[PATCH] change lspp inode auditing
Stephen Smalley
sds at tycho.nsa.gov
Thu Mar 30 14:50:30 UTC 2006
On Thu, 2006-03-30 at 09:30 -0500, Stephen Smalley wrote:
> > +int selinux_ctxid_to_string(u32 ctxid, char **ctx, u32 *ctxlen, gfp_t gfp_mask);
>
> On second look, I think you can drop the gfp_mask because we have to use
> GFP_ATOMIC in context_struct_to_string regardless of what the caller is
> using, due to taking the policy rdlock (and looking later in the patch,
> you don't pass it down any further, so it serves no purpose). Also,
> since you explicitly identify this as a _to_string interface, I think
> you can drop the ctxlen argument; the returned string is NUL-terminated
> anyway - unless the caller needs the length for some purpose.
Actually, I take the last point back - keep the ctxlen argument please.
Catherine Zhang's patch for Unix datagram SO_PASSSEC support requires
the length information, and she needs this interface too.
--
Stephen Smalley
National Security Agency
More information about the Linux-audit
mailing list