From mboxrd@z Thu Jan  1 00:00:00 1970
From: sds@tycho.nsa.gov (Stephen Smalley)
Date: Wed, 17 May 2017 11:38:11 -0400
Subject: [PATCH v5 1/2] selinux: add brief info to policydb
In-Reply-To: <CAPkE-bWykonYBssXGphktM7jANY_nbtQi7EVc4uLwjm-fdM8Kg@mail.gmail.com>
References: <1494928281-11128-1-git-send-email-sbuisson@ddn.com>
	<1494967240.21557.18.camel@tycho.nsa.gov>
	<CAPkE-bWykonYBssXGphktM7jANY_nbtQi7EVc4uLwjm-fdM8Kg@mail.gmail.com>
Message-ID: <1495035491.32535.6.camel@tycho.nsa.gov>
To: linux-security-module@vger.kernel.org
List-Id: linux-security-module.vger.kernel.org

On Wed, 2017-05-17 at 16:59 +0200, Sebastien Buisson wrote:
> 2017-05-16 22:40 GMT+02:00 Stephen Smalley <sds@tycho.nsa.gov>:
> > > +?????strcpy(*brief, policydb.policybrief);
> > > +?????/* *len is the length of the output string */
> > > +?????*len = policybrief_len - 1;
> > 
> > Is there a particular reason to not just return policybrief_len
> > here as
> > well, for consistency in the interface???How do you intend to use
> > this
> > value in the caller?
> 
> As called in the other patch to expose policy brief via selinuxfs
> (sel_read_policybrief), the intent is to provide the caller with the
> length of the string returned.
> Or should I set *len to policy brief_len here, and just make the
> caller aware that the returned length is in fact the length of the
> buffer (i.e. including terminating NUL byte)?

Looking at the caller usage in the other patch, I guess it makes sense
in its current form.


--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html