[PATCH 1/1] NetLabel: add audit support for configuration changes
Paul Moore
paul.moore at hp.com
Thu Sep 28 20:04:58 UTC 2006
James Morris wrote:
>>+struct audit_buffer *netlbl_audit_start_common(int type, u32 secid)
>
>
>>+ if (current->mm) {
>>+ down_read(¤t->mm->mmap_sem);
>>+ vma = current->mm->mmap;
>>+ while (vma) {
>>+ if ((vma->vm_flags & VM_EXECUTABLE) &&
>>+ vma->vm_file) {
>>+ audit_log_d_path(audit_buf,
>>+ " exe=",
>>+ vma->vm_file->f_dentry,
>>+ vma->vm_file->f_vfsmnt);
>>+ break;
>>+ }
>>+ vma = vma->vm_next;
>>+ }
>>+ up_read(¤t->mm->mmap_sem);
>
>
>
> Suggestion for the future: I think it'd be wortwhile consolidating this
> with the code in audit_log_task_info().
Agreed, in fact, as I suspect you have already noticed, this was ripped
right from that function. It was private to kernel/auditsc.c making it
offlimits, but I would have gladly used it instead; making
audit_log_task_info() public seemed like something that was beyond this
NetLabel specific patch.
> In any case, the patch looks fine to me.
>
> Acked-by: James Morris <jmorris at namei.org>
Thanks.
--
paul moore
linux security @ hp
More information about the Linux-audit
mailing list