance). >=20 > Well, this patchset already demonstrates that we can use a single event= =20 > callback for a rather useful purpose. Can and should are two distinct things. > Either it makes sense to do, in which case we should share facilities as = much=20 > as possible, or it makes no sense, in which case we should not merge it a= t all. And I'm arguing we should _not_. Observing is radically different from Affecting, at the very least the two things should have different permission schemes. We should not confuse these two matters. > > If you want another entity that is more active, please invent a new nam= e for=20 > > it and create a new subsystem for them, now you could have these active= =20 > > entities also have an (automatic) passive event side, but that's some d= etail. >=20 > Why should we have two callbacks next to each other: >=20 > event_vfs_getname(result); > result =3D check_event_vfs_getname(result); >=20 > if one could do it all? Did you actually read the bit where I said that check_event_* (although I still think that name sucks) could imply a matching event_*?