[RFC PATCH] getvalues(2) prototype
Greg KH
gregkh at linuxfoundation.org
Thu Mar 24 06:56:30 UTC 2022
On Wed, Mar 23, 2022 at 04:23:34PM +0100, Miklos Szeredi wrote:
> On Wed, 23 Mar 2022 at 14:38, Greg KH <gregkh at linuxfoundation.org> wrote:
>
> > This has been proposed in the past a few times. Most recently by the
> > KVM developers, which tried to create a "generic" api, but ended up just
> > making something to work for KVM as they got tired of people ignoring
> > their more intrusive patch sets. See virt/kvm/binary_stats.c for what
> > they ended up with, and perhaps you can just use that same type of
> > interface here as well?
>
> So this looks like a fixed set of statistics where each one has a
> descriptor (a name, size, offset, flags, ...) that tells about the
> piece of data to be exported. The stats are kept up to date in kernel
> memory and copied to userspace on read. The copy can be selective,
> since the read can specify the offset and size of data it would like
> to retrieve.
>
> The interface is self descriptive and selective, but its structure is
> fixed for a specific object type, there's no way this could be
> extended to look up things like extended attributes. Maybe that's not
> a problem, but the lack of a hierarchical namespace could turn out to
> be a major drawback.
>
> I think people underestimate the usefulness of hierarchical
> namespaces, even though we use them extensively in lots of well
> established interfaces.
I like the namespaces, they work well. If you want self-describing
interfaces (which I think your patch does), then why not just use the
varlink protocol? It's been implemented for the kernel already many
years ago:
https://github.com/varlink
and specifically:
https://github.com/varlink/linux-varlink
It doesn't need a new syscall.
thanks,
greg k-h
More information about the Linux-security-module-archive
mailing list