James Morris wrote:
>>+struct audit_buffer *netlbl_audit_start_common(int type, u32 secid)
>
>
>>+ if (current->mm) {
>>+ down_read(¤t->mm->mmap_sem);
>>+ vma = current->mm->mmap;
>>+ while (vma) {
>>+ if ((vma->vm_flags & VM_EXECUTABLE) &&
>>+ vma->vm_file) {
>>+ audit_log_d_path(audit_buf,
>>+ " exe=",
>>+ vma->vm_file->f_dentry,
>>+ vma->vm_file->f_vfsmnt);
>>+ break;
>>+ }
>>+ vma = vma->vm_next;
>>+ }
>>+ up_read(¤t->mm->mmap_sem);
>
>
>
> Suggestion for the future: I think it'd be wortwhile consolidating this
> with the code in audit_log_task_info().
Agreed, in fact, as I suspect you have already noticed, this was ripped
right from that function. It was private to kernel/auditsc.c making it
offlimits, but I would have gladly used it instead; making
audit_log_task_info() public seemed like something that was beyond this
NetLabel specific patch.
> In any case, the patch looks fine to me.
>
> Acked-by: James Morris <[EMAIL PROTECTED]>
Thanks.
--
paul moore
linux security @ hp
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
