From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 5E126C25B0C for ; Wed, 10 Aug 2022 03:36:10 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1660102569; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=hY67SNP+miLMQJWKSTvHgmoYqP9C5eXyyfb6NcnZKtQ=; b=e6NukWiVGGUhDwU78AiqZE7X1xCqc2gUNhCoa8eLjW8oh9ssd7zSR+E/6+dLbzoAo9HfVV b3mNkJ94NC4HnV47o0OVtIwd9eiFR7VqBGY6uzPe3qMl0TqB/8Tvt7Mp1ULnHRE/656SYn sy7HazQLcz00GUbi6BjYwcvNPEoCD7U= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-325-L-vHU3MeM7Cuc7OjJt13nw-1; Tue, 09 Aug 2022 23:36:06 -0400 X-MC-Unique: L-vHU3MeM7Cuc7OjJt13nw-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id EF7E9858EEE; Wed, 10 Aug 2022 03:36:03 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id DBBBE2166B29; Wed, 10 Aug 2022 03:36:03 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 0D8FF194F843; Wed, 10 Aug 2022 03:36:03 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 4D7321946A41 for ; Tue, 9 Aug 2022 15:58:17 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id D6F171121319; Tue, 9 Aug 2022 15:58:16 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast09.extmail.prod.ext.rdu2.redhat.com [10.11.55.25]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D2B601121315 for ; Tue, 9 Aug 2022 15:58:16 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id AF77129AA2EE for ; Tue, 9 Aug 2022 15:58:16 +0000 (UTC) Received: from mail-oi1-f170.google.com (mail-oi1-f170.google.com [209.85.167.170]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-630-jIRpVePuMiG-qqtl64sPnw-1; Tue, 09 Aug 2022 11:58:09 -0400 X-MC-Unique: jIRpVePuMiG-qqtl64sPnw-1 Received: by mail-oi1-f170.google.com with SMTP id u9so14296689oiv.12 for ; Tue, 09 Aug 2022 08:58:09 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=HUXaYVwE6orHodeBsCAxKkSFqqLupHxNZ2roYGcQJ3U=; b=7DUQJu6kCVAIJt+llzVYj4hlpFHyBhRi1+3dwbzMShWj2snD3887CUi4F1yjdZAqPi ZqKjxjPFxZQMfyr5dObzkRElpiqq9j0A7IcNLEXIrN5zovZJ95jvKd+48ZIf9i2PcPV0 RWGZapSEowCSxkjzw+tQpyITG74IUk06CUCWpxvGM4hB7f/v1ChYOptG/cn8TcEd+gea z7HWnzLuco+pcZjQxq3rggvXFD1RcJKf8M6YHeTLPH1eR2m2lgL/YKPrUqXrHHc7Q1yG gZorzSkTk4bihxRjZwd1+MhoxjCfiNRBUKATUcn3iSFAo57nMvudh1xI9vUGzZKBgIBF vvuQ== X-Gm-Message-State: ACgBeo1YvX9ZTEii2EFxhE4E+dIeN1IWSOHEqbayzIF3ueiCPPxzl/YS ak19ChkdrrAWsWR5oF+38zgM2Q== X-Google-Smtp-Source: AA6agR5yALJSQiqpyuDxfVXadUjpSlKzadaxwr3uRwJCazGWMfl76Mg96IgJ2CaNNqe5ceJ+1WIb5A== X-Received: by 2002:a05:6808:1889:b0:33b:2f70:cca0 with SMTP id bi9-20020a056808188900b0033b2f70cca0mr10801550oib.253.1660060688904; Tue, 09 Aug 2022 08:58:08 -0700 (PDT) Received: from sequoia (162-237-133-238.lightspeed.rcsntx.sbcglobal.net. [162.237.133.238]) by smtp.gmail.com with ESMTPSA id c4-20020a056870c08400b0010e81e27b99sm3179258oad.17.2022.08.09.08.58.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 09 Aug 2022 08:58:08 -0700 (PDT) Date: Tue, 9 Aug 2022 10:57:50 -0500 From: Tyler Hicks To: Deven Bowers Message-ID: <20220809155737.GA39351@sequoia> References: <1654714889-26728-1-git-send-email-deven.desai@linux.microsoft.com> <1654714889-26728-8-git-send-email-deven.desai@linux.microsoft.com> MIME-Version: 1.0 In-Reply-To: <1654714889-26728-8-git-send-email-deven.desai@linux.microsoft.com> X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-Mailman-Approved-At: Wed, 10 Aug 2022 03:36:02 +0000 Subject: Re: [dm-devel] [RFC PATCH v8 07/17] ipe: add auditing