From: Kylene Jo Hall <kjhall@us.ibm.com>
To: Pavel Machek <pavel@ucw.cz>
Cc: linux-kernel <linux-kernel@vger.kernel.org>,
LSM ML <linux-security-module@vger.kernel.org>,
Dave Safford <safford@us.ibm.com>, Mimi Zohar <zohar@us.ibm.com>,
Serge Hallyn <sergeh@us.ibm.com>
Subject: Re: [RFC][PATCH 3/6] SLIM main patch
Date: Fri, 28 Jul 2006 12:05:31 -0700 [thread overview]
Message-ID: <1154113531.4695.59.camel@localhost.localdomain> (raw)
In-Reply-To: <20060728060134.GB4623@ucw.cz>
On Fri, 2006-07-28 at 06:01 +0000, Pavel Machek wrote:
> Hi!
>
> > SLIM is an LSM module which provides an enhanced low water-mark
> > integrity and high water-mark secrecy mandatory access control
> > model.
>
> Still no Documentation/ changes. Uses // comments to comment out code.
>
We'll add a description similar to what was in the Patch 3 email to file
slim.txt in Documentation and make sure to remove all // comments in the
next release.
> > +static char *get_token(char *buf_start, char *buf_end, char delimiter,
> > + int *token_len)
> > +{
> > + char *bufp = buf_start;
> > + char *token = NULL;
> > +
> > + while (!token && (bufp < buf_end)) { /* Get start of token */
> > + switch (*bufp) {
> > + case ' ':
> > + case '\n':
> > + case '\t':
> > + bufp++;
> > + break;
> > + case '#':
> > + while ((*bufp != '\n') && (bufp++ < buf_end)) ;
> > + bufp++;
> > + break;
> > + default:
> > + token = bufp;
> > + break;
> > + }
> > + }
> > + if (!token)
> > + return NULL;
> > +
> > + *token_len = 0;
> > + while ((*token_len == 0) && (bufp <= buf_end)) {
> > + if ((*bufp == delimiter) || (*bufp == '\n'))
> > + *token_len = bufp - token;
> > + if (bufp == buf_end)
> > + *token_len = bufp - token;
> > + bufp++;
> > + }
> > + if (*token_len == 0)
> > + token = NULL;
> > + return token;
> > +}
>
> What are these tokens and why do we want to play with strings in
> kernel?
>
The xattrs must be parsed. They are strings for portability and
readability. SELinux does this as well. Note: we are in the process of
removing the time stuff from the xattr for the next release for this
reason as well.
Thanks,
Kylie
> Pavel
>
next prev parent reply other threads:[~2006-07-28 19:05 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-07-24 17:51 [RFC][PATCH 3/6] SLIM main patch Kylene Jo Hall
2006-07-28 6:01 ` Pavel Machek
2006-07-28 19:05 ` Kylene Jo Hall [this message]
-- strict thread matches above, loose matches on Subject: below --
2006-07-24 17:51 Kylene Jo Hall
2006-07-14 17:24 Kylene Jo Hall
2006-07-14 17:44 ` Dave Hansen
2006-07-14 18:06 ` Kylene Jo Hall
2006-07-14 18:28 ` Dave Hansen
2006-07-14 18:27 ` Dave Hansen
2006-07-14 19:25 ` Kylene Jo Hall
2006-07-14 19:34 ` Dave Hansen
2006-07-14 20:51 ` David Safford
2006-07-14 19:52 ` Serge E. Hallyn
2006-07-14 20:01 ` Kylene Jo Hall
2006-07-14 20:06 ` Dave Hansen
2006-07-15 16:54 ` Pavel Machek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1154113531.4695.59.camel@localhost.localdomain \
--to=kjhall@us.ibm.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=pavel@ucw.cz \
--cc=safford@us.ibm.com \
--cc=sergeh@us.ibm.com \
--cc=zohar@us.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox