Re: Audit capability patch
Thanks. New patch attached.
Changelog:
1/14/2005: remove redundant message length checks.
1/14/2005: return -EINVAL on non-audit message
1/14/2005: return -EINVAL on non-audit message
1/14/2005: removed/inlined netlink_get_msgtype() function.
-serge
Quoting Stephen Smalley (sds(a)epoch.ncsc.mil):
On Fri, 2005-01-14 at 13:07, Stephen Smalley wrote:
> On Fri, 2005-01-14 at 12:52, Serge Hallyn wrote:
> > Attached is a "final" version of the audit caps patch. I will send
this
> > to lkml tomorrow if noone complains.
>
> As Darrel noted earlier, the skb->len and nlh->nlmsg_len checks are
> already performed by audit_receive_skb() prior to calling
> audit_receive_msg(), so you don't need them in audit_netlink_ok(),
> right? And as he noted, you can just pass the nlh->nlmsg_type directly
> from audit_receive_msg() to audit_netlink_ok(), you don't need to
> re-extract it.
Also, I think you want to remove the case 0 from the switch statement in
audit_netlink_ok, so that it will use the default case and return
-EINVAL rather than proceeding.
--
Stephen Smalley <sds(a)epoch.ncsc.mil>
National Security Agency
--
Linux-audit mailing list
Linux-audit(a)redhat.com
http://www.redhat.com/mailman/listinfo/linux-audit
Attachments:
- audit-caps.patch (text/plain — 5.6 KB)