[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Getting the real task name in avc messages

To: James Morris <jmorris@xxxxxxxxxx>
Subject: Re: Getting the real task name in avc messages
From: Darrel Goeddel <dgoeddel@xxxxxxxxxxxxx>
Date: Wed, 30 Mar 2005 16:27:06 -0600
Cc: Steve G <linux_4ever@xxxxxxxxx>, selinux@xxxxxxxxxxxxx
In-reply-to: <Xine.LNX.4.44.0503301704130.15296-100000@xxxxxxxxxxxxxxxxxxxxxxxx>
References: <Xine.LNX.4.44.0503301704130.15296-100000@xxxxxxxxxxxxxxxxxxxxxxxx>
Sender: owner-selinux@xxxxxxxxxxxxx
User-agent: Mozilla Thunderbird 1.0.2 (Windows/20050317)

James Morris wrote:

On Wed, 30 Mar 2005, James Morris wrote:

This will be looked upon dimly upstream:

+        char name[sizeof(current->comm)];

the kernel stack space is very limited.

Actually, current->comm is only defined by default to be 16 bytes, so it'sok.



- James


You could also just do:

	task_lock(current);
	audit_log_format(ab, " comm=%s", current->comm);
	task_unlock(current);

This avoids an unnecessary copy since we have no use the data after the
audit_log_format call.

I really like the idea of moving this functionality to the standard
syscall audit record.  I'm sure that this would be nice info to have
for folks who do not run SELinux.

--

Darrel

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.

Follow-Ups:
- Re: Getting the real task name in avc messages
  - From: Stephen Smalley

References:
- Re: Getting the real task name in avc messages
  - From: James Morris

Prev by Date: Re: Getting the real task name in avc messages
Next by Date: Re: Desktop apps interoperability
Previous by thread: Re: Getting the real task name in avc messages
Next by thread: Re: Getting the real task name in avc messages
Index(es):
- Date
- Thread

This mailing list archive is a service of Copilot Consulting.