* Kees Cook <keescook@xxxxxxxxxxxx> wrote: > >> +#ifdef CONFIG_AUDIT > >> + if (error) { > >> + struct audit_buffer *ab; > >> + > >> + ab = audit_log_start(current->audit_context, > >> + GFP_KERNEL, AUDIT_AVC); > >> + audit_log_format(ab, "op=linkat action=denied"); > >> + audit_log_format(ab, " pid=%d comm=", current->pid); > >> + audit_log_untrustedstring(ab, current->comm); > >> + audit_log_d_path(ab, " path=", old_path); > >> + audit_log_format(ab, " dev="); > >> + audit_log_untrustedstring(ab, inode->i_sb->s_id); > >> + audit_log_format(ab, " ino=%lu", inode->i_ino); > >> + audit_log_end(ab); > >> + } > >> +#endif > > > > Small detail: don't these audit methods map to nothing on > > !CONFIG_AUDIT, allowing the #ifdef to be dropped? (if not then > > it should really be so.) > > Ah-ha; a more careful look at audit.h agrees. :) I'll adjust > this as well. Another detail, I'd also stick those logging lines into a separate inline function right before the linkat function, so that the logging details do not obscure the main flow of VFS logic: if (error) audit_log_linkat_denied(current, old_path, inode); ... or so. People reading this function won't be interested in the logging details 99.9% of the time. Thanks, Ingo -- To unsubscribe from this list: send the line "unsubscribe linux-doc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html