On Fri, Apr 09, 2010 at 10:24:38AM +0000, Andrew Doran wrote: > > I'm not sure I grasp how things like the filesystem or device scopes could > > even really work if you can't make kauth calls with locks held. > > It cannot work without locks held in various places. > What it should say is that kauth itself must not take locks..
That doesn't work either for the interesting advanced security models either. E.g. an implementation of zones/jails must be able to protect access to the global data structures. Joerg
