From: Steve Grubb <sgrubb@redhat.com>
To: Paul Moore <paul@paul-moore.com>, Richard Guy Briggs <rgb@redhat.com>
Cc: Jan Kara <jack@suse.cz>, Amir Goldstein <amir73il@gmail.com>,
LKML <linux-kernel@vger.kernel.org>,
Linux-Audit Mailing List <linux-audit@redhat.com>,
linux-fsdevel@vger.kernel.org, Eric Paris <eparis@parisplace.org>
Subject: Re: [PATCH v4 3/4] fanotify, audit: Allow audit to use the full permission event response
Date: Wed, 31 Aug 2022 17:25:15 -0400 [thread overview]
Message-ID: <12063373.O9o76ZdvQC@x2> (raw)
In-Reply-To: <Yw/NjYytoMUdbxuR@madcap2.tricolour.ca>
On Wednesday, August 31, 2022 5:07:25 PM EDT Richard Guy Briggs wrote:
> > > diff --git a/kernel/auditsc.c b/kernel/auditsc.c
> > > index 433418d73584..f000fec52360 100644
> > > --- a/kernel/auditsc.c
> > > +++ b/kernel/auditsc.c
> > > @@ -64,6 +64,7 @@
> > > #include <uapi/linux/limits.h>
> > > #include <uapi/linux/netfilter/nf_tables.h>
> > > #include <uapi/linux/openat2.h> // struct open_how
> > > +#include <uapi/linux/fanotify.h>
> > >
> > > #include "audit.h"
> > >
> > > @@ -2899,10 +2900,34 @@ void __audit_log_kern_module(char *name)
> > > context->type = AUDIT_KERN_MODULE;
> > > }
> > >
> > > -void __audit_fanotify(u32 response)
> > > +void __audit_fanotify(u32 response, size_t len, char *buf)
> > > {
> > > - audit_log(audit_context(), GFP_KERNEL,
> > > - AUDIT_FANOTIFY, "resp=%u", response);
> > > + struct fanotify_response_info_audit_rule *friar;
> > > + size_t c = len;
> > > + char *ib = buf;
> > > +
> > > + if (!(len && buf)) {
> > > + audit_log(audit_context(), GFP_KERNEL, AUDIT_FANOTIFY,
> > > + "resp=%u fan_type=0 fan_info=?", response);
> > > + return;
> > > + }
> > > + while (c >= sizeof(struct fanotify_response_info_header)) {
> > > + friar = (struct fanotify_response_info_audit_rule
> > > *)buf;
> >
> > Since the only use of this at the moment is the
> > fanotify_response_info_rule, why not pass the
> > fanotify_response_info_rule struct directly into this function? We
> > can always change it if we need to in the future without affecting
> > userspace, and it would simplify the code.
>
> Steve, would it make any sense for there to be more than one
> FAN_RESPONSE_INFO_AUDIT_RULE header in a message? Could there be more
> than one rule that contributes to a notify reason? If not, would it be
> reasonable to return -EINVAL if there is more than one?
I don't see a reason for sending more than one header. What is more probable
is the need to send additional data in that header. I was thinking of maybe
bit mapping it in the rule number. But I'd suggest padding the struct just in
case it needs expanding some day.
-Steev
--
Linux-audit mailing list
Linux-audit@redhat.com
https://listman.redhat.com/mailman/listinfo/linux-audit
WARNING: multiple messages have this Message-ID (diff)
From: Steve Grubb <sgrubb@redhat.com>
To: Paul Moore <paul@paul-moore.com>, Richard Guy Briggs <rgb@redhat.com>
Cc: Linux-Audit Mailing List <linux-audit@redhat.com>,
LKML <linux-kernel@vger.kernel.org>,
linux-fsdevel@vger.kernel.org, Eric Paris <eparis@parisplace.org>,
Jan Kara <jack@suse.cz>, Amir Goldstein <amir73il@gmail.com>
Subject: Re: [PATCH v4 3/4] fanotify,audit: Allow audit to use the full permission event response
Date: Wed, 31 Aug 2022 17:25:15 -0400 [thread overview]
Message-ID: <12063373.O9o76ZdvQC@x2> (raw)
In-Reply-To: <Yw/NjYytoMUdbxuR@madcap2.tricolour.ca>
On Wednesday, August 31, 2022 5:07:25 PM EDT Richard Guy Briggs wrote:
