[Linux-cachefs] Re: [PATCH 11/14] CacheFiles: Permit an inode's security ID to be obtained [try #2]

[James Morris]

On Thu, 9 Aug 2007, David Howells wrote:

> James Morris <jmorris at namei.org> wrote:
> 
> > > +	u32 (*inode_get_secid)(struct inode *inode);
> > 
> > To maintain API consistency, please return an int which only acts as an 
> > error code, and returning the secid via a *u32 function parameter.
> 
> Does that apply to *all* the functions, irrespective of whether or not they
> return an error?

LSM is theoretically an API, so we generally don't know if a security 
module will return an error or not.

If they were simply calls directly into SElinux, where we could always 
know the semantics, then that would be a different story.



- James
-- 
James Morris
<jmorris at namei.org>