On Thu, Nov 1, 2018 at 2:49 PM Richard Guy Briggs <rgb@xxxxxxxxxx> wrote: > On 2018-10-19 19:17, Paul Moore wrote: > > On Sun, Aug 5, 2018 at 4:33 AM Richard Guy Briggs <rgb@xxxxxxxxxx> wrote: > > > Standalone audit records have the timestamp and serial number generated > > > on the fly and as such are unique, making them standalone. This new > > > function audit_alloc_local() generates a local audit context that will > > > be used only for a standalone record and its auxiliary record(s). The > > > context is discarded immediately after the local associated records are > > > produced. > > > > > > Signed-off-by: Richard Guy Briggs <rgb@xxxxxxxxxx> > > > Acked-by: Serge Hallyn <serge@xxxxxxxxxx> > > > --- > > > include/linux/audit.h | 8 ++++++++ > > > kernel/audit.h | 1 + > > > kernel/auditsc.c | 33 ++++++++++++++++++++++++++++----- > > > 3 files changed, 37 insertions(+), 5 deletions(-) > > > > I'm not in love with the local flag, and the whole local context in > > general, but that's a larger discussion and not something I want to > > force on this patchset; we can fix it later. > > I understand your reasoning to combine it so that if one patch gets > backported then both do, or if one gets reverted both do, but I really > prefer them seperate for similar reasons if there is more than one user. The key is "more than one user". As I mentioned below, assuming that the only user is the networking bits (we can continue to discuss the tty caller in the tty patch), this should live with the networking bits; it makes no sense to keep it separate in that case. Of course, if there is more than one user, then keeping this change separate is reasonable. > > I think this patch looks fine, but it seems a bit odd standalone; it's > > almost always better to include new capabilities/functions in the same > > patch as the user. Since the only user is the networking bits, it > > might make more sense to fold this patch into that one. > > It was kept seperate due to tty_audit usage. See my reasoning for patch > 6, but I'm willing to negotiate if that merits an exception like the > USER records do. -- paul moore www.paul-moore.com
