Re: [PATCH 1/1] NetLabel: add audit support for configuration changes
James Morris wrote:
>+struct audit_buffer *netlbl_audit_start_common(int type, u32
secid)
>+ if (current->mm) {
>+ down_read(¤t->mm->mmap_sem);
>+ vma = current->mm->mmap;
>+ while (vma) {
>+ if ((vma->vm_flags & VM_EXECUTABLE) &&
>+ vma->vm_file) {
>+ audit_log_d_path(audit_buf,
>+ " exe=",
>+ vma->vm_file->f_dentry,
>+ vma->vm_file->f_vfsmnt);
>+ break;
>+ }
>+ vma = vma->vm_next;
>+ }
>+ up_read(¤t->mm->mmap_sem);
Suggestion for the future: I think it'd be wortwhile consolidating this
with the code in audit_log_task_info().
Agreed, in fact, as I suspect you have already noticed, this was ripped
right from that function. It was private to kernel/auditsc.c making it
offlimits, but I would have gladly used it instead; making
audit_log_task_info() public seemed like something that was beyond this
NetLabel specific patch.
In any case, the patch looks fine to me.
Acked-by: James Morris <jmorris(a)namei.org>
Thanks.
--
paul moore
linux security @ hp