From: Matt Helsley <matthltc@us.ibm.com>
To: Alexander Viro <aviro@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>,
Shailabh Nagar <nagar@watson.ibm.com>,
Chandra S Seetharaman <sekharan@us.ibm.com>,
John T Kohl <jtk@us.ibm.com>, Balbir Singh <balbir@in.ibm.com>,
Jes Sorensen <jes@sgi.com>,
Linux-Kernel <linux-kernel@vger.kernel.org>,
linux-audit@redhat.com, Alan Stern <stern@rowland.harvard.edu>,
LSE-Tech <lse-tech@lists.sourceforge.net>,
David Woodhouse <dwmw2@infradead.org>
Subject: Re: [PATCH 06/11] Task watchers: Register audit task watcher
Date: Wed, 14 Jun 2006 16:28:25 -0700 [thread overview]
Message-ID: <1150327705.21787.330.camel@stark> (raw)
In-Reply-To: <20060614144625.GB18305@devserv.devel.redhat.com>
On Wed, 2006-06-14 at 10:46 -0400, Alexander Viro wrote:
> On Tue, Jun 13, 2006 at 04:54:46PM -0700, Matt Helsley wrote:
> > Adapt audit to use task watchers.
>
> audit_free(p) really expects that either p is a stillborn (never ran)
> *or* that p == current.
Makes sense. I think the task watcher patches are consistent with this.
I think the first patch of this series helps explain how this patch
remains consistent with the above. I should have cc'd linux-audit when
posting that patch -- here's a link for now:
http://www.ussg.iu.edu/hypermail/linux/kernel/0606.1/1800.html
In copy_process() and do_exit() notify_watchers() passes the same
pointers as audit_alloc() and audit_free() used before. The patches also
do not introduce or remove calls to audit_alloc() or audit_free(). The
patches trigger these calls with notify_watchers() while passing
WATCH_TASK_INIT and WATCH_TASK_FREE for audit_alloc() and audit_free()
respectively. WATCH_TASK_INIT (and hence audit_alloc()) only happens in
copy_process(). WATCH_TASK_FREE (and hence audit_free()) happens in
copy_process()'s error recovery path and in do_exit().
This results in the same calls to audit_alloc() and audit_free() except
with an additional function call preceding them on the stack.
Are you concerned that future modifications of task watchers would pass
in task structs that violate these expectations? I can alter the patches
to incorporate these restrictions:
copy_process()
{
...
notify_watchers(WATCH_TASK_INIT, p);
...
if (<succeeding>)
notify_watchers(WATCH_TASK_CLONE, p);
...
bad_foo:
...
- notify_watchers(WATCH_TASK_FREE, p);
+ notify_watchers(WATCH_TASK_ABORT, p);
...
}
<change all other notify_watchers() invocations to pass NULL as
the second parameter, e.g.>
do_exit()
{
...
notify_watchers(WATCH_TSK_FREE, NULL); /* callees must use current */
}
However this requires that I modify each user of task watchers with
something like:
int foo (struct notifier_block *nb, unsigned long val, void *v)
{
- struct task_struct *tsk = v;
+ struct task_struct *tsk = current;
...
switch(get_watch_event(val)) {
case WATCH_TASK_INIT:
+ tsk = v; /* INIT and ABORT use v, the rest use current */
...
+ case WATCH_TASK_ABORT:
+ tsk = v; /* fall through */
case WATCH_TASK_FREE:
...
}
...
}
Which seems a bit more complicated. Is this worth it?
Cheers,
-Matt Helsley
WARNING: multiple messages have this Message-ID (diff)
From: Matt Helsley <matthltc@us.ibm.com>
To: Alexander Viro <aviro@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>,
Shailabh Nagar <nagar@watson.ibm.com>,
Chandra S Seetharaman <sekharan@us.ibm.com>,
John T Kohl <jtk@us.ibm.com>, Balbir Singh <balbir@in.ibm.com>,
Jes Sorensen <jes@sgi.com>,
Linux-Kernel <linux-kernel@vger.kernel.org>,
linux-audit@redhat.com, Alan Stern <stern@rowland.harvard.edu>,
LSE-Tech <lse-tech@lists.sourceforge.net>,
David Woodhouse <dwmw2@infradead.org>
Subject: Re: [PATCH 06/11] Task watchers: Register audit task watcher
Date: Wed, 14 Jun 2006 16:28:25 -0700 [thread overview]
Message-ID: <1150327705.21787.330.camel@stark> (raw)
In-Reply-To: <20060614144625.GB18305@devserv.devel.redhat.com>
On Wed, 2006-06-14 at 10:46 -0400, Alexander Viro wrote:
> On Tue, Jun 13, 2006 at 04:54:46PM -0700, Matt Helsley wrote:
> > Adapt audit to use task watchers.
>
> audit_free(p) really expects that either p is a stillborn (never ran)
> *or* that p == current.
Makes sense. I think the task watcher patches are consistent with this.
