[RFC][PATCH] collect security labels on user processes generating audit messages
Timothy R. Chavez
tinytim at us.ibm.com
Wed Feb 22 17:14:38 UTC 2006
On Wed, 2006-02-22 at 09:21 -0500, Stephen Smalley wrote:
<snip>
>
> > +u32 selinux_task_getsecid(struct task_struct *tsk)
> > +{
> > + u32 sid = 0;
> > +
> > + if (ss_initialized)
> > + sid = ((struct task_security_struct *)tsk->security)->sid;
> > +
> > + return sid;
> > +}
>
> You don't strictly need to check ss_initialized in this function; all
> tasks are assigned the kernel SID until policy is loaded, so you can
> always access the SID. As a matter of style, I'd prefer an explicit
> task_security_struct* local variable with separate assignment, i.e.
> struct task_security_struct *tsec = tsk->security;
> sid = tsec->sid;
>
Ok. That change will appear in the patch I post against Darrel's work
once it goes upstream.
-tim
More information about the Linux-audit
mailing list