[PATCH 3/5] v2 seccomp_filters: Enable ftrace-based system call filtering
Peter Zijlstra
peterz at infradead.org
Fri May 13 22:43:32 EST 2011
On Fri, 2011-05-13 at 14:39 +0200, Peter Zijlstra wrote:
>
> > event_vfs_getname(result);
> > result = check_event_vfs_getname(result);
Another fundamental difference is how to treat the callback chains for
these two.
Observers won't have a return value and are assumed to never fail,
therefore we can always call every entry on the callback list.
Active things otoh do have a return value, and thus we need to have
semantics that define what to do with that during callback iteration,
when to continue and when to break. Thus for active elements its
impossible to guarantee all entries will indeed be called.
More information about the Linuxppc-dev
mailing list