On Thu, Dec 3, 2020 at 6:55 PM Steve Grubb <[email protected]> wrote: > On Thursday, December 3, 2020 6:43:11 PM EST Paul Moore wrote: > > > So far there are only seven bits used out of 32, so it does not appear we > > > are in danger of running out anytime soon. > > Exactly. Even capability bits are easier to get assigned. :-)
Another way to look at it is that we've exhausted approximately one-third of the space in six years. In reality it is worse than that as I've been putting the brakes on new feature bits for a while now. > > > It was introduced with commit 0288d7183c41c0192d2963d44590f346f4aee917 > > > Author: Richard Guy Briggs <[email protected]> > > > AuthorDate: 2014-11-17 15:51:01 -0500 > > > Commit: Paul Moore <[email protected]> > > > CommitDate: 2014-11-17 16:53:51 -0500 > > > ("audit: convert status version to a feature bitmap") > > > It was introduced specifically to enable distributions to selectively > > > backport features. It was converted away from AUDIT_VERSION. > > > > > > There are other ways to detect the presence of backlog_wait_time_actual > > > as I mentioned above. > > > > Let me be blunt - I honestly don't care what Steve's audit userspace > > does to detect this. I've got my own opinion, but Steve's audit > > userspace is not my project to manage and I think we've established > > over the years that Steve and I have very different views on what > > constitutes good design. > > And guessing what might be in buffers of different sizes is good design? The > FEATURE_BITMAP was introduced to get rid of this ambiguity. There is just soo much to unpack in your comment Steve, but let me keep it short ... - This is an enterprise distro problem, not an upstream problem. The problems you are talking about are not a problem for upstream. - You can obviously backport things, you just have to ensure you preserve the structure order/size. It may require you backporting multiple features, but if you're already cherry-picking patches you've already gone out on your own. This approach is both obvious and commonly done, if it hasn't occurred to you I don't know what to say. ... and finally, to be blunt again - I'm not merging a patch to add a feature bit for this. -- paul moore www.paul-moore.com -- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
