[PATCH V4 (was V6)] generalize audit_del_rule
Richard Guy Briggs
rgb at redhat.com
Sat Aug 1 19:44:00 UTC 2015
This patch was split out from the audit by executable path patch set due to the
potential to use it elsewhere.
In particular, some questions came up while assessing the potential for code
reuse:
Why does audit_remove_parent_watches() not call audit_del_rule() for
each entry found?
Is audit_signals not properly decremented?
Is audit_n_rules not properly decremented?
Why does kill_rules() not call audit_del_rule() for each entry found?
Is audit_signals not properly decremented?
Is audit_n_rules not properly decremented?
Richard Guy Briggs (1):
audit: save signal match info in case entry passed in is the one
deleted
kernel/auditfilter.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
More information about the Linux-audit
mailing list