SE Linux patch(Re: [BusyBox] SE Linux)

Villalovos, John L john.l.villalovos at intel.com
Tue May 3 16:39:36 UTC 2005


Rob Landley <mailto:rob at landley.net> wrote:
> Up in the header file or werever:
> 
> #ifndef CONFIG_SELINUX
> #define USE_SELINUX	0
> #else
> #define USE_SELINUX 1
> #endif
> 
> And then later, you can do some variant of:
> 
> void function(blah)
> {
>   int use_selinux=0;
> 
>   if(decision) use_selinux=USE_SELINUX;
> 
>   if(use_selinux) {
>     stuff();
>   }
> }
> 
> There are still #ifdefs, but they don't interrupt the flow of
> the code.  The
> logic is pretty much the same, but it's now all straight C
> code, without
> having to think through what the preprocessor is doing to follow it.
> 
> However, this is not a strong objection, it's just a cleanup.  It
> could be done later.  The only real objection is the function with
> the changing number of arguments.  Fix that one, and I'll merge the
> patch. 

Another benefit of doing it the way you describe is that the code is
always compiled.  This means that you are less likely to have issues
when someone turns on the config option.  Because with #ifdefs things
can change outside of the #ifdef and then the code inside the #ifdef
will break but nobody will know until they enable the section of code.

John



More information about the busybox mailing list