On 14/01/14, William Roberts wrote:
> The race was non existent. I had the VMA locked. I switched to this to keep
> the code that gets the cmdline value almost unchanged to try and reduce
> bugs. I can still author a patch on top of this later to optimize. However
> the buffer is smaller. Before it
This bounced LKML, re-sending. My phone sent it as HTML
On Tue, Jan 14, 2014 at 7:50 PM, William Roberts
wrote:
> The race was non existent. I had the VMA locked. I switched to this to keep
> the code that gets the cmdline value almost unchanged to try and reduce
> bugs. I can still author a patc
On 14/01/06, William Roberts wrote:
> During an audit event, cache and print the value of the process's
> cmdline value (proc//cmdline). This is useful in situations
> where processes are started via fork'd virtual machines where the
> comm field is incorrect. Often times, setting the comm field st
On Mon, Jan 6, 2014 at 9:08 AM, Mateusz Guzik wrote:
> I can't comment on the concept, but have one nit.
FYI: The concept is something that has been in the works and at least ackd on
by the current maintainer of audit:
http://marc.info/?l=linux-kernel&m=138660320704580&w=2
>
> On Mon, Jan 06, 20
...@tycho.nsa.gov; William Roberts
Subject: Re: [RFC][PATCH 3/3] audit: Audit proc cmdline value
I can't comment on the concept, but have one nit.
On Mon, Jan 06, 2014 at 07:30:30AM -0800, William Roberts wrote:
> +static void audit_log_cmdline(struct audit_buffer *ab, struct task_struct
I can't comment on the concept, but have one nit.
On Mon, Jan 06, 2014 at 07:30:30AM -0800, William Roberts wrote:
> +static void audit_log_cmdline(struct audit_buffer *ab, struct task_struct
> *tsk,
> + struct audit_context *context)
> +{
> + int res;
> + char *buf;
6 matches
Mail list logo
