Re: CVS commit: src/sys/kern

To: Christos Zoulas <christos%astron.com@localhost>
Subject: Re: CVS commit: src/sys/kern
From: Elad Efrat <elad%NetBSD.org@localhost>
Date: Sun, 28 Jan 2007 00:00:01 +0200

Christos Zoulas wrote:
> In article <45BB5F02.90303%NetBSD.org@localhost>, Elad Efrat  
> <elad%NetBSD.org@localhost> wrote:
>> YAMAMOTO Takashi wrote:
>>>> Module Name:       src
>>>> Committed By:      elad
>>>> Date:              Fri Jan 26 21:57:47 UTC 2007
>>>>
>>>> Modified Files:
>>>>    src/sys/kern: init_main.c
>>>>
>>>> Log Message:
>>>> Initialize kauth(9) sooner.
>>>>
>>>>
>>>> To generate a diff of this commit:
>>>> cvs rdiff -r1.288 -r1.289 src/sys/kern/init_main.c
>>>>
>>>> Please note that diffs are not public domain; they are subject to the
>>>> copyright notices on the relevant files.
>>> can you please add a comment?
>>> eg. "this should be done before xxx_init() because..."
>>>
>>> YAMAMOTO Takashi
>> sure. I've updated the cvs message to indicate we're doing this sooner,
>> and at least before proc0_init(), because we'll want to control process
>> creation and inheritance soon in the secmodel code, and for that we need
>> kauth(9) ready earlier.
> 
> I think that it is better if such comments live next to the code....
> 
> christos
> 

is attached diff okay?

-e.

Index: init_main.c
===================================================================
RCS file: /usr/cvs/src/sys/kern/init_main.c,v
retrieving revision 1.290
diff -u -p -r1.290 init_main.c
--- init_main.c 27 Jan 2007 01:13:10 -0000      1.290
+++ init_main.c 26 Jan 2007 11:25:34 -0000
@@ -262,10 +262,15 @@ main(void)
        /* Initialize callouts. */
        callout_startup();
 
-       /* Initialize kauth. */
+       /*
+        * Initialize the kernel authorization subsystem and start the
+        * default security model, if any. We need to do this early
+        * enough so that subsystems relying on any of the aforementioned
+        * can work properly. Since the security model may dictate the
+        * credential inheritance policy, it is needed at least before
+        * any process is created, specifically proc0.
+        */
        kauth_init();
-
-       /* Initialize default security model. */
        secmodel_start();
 
        /* Initialize the buffer cache */

Follow-Ups:
- Re: CVS commit: src/sys/kern
  - From: Christos Zoulas

References:
- CVS commit: src/sys/kern
  - From: Elad Efrat
- Re: CVS commit: src/sys/kern
  - From: YAMAMOTO Takashi
- Re: CVS commit: src/sys/kern
  - From: Elad Efrat
- Re: CVS commit: src/sys/kern
  - From: Christos Zoulas

Prev by Date: CVS commit: src/lib/libc
Next by Date: CVS commit: src/lib/libc/net
Previous by Thread: Re: CVS commit: src/sys/kern
Next by Thread: Re: CVS commit: src/sys/kern
Indexes:

Home | Main Index | Thread Index | Old Index