[RFC][PATCH] audit: add feature audit_lost reset

[Steve Grubb]

On Friday, December 9, 2016 6:46:43 PM EST Paul Moore wrote:
> > I would suggest that the return value (presuming it was reset when
> > non-zero) or the audit record generated reporting the lost value
> > reset would be sufficient confirmation that the feature exists on the
> > running kernel and the addition to the feature bitmap is not strictly
> > necessary, but you only find this out upon attempting that lost reset.
> > 
> > Well, we haven't used much of that bitmap space and if it isn't to be
> > used when needed, why is it there?  If there is a relatively simple
> > alternate non-destructive way to discover the presence of a feature use
> > of the bitmap isn't necessary.
> 
> My concern isn't the absolute consumption of the bitmap, but rather
> the rate of the consumption.

I'm not concerned much about it. There are very few more RFE's that are either 
in the pipeline or something I can think of that we need.

-Steve