> From: Christopher Clark <[email protected]> > Subject: [PATCH v3 14/15] xsm, argo: notify: don't describe rings that cannot > be sent to > > Signed-off-by: Christopher Clark <[email protected]>
I have not checked to see how commonly this function is called, but it looks like it may have the potential for producing excessive AVC denials when just checking. If this is the case, using another XSM hook (or adding a bool parameter to the existing one) to distinguish between this case and the actual send attempt would let you use avc_has_perm_noaudit here to avoid that log spam. If this call doesn't happen in some automated/common fashion, it's fine as-is. Acked-by: Daniel De Graaf <[email protected]> _______________________________________________ Xen-devel mailing list [email protected] https://lists.xenproject.org/mailman/listinfo/xen-devel
