summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2012-04-04 15:01:43 -0400
committerEric Paris <eparis@redhat.com>2012-04-09 12:23:03 -0400
commit07f62eb66c6626aa5653a0fcb34c9c040d0bd032 (patch)
treea928c034e2f08ef3f7fd6af450d75f3d52a261db /security
parentb466066f9b648ccb6aa1e174f0389b7433e460fd (diff)
downloadlinux-07f62eb66c6626aa5653a0fcb34c9c040d0bd032.tar.bz2
LSM: BUILD_BUG_ON if the common_audit_data union ever grows
We did a lot of work to shrink the common_audit_data. Add a BUILD_BUG_ON so future programers (let's be honest, probably me) won't do something foolish like make it large again! Signed-off-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'security')
-rw-r--r--security/lsm_audit.c7
1 files changed, 7 insertions, 0 deletions
diff --git a/security/lsm_audit.c b/security/lsm_audit.c
index e796d2517653..8d8d97dbb389 100644
--- a/security/lsm_audit.c
+++ b/security/lsm_audit.c
@@ -213,6 +213,13 @@ static void dump_common_audit_data(struct audit_buffer *ab,
{
struct task_struct *tsk = current;
+ /*
+ * To keep stack sizes in check force programers to notice if they
+ * start making this union too large! See struct lsm_network_audit
+ * as an example of how to deal with large data.
+ */
+ BUILD_BUG_ON(sizeof(a->u) > sizeof(void *)*2);
+
audit_log_format(ab, " pid=%d comm=", tsk->pid);
audit_log_untrustedstring(ab, tsk->comm);