> > > diff --git a/kernel/auditsc.c b/kernel/auditsc.c
> > > index 433418d73584..f000fec52360 100644
> > > --- a/kernel/auditsc.c
> > > +++ b/kernel/auditsc.c
> > > @@ -64,6 +64,7 @@
> > > #include <uapi/linux/limits.h>
> > > #include <uapi/linux/netfilter/nf_tables.h>
> > > #include <uapi/linux/openat2.h> // struct open_how
> > > +#include <uapi/linux/fanotify.h>
> > >
> > > #include "audit.h"
> > >
> > > @@ -2899,10 +2900,34 @@ void __audit_log_kern_module(char *name)
> > > context->type = AUDIT_KERN_MODULE;
> > > }
> > >
> > > -void __audit_fanotify(u32 response)
> > > +void __audit_fanotify(u32 response, size_t len, char *buf)
> > > {
> > > - audit_log(audit_context(), GFP_KERNEL,
> > > - AUDIT_FANOTIFY, "resp=%u", response);
> > > + struct fanotify_response_info_audit_rule *friar;
> > > + size_t c = len;
> > > + char *ib = buf;
> > > +
> > > + if (!(len && buf)) {
> > > + audit_log(audit_context(), GFP_KERNEL, AUDIT_FANOTIFY,
> > > + "resp=%u fan_type=0 fan_info=?", response);
> > > + return;
> > > + }
> > > + while (c >= sizeof(struct fanotify_response_info_header)) {
> > > + friar = (struct fanotify_response_info_audit_rule
> > > *)buf;
> >
> > Since the only use of this at the moment is the
> > fanotify_response_info_rule, why not pass the
> > fanotify_response_info_rule struct directly into this function? We
> > can always change it if we need to in the future without affecting
> > userspace, and it would simplify the code.
>
> Steve, would it make any sense for there to be more than one
> FAN_RESPONSE_INFO_AUDIT_RULE header in a message? Could there be more
> than one rule that contributes to a notify reason? If not, would it be
> reasonable to return -EINVAL if there is more than one?
I don't see a reason for sending more than one header. What is more probable
is the need to send additional data in that header. I was thinking of maybe
bit mapping it in the rule number. But I'd suggest padding the struct just in
case it needs expanding some day.
-Steev
next prev parent reply other threads:[~2022-08-31 22:14 UTC|newest]
Thread overview: 91+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-08-09 17:22 [PATCH v4 0/4] fanotify: Allow user space to pass back additional audit info Richard Guy Briggs
2022-08-09 17:22 ` Richard Guy Briggs
2022-08-09 17:22 ` [PATCH v4 1/4] fanotify: Ensure consistent variable type for response Richard Guy Briggs
2022-08-09 17:22 ` Richard Guy Briggs
2022-08-09 17:22 ` [PATCH v4 2/4] fanotify: define struct members to hold response decision context Richard Guy Briggs
2022-08-09 17:22 ` Richard Guy Briggs
2022-08-10 6:22 ` Amir Goldstein
2022-08-10 6:22 ` Amir Goldstein
2022-08-19 11:24 ` Jan Kara
2022-08-19 11:24 ` Jan Kara
2022-08-10 14:28 ` kernel test robot
2022-08-10 14:28 ` kernel test robot
2022-08-19 16:25 ` Richard Guy Briggs
2022-08-19 16:25 ` Richard Guy Briggs
2022-08-19 16:25 ` Richard Guy Briggs
2022-08-19 17:17 ` Nick Desaulniers
2022-08-19 17:17 ` Nick Desaulniers
2022-08-19 17:17 ` Nick Desaulniers
2022-08-19 21:45 ` Richard Guy Briggs
2022-08-19 21:45 ` Richard Guy Briggs
2022-08-19 21:45 ` Richard Guy Briggs
2022-08-12 0:23 ` Matthew Bobrowski
2022-08-12 0:23 ` Matthew Bobrowski
2022-08-19 11:16 ` Jan Kara
2022-08-19 11:16 ` Jan Kara
2022-08-19 11:13 ` Jan Kara
2022-08-19 11:13 ` Jan Kara
2022-08-09 17:22 ` [PATCH v4 3/4] fanotify, audit: Allow audit to use the full permission event response Richard Guy Briggs
2022-08-09 17:22 ` [PATCH v4 3/4] fanotify,audit: " Richard Guy Briggs
