Another slab size-32 leak 2.6.16-rc4-mm2
Klaus Weidner
klaus at atsec.com
Wed Mar 1 01:02:18 UTC 2006
On Tue, Feb 28, 2006 at 05:37:40PM -0600, Dustin Kirkland wrote:
> Klaus- are you calling the audit_ipc_perms() calls in ipc/*c too
> intrusive? Does this recommendation gel with the current popular
> opinion? Does this mean that the current audit_ipc_perms() calls in
> ipc/*c should be moved into the SELinux code, or rather that additional
> code is required in the SELinux code?
>
> As I understand it, the code as it stands in Viro's git tree performs
> all of (a), (b), (c), and (d) sufficiently for collecting the context
> of IPC objects, as well as the subject contexts of the initiating
> syscalls for LSPP certification.
I'm not asking for any specific change, and if the current code's
maintainer is happy with the hooks as implemented now that's fine. I was
just saying that putting strictly label related functionality into the
SELinux part of the code sounds like a reasonable way to implement it,
but that would be more along the line of a janitorial change if people
prefer that approach. We're not going for EAL8 with requirements for
maximally elegant and beautiful code ;)
> At this point, I'm trying to understand if there are additional to-do's
> beyond the memory leak patch submitted by Steve Grubb and ack'ed by me
> earlier in this thread. If there are, please specify, and if not,
> please apply the memory leak patch and let's move on. I'd like to hear
> Al's opinion on the matter, as the audit tree is his now and it's up to
> him whether or not to push on to Andrew.
I'm not aware of anything additional needed. I haven't tested the code,
and am not very familiar with it, so I can't definitely promise that it
currently meets all the requirements, but that's what the testing process
is for.
-Klaus
More information about the Linux-audit
mailing list