7:28 p.m.
This patch removes the following unused EXPORT_SYMBOL's:
- audit_log_start
- audit_log_end
- audit_log_format
- audit_log
Signed-off-by: Adrian Bunk <bunk(a)stusta.de>
---
This patch was already sent on:
- 20 Apr 2006
--- linux-2.6.17-rc1-mm3-full/kernel/audit.c.old 2006-04-20 22:38:17.000000000 +0200
+++ linux-2.6.17-rc1-mm3-full/kernel/audit.c 2006-04-20 22:40:03.000000000 +0200
@@ -1092,7 +1092,3 @@
}
}
-EXPORT_SYMBOL(audit_log_start);
-EXPORT_SYMBOL(audit_log_end);
-EXPORT_SYMBOL(audit_log_format);
-EXPORT_SYMBOL(audit_log);
1:18 p.m.
On Tue, Nov 28, 2006 at 02:28:48AM +0100, Adrian Bunk wrote:
This patch removes the following unused EXPORT_SYMBOL's:
- audit_log_start
- audit_log_end
- audit_log_format
- audit_log
Signed-off-by: Adrian Bunk <bunk(a)stusta.de>
---
This patch was already sent on:
- 20 Apr 2006
I recall the opinion at the time was that it was considered useful to allow
third party modules to generate audit messages. Has anything changed?
Tony
2:27 p.m.
On Tue, Nov 28, 2006 at 07:27:02PM +0000, David Woodhouse wrote:
On Tue, 2006-11-28 at 11:18 -0800, Tony Jones wrote:
> I recall the opinion at the time was that it was considered useful to allow
> third party modules to generate audit messages. Has anything changed?
It should at least be EXPORT_SYMBOL_GPL, not EXPORT_SYMBOL.
Agreed. That sounds fine.
Tony
2:42 p.m.
New subject: [2.6 patch] kernel/audit.c: change the exports to EXPORT_SYMBOL_GPL
On Tue, Nov 28, 2006 at 07:27:02PM +0000, David Woodhouse wrote:
On Tue, 2006-11-28 at 11:18 -0800, Tony Jones wrote:
> I recall the opinion at the time was that it was considered useful to allow
> third party modules to generate audit messages. Has anything changed?
It should at least be EXPORT_SYMBOL_GPL, not EXPORT_SYMBOL.
So let's do at least the minimal patch noone disagrees with.
dwmw2
cu
Adrian
<-- snip -->
This patch changes some completely unused audit exports from
EXPORT_SYMBOL to EXPORT_SYMBOL_GPL.
They are still completely unused, but hopefully some of the theoretical
code that might use it will appear in the kernel in the near future...
Signed-off-by: Adrian Bunk <bunk(a)stusta.de>
--- linux-2.6.19-mm1/kernel/audit.c.old 2006-12-11 20:13:54.000000000 +0100
+++ linux-2.6.19-mm1/kernel/audit.c 2006-12-11 20:14:19.000000000 +0100
@@ -1209,7 +1209,7 @@
}
}
-EXPORT_SYMBOL(audit_log_start);
-EXPORT_SYMBOL(audit_log_end);
-EXPORT_SYMBOL(audit_log_format);
-EXPORT_SYMBOL(audit_log);
+EXPORT_SYMBOL_GPL(audit_log_start);
+EXPORT_SYMBOL_GPL(audit_log_end);
+EXPORT_SYMBOL_GPL(audit_log_format);
+EXPORT_SYMBOL_GPL(audit_log);
2:48 p.m.
New subject: [2.6 patch] kernel/audit.c: change the exports to EXPORT_SYMBOL_GPL
On Monday 11 December 2006 15:42, Adrian Bunk wrote:
> It should at least be EXPORT_SYMBOL_GPL, not EXPORT_SYMBOL.
So let's do at least the minimal patch noone disagrees with.
This looks fine to me.
-Steve
9:04 p.m.