2022-08-10 20:32 ` kernel test robot
2022-08-10 20:32 ` kernel test robot
2022-08-16 0:22 ` Paul Moore
2022-08-16 0:22 ` Paul Moore
2022-08-31 21:07 ` Richard Guy Briggs
2022-08-31 21:07 ` Richard Guy Briggs
2022-08-31 21:25 ` Steve Grubb [this message]
2022-08-31 21:25 ` Steve Grubb
2022-08-31 22:19 ` Richard Guy Briggs
2022-08-31 22:19 ` Richard Guy Briggs
2022-08-31 23:55 ` [PATCH v4 3/4] fanotify, audit: " Steve Grubb
2022-08-31 23:55 ` [PATCH v4 3/4] fanotify,audit: " Steve Grubb
2022-09-01 1:47 ` Paul Moore
2022-09-01 1:47 ` Paul Moore
2022-09-01 7:51 ` Jan Kara
2022-09-01 7:51 ` Jan Kara
2022-09-01 18:31 ` Paul Moore
2022-09-01 18:31 ` Paul Moore
2022-09-07 18:43 ` Richard Guy Briggs
2022-09-07 18:43 ` Richard Guy Briggs
2022-09-07 20:11 ` [PATCH v4 3/4] fanotify, audit: " Steve Grubb
2022-09-07 20:11 ` [PATCH v4 3/4] fanotify,audit: " Steve Grubb
2022-09-07 20:23 ` Paul Moore
2022-09-07 20:23 ` Paul Moore
2022-09-08 21:14 ` [PATCH v4 3/4] fanotify, audit: " Steve Grubb
2022-09-08 21:14 ` [PATCH v4 3/4] fanotify,audit: " Steve Grubb
2022-09-08 21:22 ` Paul Moore
2022-09-08 21:22 ` Paul Moore
2022-09-09 2:20 ` [PATCH v4 3/4] fanotify, audit: " Steve Grubb
2022-09-09 2:20 ` [PATCH v4 3/4] fanotify,audit: " Steve Grubb
2022-09-09 2:41 ` Richard Guy Briggs
2022-09-09 2:41 ` Richard Guy Briggs
2022-09-09 3:25 ` Paul Moore
2022-09-09 3:25 ` Paul Moore
2022-09-09 4:03 ` [PATCH v4 3/4] fanotify, audit: " Steve Grubb
2022-09-09 4:03 ` [PATCH v4 3/4] fanotify,audit: " Steve Grubb
2022-09-09 11:09 ` Jan Kara
2022-09-09 11:09 ` Jan Kara
2022-09-09 14:22 ` [PATCH v4 3/4] fanotify, audit: " Steve Grubb
2022-09-09 14:22 ` [PATCH v4 3/4] fanotify,audit: " Steve Grubb
2022-09-09 14:38 ` Richard Guy Briggs
2022-09-09 14:38 ` Richard Guy Briggs
2022-09-09 14:55 ` [PATCH v4 3/4] fanotify, audit: " Steve Grubb
2022-09-09 14:55 ` [PATCH v4 3/4] fanotify,audit: " Steve Grubb
2022-09-09 18:50 ` Richard Guy Briggs
2022-09-09 18:50 ` Richard Guy Briggs
2022-08-09 17:22 ` [PATCH v4 4/4] fanotify, audit: deliver fan_info as a hex-encoded string Richard Guy Briggs
2022-08-09 17:22 ` [PATCH v4 4/4] fanotify,audit: " Richard Guy Briggs
2022-08-10 19:15 ` [PATCH v4 4/4] fanotify, audit: " Steve Grubb
2022-08-10 19:15 ` [PATCH v4 4/4] fanotify,audit: " Steve Grubb
2022-08-11 2:23 ` [PATCH v4 4/4] fanotify, audit: " Richard Guy Briggs
2022-08-11 2:23 ` [PATCH v4 4/4] fanotify,audit: " Richard Guy Briggs
2022-08-15 21:15 ` [PATCH v4 4/4] fanotify, audit: " Steve Grubb
2022-08-15 21:15 ` [PATCH v4 4/4] fanotify,audit: " Steve Grubb
2022-08-16 0:31 ` [PATCH v4 4/4] fanotify, audit: " Paul Moore
2022-08-16 0:31 ` [PATCH v4 4/4] fanotify,audit: " Paul Moore
2022-08-16 13:37 ` [PATCH v4 4/4] fanotify, audit: " Steve Grubb
2022-08-16 13:37 ` [PATCH v4 4/4] fanotify,audit: " Steve Grubb
2022-08-19 21:42 ` [PATCH v4 4/4] fanotify, audit: " Richard Guy Briggs
2022-08-19 21:42 ` [PATCH v4 4/4] fanotify,audit: " Richard Guy Briggs
2022-08-10 5:21 ` [PATCH v4 0/4] fanotify: Allow user space to pass back additional audit info Amir Goldstein
2022-08-10 5:21 ` Amir Goldstein
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=12063373.O9o76ZdvQC@x2 \
--to=sgrubb@redhat.com \
--cc=amir73il@gmail.com \
--cc=eparis@parisplace.org \
--cc=jack@suse.cz \
--cc=linux-audit@redhat.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=paul@paul-moore.com \
--cc=rgb@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.