I think the first patch of this series helps explain how this patch
remains consistent with the above. I should have cc'd linux-audit when
posting that patch -- here's a link for now:
http://www.ussg.iu.edu/hypermail/linux/kernel/0606.1/1800.html
In copy_process() and do_exit() notify_watchers() passes the same
pointers as audit_alloc() and audit_free() used before. The patches also
do not introduce or remove calls to audit_alloc() or audit_free(). The
patches trigger these calls with notify_watchers() while passing
WATCH_TASK_INIT and WATCH_TASK_FREE for audit_alloc() and audit_free()
respectively. WATCH_TASK_INIT (and hence audit_alloc()) only happens in
copy_process(). WATCH_TASK_FREE (and hence audit_free()) happens in
copy_process()'s error recovery path and in do_exit().
This results in the same calls to audit_alloc() and audit_free() except
with an additional function call preceding them on the stack.
Are you concerned that future modifications of task watchers would pass
in task structs that violate these expectations? I can alter the patches
to incorporate these restrictions:
copy_process()
{
...
notify_watchers(WATCH_TASK_INIT, p);
...
if (<succeeding>)
notify_watchers(WATCH_TASK_CLONE, p);
...
bad_foo:
...
- notify_watchers(WATCH_TASK_FREE, p);
+ notify_watchers(WATCH_TASK_ABORT, p);
...
}
<change all other notify_watchers() invocations to pass NULL as
the second parameter, e.g.>
do_exit()
{
...
notify_watchers(WATCH_TSK_FREE, NULL); /* callees must use current */
}
However this requires that I modify each user of task watchers with
something like:
int foo (struct notifier_block *nb, unsigned long val, void *v)
{
- struct task_struct *tsk = v;
+ struct task_struct *tsk = current;
...
switch(get_watch_event(val)) {
case WATCH_TASK_INIT:
+ tsk = v; /* INIT and ABORT use v, the rest use current */
...
+ case WATCH_TASK_ABORT:
+ tsk = v; /* fall through */
case WATCH_TASK_FREE:
...
}
...
}
Which seems a bit more complicated. Is this worth it?
Cheers,
-Matt Helsley
next prev parent reply other threads:[~2006-06-14 23:28 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20060613235122.130021000@localhost.localdomain>
2006-06-13 23:53 ` [PATCH 01/11] Task watchers: Task Watchers Matt Helsley
2006-06-14 0:19 ` Chase Venters
2006-06-14 0:55 ` Matt Helsley
2006-06-13 23:54 ` [PATCH 02/11] Task watchers: Register process events task watcher Matt Helsley
2006-06-14 0:39 ` Chase Venters
2006-06-14 0:52 ` Matt Helsley
2006-06-13 23:54 ` [PATCH 03/11] Task watchers: Refactor process events Matt Helsley
2006-06-14 0:43 ` Chase Venters
2006-06-14 1:11 ` Matt Helsley
2006-06-14 8:09 ` Chase Venters
2006-06-13 23:54 ` [PATCH 04/11] Task watchers: Make process events configurable as a module Matt Helsley
2006-06-14 0:54 ` Chase Venters
2006-06-14 1:18 ` [Lse-tech] " Matt Helsley
2006-06-13 23:54 ` [PATCH 05/11] Task watchers: Allow task watchers to block Matt Helsley
2006-06-13 23:54 ` [PATCH 06/11] Task watchers: Register audit task watcher Matt Helsley
2006-06-13 23:54 ` Matt Helsley
2006-06-14 14:46 ` Alexander Viro
2006-06-14 14:46 ` Alexander Viro
2006-06-14 23:28 ` Matt Helsley [this message]
2006-06-14 23:28 ` Matt Helsley
2006-06-13 23:54 ` [PATCH 07/11] Task watchers: Register per-task delay accounting " Matt Helsley
2006-06-14 3:31 ` Shailabh Nagar
2006-06-14 22:52 ` Matt Helsley
2006-06-13 23:54 ` [PATCH 08/11] Task watchers: Register profile as a " Matt Helsley
2006-06-14 0:59 ` Chase Venters
2006-06-14 1:16 ` [Lse-tech] " Matt Helsley
2006-06-13 23:55 ` [PATCH 09/11] Task watchers: Add support for per-task watchers Matt Helsley
2006-06-20 5:28 ` Peter Williams
2006-06-20 22:56 ` [Lse-tech] " Matt Helsley
2006-06-20 23:15 ` Andrew Morton
2006-06-20 23:23 ` Peter Williams
2006-06-21 1:20 ` Matt Helsley
2006-06-21 1:46 ` Andrew Morton
2006-06-21 1:55 ` Peter Williams
2006-06-21 13:01 ` Peter Williams
2006-06-21 13:23 ` Peter Williams
2006-06-21 2:28 ` Matt Helsley
2006-06-20 23:21 ` Peter Williams
2006-06-13 23:55 ` [PATCH 10/11] Task watchers: Register semundo task watcher Matt Helsley
2006-06-13 23:55 ` [PATCH 11/11] Task watchers: Register per-task semundo watcher Matt Helsley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1150327705.21787.330.camel@stark \
--to=matthltc@us.ibm.com \
--cc=akpm@osdl.org \
--cc=aviro@redhat.com \
--cc=balbir@in.ibm.com \
--cc=dwmw2@infradead.org \
--cc=jes@sgi.com \
--cc=jtk@us.ibm.com \
--cc=linux-audit@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=lse-tech@lists.sourceforge.net \
--cc=nagar@watson.ibm.com \
--cc=sekharan@us.ibm.com \
--cc=stern@rowland.harvard.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.