[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 9 Sep 2022 14:50:18 -0400
From: Richard Guy Briggs <rgb@...hat.com>
To: Steve Grubb <sgrubb@...hat.com>
Cc: Jan Kara <jack@...e.cz>, Paul Moore <paul@...l-moore.com>,
Linux-Audit Mailing List <linux-audit@...hat.com>,
LKML <linux-kernel@...r.kernel.org>,
linux-fsdevel@...r.kernel.org, Eric Paris <eparis@...isplace.org>,
Amir Goldstein <amir73il@...il.com>
Subject: Re: [PATCH v4 3/4] fanotify,audit: Allow audit to use the full
permission event response
On 2022-09-09 10:55, Steve Grubb wrote:
> On Friday, September 9, 2022 10:38:46 AM EDT Richard Guy Briggs wrote:
> > > Richard, add subj_trust and obj_trust. These can be 0|1|2 for no, yes,
> > > unknown.
> >
> > type? bitfield? My gut would say that "0" should be "unset"/"unknown",
> > but that is counterintuitive to the values represented.
> >
> > Or "trust" with sub-fields "subj" and "obj"?
>
> No. just make them separate and u32. subj_trust and obj_trust - no sub fields.
> If we have sub-fields, that probably means bit mapping and that wasn't wanted.
Ack.
> -Steve
- RGB
--
Richard Guy Briggs <rgb@...hat.com>
Sr. S/W Engineer, Kernel Security, Base Operating Systems
Remote, Ottawa, Red Hat Canada
IRC: rgb, SunRaycer
Voice: +1.647.777.2635, Internal: (81) 32635
Powered by blists - more mailing lists