Re: [2.6 patch] selinux: possible cleanups

From: Stephen Smalley
Date: Wed Dec 08 2004 - 14:09:58 EST

On Fri, 2004-12-03 at 10:54, Stephen Smalley wrote:
> - Shouldn't the AVC_CALLBACK_* definitions other than RESET be removed
> since you are removing the other avc_ss interfaces?

Actually, we'd have to keep at least the GRANT definition as well, since
that is used from avc_has_perm_noaudit() for the permissive mode case,
and I suppose we might as well leave the others alone and not disturb
the avc_update_node() code. So the only changes I'd suggest are
removing the security_member_sid diffs (as it is now used) and including
your follow-up diff for making avtab_insert static.

Stephen Smalley <sds@xxxxxxxxxxxxxx>
National Security Agency

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at