git.cascardo.info Git - cascardo/linux.git/commit

xfrm: Remove useless secid field from xfrm_audit.

It seems to me that commit ab5f5e8b "[XFRM]: xfrm audit calls" is doing
something strange at xfrm_audit_helper_usrinfo().
If secid != 0 && security_secid_to_secctx(secid) != 0, the caller calls
audit_log_task_context() which basically does
secid != 0 && security_secid_to_secctx(secid) == 0 case
except that secid is obtained from current thread's context.

Oh, what happens if secid passed to xfrm_audit_helper_usrinfo() was
obtained from other thread's context? It might audit current thread's
context rather than other thread's context if security_secid_to_secctx()
in xfrm_audit_helper_usrinfo() failed for some reason.

Then, are all the caller of xfrm_audit_helper_usrinfo() passing either
secid obtained from current thread's context or secid == 0?
It seems to me that they are.

If I didn't miss something, we don't need to pass secid to
xfrm_audit_helper_usrinfo() because audit_log_task_context() will
obtain secid from current thread's context.

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>

author	Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
	Fri, 18 Apr 2014 07:23:46 +0000 (16:23 +0900)
committer	Steffen Klassert <steffen.klassert@secunet.com>
	Tue, 22 Apr 2014 08:47:53 +0000 (10:47 +0200)
commit	f1370cc4a01e61007ab3020c761cef6b88ae3729
tree	bee103f4c6398b978b47b1b6bba8e097c1e332aa	tree \| snapshot
parent	5a9d19ab76f98b7cdc97ba9724be01deba791bc0	commit \| diff

include/net/xfrm.h		diff \| blob \| history
net/key/af_key.c		diff \| blob \| history
net/xfrm/xfrm_policy.c		diff \| blob \| history
net/xfrm/xfrm_state.c		diff \| blob \| history
net/xfrm/xfrm_user.c		diff \| blob \| history