[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <1174941251.17953.4.camel@localhost.localdomain>
Date: Mon, 26 Mar 2007 16:34:11 -0400
From: Eric Paris <eparis@...isplace.org>
To: Joy Latten <latten@...tin.ibm.com>
Cc: netdev@...r.kernel.org, davem@...emloft.net, jmorris@...ei.org,
selinux@...ho.nsa.gov
Subject: Re: [PATCH]: Add security check before flushing SAD/SPD
On Mon, 2007-03-26 at 13:39 -0600, Joy Latten wrote:
> + if ((err = security_xfrm_policy_delete(pol)) != 0) {
> + xfrm_audit_log(audit_info->loginuid,
> + audit_info->secid,
> + AUDIT_MAC_IPSEC_DELSPD,
> + err ? 0 : 1, pol, NULL);
> + return err;
In all of the denial log statements you keep the "err ? 0 : 1" which are
common among audit, but in this patch we always know that err is 1. Is
it worth simplifying this down to just a 0 in the all of the
xfrm_audit_log calls?
-Eric
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists