On Monday, November 17, 2014 03:51:01 PM Richard Guy Briggs wrote: > The version field defined in the audit status structure was found to have > limitations in terms of its expressibility of features supported. This is > distict from the get/set features call to be able to command those features > that are present. > > Converting this field from a version number to a feature bitmap will allow > distributions to selectively backport and support certain features and will > allow upstream to be able to deprecate features in the future. It will > allow userspace clients to first query the kernel for which features are > actually present and supported. Currently, EINVAL is returned rather than > EOPNOTSUP, which isn't helpful in determining if there was an error in the > command, or if it simply isn't supported yet. Past features are not > represented by this bitmap, but their use may be converted to EOPNOTSUP if > needed in the future. > > Since "version" is too generic to convert with a #define, use a union in the > struct status, introducing the member "feature_bitmap" unionized with > "version". > > Convert existing AUDIT_VERSION_* macros over to AUDIT_FEATURE_BITMAP* > counterparts, leaving the former for backwards compatibility. > > Signed-off-by: Richard Guy Briggs <[email protected]> > --- > include/uapi/linux/audit.h | 17 +++++++++++++---- > kernel/audit.c | 2 +- > 2 files changed, 14 insertions(+), 5 deletions(-)
Applied to the audit next branch, thanks Richard. * git://git.infradead.org/users/pcmoore/audit next -- paul moore security and virtualization @ redhat -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
