From: Kees Cook <keescook@chromium.org>
To: "Jérémie Galarneau" <jeremie.galarneau@efficios.com>
Cc: s.mesoraca16@gmail.com, viro@zeniv.linux.org.uk,
dan.carpenter@oracle.com, akpm@linux-foundation.org,
Mathieu Desnoyers <mathieu.desnoyers@efficios.com>,
lkml <linux-kernel@vger.kernel.org>,
torvalds@linux-foundation.org, solar@openwall.com
Subject: Re: Unmerged patches adding audit when protected_regular/fifos sysctl causes EACCES
Date: Wed, 25 Sep 2019 13:12:37 -0700 [thread overview]
Message-ID: <201909251307.B970AF1E7@keescook> (raw)
In-Reply-To: <CA+jJMxvkqjXHy3DnV5MVhFTL2RUhg0WQ-XVFW3ngDQOdkFq0PA@mail.gmail.com>
On Wed, Sep 25, 2019 at 02:58:28PM -0400, Jérémie Galarneau wrote:
> Hi Kees,
>
> I have noticed that the two top-most patches of your protected-creat
> branch were never merged upstream [1]. Those patches add audit logs
> whenever the protected_regular or protected_fifo sysctl prevent the
> creation of a file/fifo.
>
> They were mentioned in the v4 thread [2] of the "main" patch and
> seemed acceptable, but they were no longer mentioned in v5 [3], which
> was merged.
>
> Now that systemd enables those sysctls by default (v241+), I got
> bitten pretty hard by this check and it took me a while to figure out
> what was happening [4]. I ended up catching it by adding a bunch of
> printk(), including where you proposed to add an audit log statement.
>
> I just found your two patches while implementing what you proposed almost 1:1.
>
> Was there a reason why those were abandoned? Otherwise, would you mind
> resubmitting them?
Hi!
There was concern about getting buy-in from the audit folks delaying
things even more. Instead of waiting for that, as it had already taken
a long time to get consensus even on the functionality, they were
dropped.
I'll rebase them and send them out again; thanks for the ping!
-Kees
>
> Thanks!
> Jérémie
>
> [1] https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git/log/?h=kspp/userspace/protected-creat
> [2] https://lkml.org/lkml/2018/4/10/840
> [3] https://lore.kernel.org/lkml/20180416175918.GA13494@beast/
> [4] https://github.com/lttng/lttng-tools/commit/cf86ff2c4ababd01fea7ab2c9c289cb7c0a1bcd5
>
> --
> Jérémie Galarneau
> EfficiOS Inc.
> http://www.efficios.com
--
Kees Cook
next prev parent reply other threads:[~2019-09-25 20:12 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-09-25 18:58 Unmerged patches adding audit when protected_regular/fifos sysctl causes EACCES Jérémie Galarneau
2019-09-25 20:12 ` Kees Cook [this message]
2019-09-25 20:23 ` Mathieu Desnoyers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201909251307.B970AF1E7@keescook \
--to=keescook@chromium.org \
--cc=akpm@linux-foundation.org \
--cc=dan.carpenter@oracle.com \
--cc=jeremie.galarneau@efficios.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mathieu.desnoyers@efficios.com \
--cc=s.mesoraca16@gmail.com \
--cc=solar@openwall.com \
--cc=torvalds@linux-foundation.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.