[PATCH 1/7] audit: implement generic feature setting and retrieving
Eric Paris
eparis at redhat.com
Tue Jul 9 20:59:40 UTC 2013
On Tue, 2013-07-09 at 14:30 -0400, Steve Grubb wrote:
> > I can certainly shoehorn a 4 state interface into AUDIT_SET/GET.
>
> Does the new interface support more than 4 a state variable? Suppose
> we need
> to set a number value like 8192, will it do that?
No. The new interface is written to be on/off locked/unlock
The get/set interface could be extended to allow for this. We'd have to
grow the size of struct audit_status with a new __u32. Kernel space
would have to 0 out the struct and overwrite it with what it got from
userspace. Userspace would just have to ignore the additional info from
a read...
I agree, a version field is useful.
More information about the Linux-audit
mailing list