From various discussions in these mailing lists, I have recently moved
from on-the-fence to inclined in favor of adding some Object
Capabilities to the AppArmor system. However, because of the UNIX
legacy, and the way that AppArmor is intended to work, it cannot be a
pure OC system, it will have
On Friday 16 November 2007 10:45:32 pm Tetsuo Handa wrote:
Paul Moore wrote:
I might be missing something here, but why do you need to do a skb_peek()
again? You already have the skb and the sock, just do the unlink.
The skb might be already dequeued by other thread while I slept inside
Hello.
Paul Moore wrote:
Okay, well if that is the case I think you are going to have another problem
in that you could end up throwing away skbs that haven't been through your
security_post_recv_datagram() hook because you _always_ throw away the result
of the second skb_peek(). Once
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andrew,
The attached patch (171282b3553fcec43b9ab615eb7daf6c2b494a87) applies
against 2.6.24-rc2-mm1. It addresses the problem reported by Kevin and
Andy - ultimately, the legacy support wasn't transparent. In particular,
userspace 32-bit capability