On Nov 15, 2016 4:33 PM, "William Roberts" <bill.c.robe...@gmail.com> wrote:
>
> <snip>
>
> > memset(&avdatum, 0, sizeof avdatum);
> > + /*
> > + * AUDITDENY and DONTAUDIT are &= assigned, versus |=
for
> > + * others. Initialize the data accordingly.
> > + */
> > + avdatum.data = (key->specified &
> > + (AVRULE_AUDITDENY | AVRULE_DONTAUDIT)) ?
~0 : 0;
>
> Nak this, surprising this is working and producing correct output, but
Correct when checking the sesearch output, which makes sense since we're
expecting both classes to be all dontaudit statements.
> we would want to check
> against the AVTAB defines...
>
> This patch, while simple, for some reason is getting the best of me :-P
>
> > /* this is used to get the node - insertion is actually
unique */
> > node = avtab_insert_nonunique(avtab, key, &avdatum);
> > if (!node) {
> <snip>
_______________________________________________
Selinux mailing list
Selinux@tycho.nsa.gov
To unsubscribe, send email to selinux-le...@tycho.nsa.gov.
To get help, send an email containing "help" to selinux-requ...@tycho.nsa.gov.
