On Mon, Jul 13, 2020 at 8:28 PM Casey Schaufler <[email protected]> wrote: > On 7/13/2020 5:11 PM, Paul Moore wrote: > > On Mon, Jul 13, 2020 at 7:09 PM Casey Schaufler <[email protected]> > > wrote: > >> ... but it does appear that I could switch to using your > >> audit_alloc_local(). > > In my opinion, linking the audit container ID and LSM stacking > > patchsets would seem like a very big mistake, especially since the > > consolidation you are describing could be done after the fact without > > any disruption to the kernel/userspace interface. I would strongly > > encourage both patchsets to remain self-contained if at all possible > > so as to not jeopardize each other. > > Whatever helps the review/ack process best works for me. I will leave > audit_stamp_context() as is unless there is other feedback that leads > it to be changed.
Thanks, I think that is the best path forward for both patchsets. If/when both patchsets land in the kernel I'm happy to revisit this. -- paul moore www.paul-moore.com -- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
