Re: Audit capability patch
On Fri, 2005-01-14 at 13:07, Stephen Smalley wrote:
On Fri, 2005-01-14 at 12:52, Serge Hallyn wrote:
> Attached is a "final" version of the audit caps patch. I will send this
> to lkml tomorrow if noone complains.
As Darrel noted earlier, the skb->len and nlh->nlmsg_len checks are
already performed by audit_receive_skb() prior to calling
audit_receive_msg(), so you don't need them in audit_netlink_ok(),
right? And as he noted, you can just pass the nlh->nlmsg_type directly
from audit_receive_msg() to audit_netlink_ok(), you don't need to
re-extract it.
Also, I think you want to remove the case 0 from the switch statement in
audit_netlink_ok, so that it will use the default case and return
-EINVAL rather than proceeding.
--
Stephen Smalley <sds(a)epoch.ncsc.mil>
National Security Agency