how is this error preserved in the audit trail?
Look at my patch again - if the secctx cannot be retrieved, either
because a) it does not exists; or b) because of internal error or
otherwise, then it is not logged in the audit log as part of the
NETFILTER_PKT message (the fact there is internal LSM error has
absolutely nothing to do with a netfilter packet!).
If, internally (upon calling security_secid_to_secctx) there is a
decision to handle that *internal* error in one way or another so be it,
but as far as my patch goes - there is no secctx if that function
returns nothing and I think that is the right think to do.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
