> From: Christopher Clark <christopher.w.cl...@gmail.com> > Subject: [PATCH v3 14/15] xsm, argo: notify: don't describe rings that cannot > be sent to > > Signed-off-by: Christopher Clark <christopher.cla...@baesystems.com>
I have not checked to see how commonly this function is called, but it looks like it may have the potential for producing excessive AVC denials when just checking. If this is the case, using another XSM hook (or adding a bool parameter to the existing one) to distinguish between this case and the actual send attempt would let you use avc_has_perm_noaudit here to avoid that log spam. If this call doesn't happen in some automated/common fashion, it's fine as-is. Acked-by: Daniel De Graaf <dgde...@tycho.nsa.gov> _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel