On Monday 17 December 2007 2:56:41 pm Stephen Smalley wrote:
> On Fri, 2007-12-14 at 16:50 -0500, Paul Moore wrote:
> > /* Initialize an AVC audit data structure. */
> > #define AVC_AUDIT_DATA_INIT(_d,_t) \
> > -{ memset((_d), 0, sizeof(struct avc_audit_data)); (_d)->type =
> > AVC_AUDIT_
On Fri, 2007-12-14 at 16:50 -0500, Paul Moore wrote:
> Instead of storing the packet's network interface name store the ifindex.
> This
> allows us to defer the need to lookup the net_device structure until the audit
> record is generated meaning that in the majority of cases we never need to
> b
Instead of storing the packet's network interface name store the ifindex. This
allows us to defer the need to lookup the net_device structure until the audit
record is generated meaning that in the majority of cases we never need to
bother with this at all.
---
security/selinux/avc.c |
