[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [PATCH 3rd revision] Add SELinux context support to AUDIT target




int audit_log_secctx(struct auditbuffer *ab, u32 secid)
{
    int len, rc;
    char *ctx;

    rc = security_secid_to_secctx(sid, &ctx, &len);
    if (rc) {
        audit_panic("Cannot convert secid to context");
    } else {
            audit_log_format(ab, " subj=%s", ctx);
            security_release_secctx(ctx, len);
    }
    return rc;
}

Such a function could be used a couple of places in the audit code itself.
My view on this is that LSM error-handling should be part of LSM.

I presume security_secid_to_secctx is going to be called from quite a few places (well, I know of at least two now and they have nothing to do with the LSM) and in my opinion it would be better if that error handling, if adopted, is implemented within the function itself - whether by calling another function, like the one you proposed above, or as part of the secctx retrieval - this could be open to interpretation, but the point I am trying to make is that whichever code security_secid_to_secctx is invoked from shouldn't be involved in reporting/handling (internal LSM) errors at all.

I think I made that point in my previous post, but just wanted to make sure that is the case.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]