On Tue, Nov 28, 2006 at 11:18:09AM -0800, Tony Jones wrote:
On Tue, Nov 28, 2006 at 02:28:48AM +0100, Adrian Bunk wrote:
> This patch removes the following unused EXPORT_SYMBOL's:
> - audit_log_start
> - audit_log_end
> - audit_log_format
> - audit_log
>
> Signed-off-by: Adrian Bunk <bunk(a)stusta.de>
>
> ---
>
> This patch was already sent on:
> - 20 Apr 2006
I recall the opinion at the time was that it was considered useful to allow
"it was considered" = "you were the one person who said this"
third party modules to generate audit messages. Has anything
changed?
Why are these third party modules you are talking about not yet merged
into the kernel and when will they be submitted for inclusion?
Tony
cu
Adrian
--
"Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
"Only a promise," Lao Er said.
Pearl S. Buck - Dragon Seed
1:42 a.m.
On Wed, Nov 29, 2006 at 04:04:41AM +0100, Adrian Bunk wrote:
> I recall the opinion at the time was that it was considered
useful to allow
"it was considered" = "you were the one person who said this"
Actually I believe Steve Grubb also said it so the above is factually
incorrect :)
> third party modules to generate audit messages. Has anything
changed?
Why are these third party modules you are talking about not yet merged
into the kernel and when will they be submitted for inclusion?
We're talking about basic logging functionality here. I know you love to
swing the cleanup hammer but ....... you get the idea.
Tony
10:53 a.m.
On Wednesday 29 November 2006 02:42, Tony Jones wrote:
Actually I believe Steve Grubb also said it so the above is
factually
incorrect :)
Yes, I did. I thought this was a dead issue since there was no follow up
discussion when I said it.
> > third party modules to generate audit messages. Has
anything changed?
>
> Why are these third party modules you are talking about not yet merged
> into the kernel and when will they be submitted for inclusion?
It would appear that a new audit patch to ipsec wants these and a couple more
things. So, at this point we should have something queued in netdev tree that
will use these.
We're talking about basic logging functionality here.
Exactly. I can see 3rd party security vendors perhaps using this interface as
well. I don't personally know of any that are using it, nor am I in
discussions with any, but I could see them eventually finding this and using
it as they use other basic interfaces like syslog or file access.
-Steve
5:24 p.m.
On Wed, Nov 29, 2006 at 11:53:51AM -0500, Steve Grubb wrote:
On Wednesday 29 November 2006 02:42, Tony Jones wrote:
...
> > > third party modules to generate audit messages. Has anything changed?
> >
> > Why are these third party modules you are talking about not yet merged
> > into the kernel and when will they be submitted for inclusion?
It would appear that a new audit patch to ipsec wants these and a couple more
things. So, at this point we should have something queued in netdev tree that
will use these.
AFAIR, this ipsec patch only adds non-modular users.
> We're talking about basic logging functionality here.
Exactly. I can see 3rd party security vendors perhaps using this interface as
well. I don't personally know of any that are using it, nor am I in
discussions with any, but I could see them eventually finding this and using
it as they use other basic interfaces like syslog or file access.
Reality has teached me that the only way to find out whether unused code
is really unused is to send a patch and listen whether someone is
screaming because he has an actual user. Then get this patch merged and
listen whether someone is screaming because he had an actual user.
As an example, it has just turned out that at about half of the drivers
that were not compiling and marked as BROKEN since at least 2.6.0 had
patches floating around somewhere and sending a patch to remove code
actually brought this code back into life.
We are talking about exports that are unused since they were introduced.
Either there are no users, or the existing users need the biggest
possible cluebat (removing the exports) reminding them that they should
get their ass up and submit their modules for inclusion in the kernel.
Re-adding them when users are merged into the kernel will always be
trivial.
-Steve
cu
Adrian
--
"Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
"Only a promise," Lao Er said.
Pearl S. Buck - Dragon Seed
6594
days inactive
6607
days old
linux-audit@lists.linux-audit.osci.io
9 comments
4 participants
participants (4)
-
Adrian Bunk -
David Woodhouse -
Steve Grubb -
Tony Jones