Re: Audit capability patch
On Fri, 2005-01-14 at 16:43, Serge E. Hallyn wrote:
Thanks. New patch attached.
Changelog:
1/14/2005: remove redundant message length checks.
1/14/2005: return -EINVAL on non-audit message
1/14/2005: return -EINVAL on non-audit message
1/14/2005: removed/inlined netlink_get_msgtype() function.
- Comments before audit_netlink_ok() are no longer accurate.
- Comment for default case in audit_netlink_ok() says permission denied
but error is EINVAL, so one or the other needs to change.
- Comment added to the later default case (no longer needed) seems bad,
i.e. patch either should not add the comment or should remove the case,
take your pick.
- You could just pass the eff_cap to audit_netlink_ok() rather than the
entire skb.
Otherwise, good to go.
--
Stephen Smalley <sds(a)epoch.ncsc.mil>
National Security Agency