On Thursday, November 13, 2014 12:38:17 PM Joe Perches wrote:
On Thu, 2014-11-13 at 15:29 -0500, Richard Guy Briggs wrote:
> The version field defined in the audit status structure was found to have
> limitations in terms of its expressibility of features supported. This is
> distict from the get/set features call to be able to command those
> features
> that are present.
>
> Converting this field from a version number to a feature bitmap will allow
> distributions to selectively backport and support certain features and
> will
> allow upstream to be able to deprecate features in the future. It will
> allow userspace clients to first query the kernel for which features are
> actually present and supported. Currently, EINVAL is returned rather
> than EOPNOTSUP, which isn't helpful in determining if there was an error
> in the command, or if it simply isn't supported yet. Past features are
> not represented by this bitmap, but their use may be converted to
> EOPNOTSUP if needed in the future.
Maybe use DECLARE_BITMAP instead of u32 and test_bit/set_bit
The audit_status struct is user visible and the version field is currently a
u32 where DECLARE_BITMAP is an unsigned long.
--
paul moore
security and virtualization @ redhat