Audit capability patch

Stephen Smalley sds at epoch.ncsc.mil
Fri Jan 14 18:09:49 UTC 2005


On Fri, 2005-01-14 at 13:07, Stephen Smalley wrote:
> On Fri, 2005-01-14 at 12:52, Serge Hallyn wrote:
> > Attached is a "final" version of the audit caps patch.  I will send this
> > to lkml tomorrow if noone complains.
> 
> As Darrel noted earlier, the skb->len and nlh->nlmsg_len checks are
> already performed by audit_receive_skb() prior to calling
> audit_receive_msg(), so you don't need them in audit_netlink_ok(),
> right?  And as he noted, you can just pass the nlh->nlmsg_type directly
> from audit_receive_msg() to audit_netlink_ok(), you don't need to
> re-extract it.

Also, I think you want to remove the case 0 from the switch statement in
audit_netlink_ok, so that it will use the default case and return
-EINVAL rather than proceeding.

-- 
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency




More information about the Linux-audit mailing list