From: "Timothy R. Chavez" <tinytim@us.ibm.com>
To: James Morris <jmorris@redhat.com>
Cc: selinux@tycho.nsa.gov,
Linux Audit Discussion <linux-audit@redhat.com>,
James Morris <jmorris@namei.org>,
Stephen Smalley <sds@tycho.nsa.gov>
Subject: Re: [RFC][PATCH] collect security labels on user processes generating audit messages
Date: Thu, 09 Feb 2006 10:13:56 -0600 [thread overview]
Message-ID: <1139501636.10222.11.camel@localhost> (raw)
In-Reply-To: <Pine.LNX.4.44.0602090950470.21925-100000@redline.boston.redhat.com>
Hi James,
Thank you for the response (and putting Stephen on the CC list,
evolution flubbered my original CC list, hrm). My response below.
On Thu, 2006-02-09 at 09:58 -0500, James Morris wrote:
> On Wed, 8 Feb 2006, Timothy R. Chavez wrote:
>
> > 1) A new SELinux interface was introduced to give other parts of the
> > kernel the ability to resolve 'sids' into security labels.
>
> Please look at the way I intend to export SELinux APIs in:
> http://people.redhat.com/jmorris/selinux/skfilter/kernel/12-skfilter-selinux-exports.patch
This looks good. Do you have a schedule for releasing this? I could
probably wait until it becomes available in -mm before changing out the
API plumbing.
>
> > +++ b/include/linux/netlink.h
> > @@ -143,6 +143,7 @@ struct netlink_skb_parms
> > __u32 dst_group;
> > kernel_cap_t eff_cap;
> > __u32 loginuid; /* Login (audit) uid */
> > + __u32 secid; /* SELinux security id */
> > };
>
> You also need to verify the policy serial number.
Ah, thanks.
>
> I wonder if it might be better to use the security context directly.
>
I think it'd be the simplest solution, but I was a bit weary about
adding a string param... I thought using an integer might be the path of
least resistance :)
>
> > @@ -460,11 +464,26 @@ static int audit_receive_msg(struct sk_b
> > err = 0;
> > ab = audit_log_start(NULL, GFP_KERNEL, msg_type);
> > if (ab) {
> > + len = selinux_sid_to_context(sid, NULL, 0);
>
> This is embedding SELinux specific code into the audit code. I think you
> need to add some audit/SELinux glue code which disappears if SELinux is
> not enabled.
>
> > + NETLINK_CB(skb).secid = security_task_getsid(current);
>
> security_task_getsid() doesn't exist.
>
> You created security_task_getsecurity(), which retrieves the security
> context.
>
>
>
> - James
Actually, security_task_getsid() does exist (or did exist last time I
updated the viro/audit-2.6 git tree).
http://www.promethos.org/lxr/http/ident?i=security_task_getsid
Thanks again for the feedback James.
-tim
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2006-02-09 16:13 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-02-09 1:32 [RFC][PATCH] collect security labels on user processes generating audit messages Timothy R. Chavez
2006-02-09 14:58 ` James Morris
2006-02-09 15:10 ` Darrel Goeddel
2006-02-09 15:15 ` James Morris
2006-02-09 17:43 ` Stephen Smalley
2006-02-09 16:13 ` Timothy R. Chavez [this message]
2006-02-09 17:03 ` James Morris
2006-02-09 17:39 ` Timothy R. Chavez
2006-02-09 17:29 ` Stephen Smalley
2006-02-09 18:13 ` Stephen Smalley
2006-02-10 0:14 ` Timothy R. Chavez
2006-02-10 4:00 ` James Morris
2006-02-13 19:12 ` Stephen Smalley
2006-02-14 23:48 ` Timothy R. Chavez
2006-02-15 13:47 ` Stephen Smalley
2006-02-15 15:49 ` Timothy R. Chavez
2006-02-15 16:14 ` Linda Knippers
2006-02-15 16:22 ` Steve Grubb
2006-02-15 16:37 ` Stephen Smalley
2006-02-15 16:41 ` Steve Grubb
2006-02-15 16:58 ` Timothy R. Chavez
2006-02-15 18:33 ` Timothy R. Chavez
2006-02-15 17:17 ` Linda Knippers
2006-02-15 18:14 ` Steve Grubb
2006-02-15 18:20 ` Steve Grubb
2006-02-16 14:56 ` Steve Grubb
2006-02-16 15:29 ` Stephen Smalley
2006-02-16 15:35 ` Steve Grubb
2006-02-16 16:27 ` Timothy R. Chavez
2006-02-16 19:03 ` Lamont R. Peterson
2006-02-16 20:44 ` Timothy R. Chavez
2006-02-15 16:17 ` Stephen Smalley
2006-02-15 16:41 ` Timothy R. Chavez
2006-02-15 16:38 ` Stephen Smalley
2006-02-15 21:05 ` Darrel Goeddel
2006-02-17 20:58 ` Timothy R. Chavez
2006-02-22 14:21 ` Stephen Smalley
2006-02-22 17:14 ` Timothy R. Chavez
2006-02-22 14:26 ` Stephen Smalley
2006-02-22 17:13 ` Timothy R. Chavez
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1139501636.10222.11.camel@localhost \
--to=tinytim@us.ibm.com \
--cc=jmorris@namei.org \
--cc=jmorris@redhat.com \
--cc=linux-audit@redhat.com \
--cc=sds@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.