Re: [RFC][PATCH] (#7U3) [linux-2.6.12-rc2-mm1] file system auditing

On Wednesday 27 April 2005 19:17, Timothy R. Chavez wrote: Do you need these headers or just the forward declaration for the data types used in this header? audit_data seems very generic. Like something the core auditing system would have. It would be more meaningful if it were named something related to the file system or watch. audit_wdata? mode_t mode); I wonder if this function declaration should have a #ifdef CONFIG_AUDITFILESYSTEM around it and then use the macro if not. Same goes for the function definition in auditsc.c. (audit.c) Should the call to audit_list_watches be surrounded by #ifdef CONFIG_AUDITFILESYSTEM and then return -EOPNOTSUPP in the #else? Same with audit_receive_watch. Looking through the code for auditfs.c, there is no use of the macros likely and unlikely to help branch prediction. I'll throw this out to Chris & David, do we have any critical paths that would benefit from this code being augmented with those macros? (auditfs.c) Are these offsets being calculated right? Seems like sb + memcpy(memblk, &req, sizeof(req)); + offset = sizeof(req); + memcpy(memblk + offset, watch->filterkey, req.fklen); + offset += req.fklen; + memcpy(memblk + offset, watch->path, req.pathlen) ? Whatever happened to checking parameters and then allocating memory? I thought this was done right a few revs ago. Question. If there is no context, is there a possibility of generating one? Under what circumstances besides no memory would a context not exist? Based on what I see, I think I can merge the userspace portion for listing watches. There's cleanups needed, but I think the intent is correct. -Steve