[PATCH] audit: Reactive rules
Miloslav Trmac
mitr at redhat.com
Wed Mar 31 18:36:05 UTC 2010
Hello,
----- "Juraj Hlista" <juro.hlista at gmail.com> wrote:
> diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
> @@ -415,7 +424,8 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
> - int i;
> + int i, j = 0;
> + int k;
> @@ -425,7 +435,7 @@ static struct audit_entry
> *audit_data_to_entry(struct audit_rule_data *data,
> for (i = 0; i < data->field_count; i++) {
> - struct audit_field *f = &entry->rule.fields[i];
> + struct audit_field *f = &entry->rule.fields[i - j];
It would be more clear to have a "source index" (used for "data"), and a "destination index" (used for entry->rule.fields); "j" is currently a difference between the two.
More information about the Linux-audit
mailing list