[PATCH] audit: convert status version to a feature bitmap
Paul Moore
pmoore at redhat.com
Thu Nov 13 22:00:07 UTC 2014
On Thursday, November 13, 2014 12:38:17 PM Joe Perches wrote:
> On Thu, 2014-11-13 at 15:29 -0500, Richard Guy Briggs wrote:
> > The version field defined in the audit status structure was found to have
> > limitations in terms of its expressibility of features supported. This is
> > distict from the get/set features call to be able to command those
> > features
> > that are present.
> >
> > Converting this field from a version number to a feature bitmap will allow
> > distributions to selectively backport and support certain features and
> > will
> > allow upstream to be able to deprecate features in the future. It will
> > allow userspace clients to first query the kernel for which features are
> > actually present and supported. Currently, EINVAL is returned rather
> > than EOPNOTSUP, which isn't helpful in determining if there was an error
> > in the command, or if it simply isn't supported yet. Past features are
> > not represented by this bitmap, but their use may be converted to
> > EOPNOTSUP if needed in the future.
>
> Maybe use DECLARE_BITMAP instead of u32 and test_bit/set_bit
The audit_status struct is user visible and the version field is currently a
u32 where DECLARE_BITMAP is an unsigned long.
--
paul moore
security and virtualization @ redhat
More information about the Linux-audit
mailing list