support X-BeenThere: dm-devel@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: device-mapper development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: axboe@kernel.dk, linux-security-module@vger.kernel.org, tytso@mit.edu, paul@paul-moore.com, corbet@lwn.net, roberto.sassu@huawei.com, linux-doc@vger.kernel.org, snitzer@kernel.org, jmorris@namei.org, zohar@linux.ibm.com, linux-kernel@vger.kernel.org, ebiggers@kernel.org, dm-devel@redhat.com, linux-audit@redhat.com, linux-block@vger.kernel.org, eparis@redhat.com, linux-fscrypt@vger.kernel.org, linux-integrity@vger.kernel.org, agk@redhat.com, serge@hallyn.com Errors-To: dm-devel-bounces@redhat.com Sender: "dm-devel" X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Disposition: inline Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit On 2022-06-08 12:01:19, Deven Bowers wrote: > +/** > + * getaudit: Read handler for the securityfs node, "ipe/success_audit" > + * @f: Supplies a file structure representing the securityfs node. > + * @data: Supplies a buffer passed to the read syscall > + * @len: Supplies the length of @data > + * @offset: unused. > + * > + * Return: > + * >0 - Success, Length of buffer written > + * <0 - Error > + */ > +static ssize_t getaudit(struct file *f, char __user *data, > + size_t len, loff_t *offset) > +{ > + const char *result; > + struct ipe_context *ctx; > + > + ctx = ipe_current_ctx(); > + > + rcu_read_lock(); > + result = ((READ_ONCE(ctx->success_audit)) ? "1" : "0"); > + rcu_read_unlock(); > + > + ipe_put_ctx(ctx); > + return simple_read_from_buffer(data, len, offset, result, 2); While doing some internal testing, I noticed that some of the IPE files in securityfs (ipe/audit, ipe/enforce, and ipe/policies/*/active) are including the NULL terminator (size of 2) in the securityfs file contents. This is not common to do and this busybox build that my test machine is using even has some trouble when displaying those files with cat. I see all three instances of this pattern with this command: $ git grep simple_read_from_buffer\(.*,\ 2\) security/ipe I think going to a length of 1 would be best. Tyler -- dm-devel mailing list dm-devel@redhat.com https://listman.redhat.com/mailman/listinfo/dm-devel From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 26DEBC19F2D for ; Tue, 9 Aug 2022 16:02:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1660060966; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=XLBSZyq0Owsx6Mv4QGGTyOoPiQu7tCxat6Xg4ZVK8DY=; b=RGDhJRVguMRGXwOchEJBTsCw2FlkqCij3k7n3a0NkBPK5M/40YuylW5A9bom2CJ0aId4pD 4nyob4w9TNue1NSV+SVqZUWAaBJ8QWmlkU8OF6g8GP/8dpHymCLkw4wzq3YK8yqE4qpC/O on1EcUNUjiVwZ0gPL3qEXjfhkBE44qA= Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-505-i8PUDn_nN2eTvSEzIGhXZg-1; Tue, 09 Aug 2022 12:02:42 -0400 X-MC-Unique: i8PUDn_nN2eTvSEzIGhXZg-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 48AE01C06EE9; Tue, 9 Aug 2022 16:02:40 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 2AC982166B26; Tue, 9 Aug 2022 16:02:38 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 638121946A4C; Tue, 9 Aug 2022 16:02:32 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 120061946A4C for ; Tue, 9 Aug 2022 15:58:20 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id DB7E42026D64; Tue, 9 Aug 2022 15:58:19 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast02.extmail.prod.ext.rdu2.redhat.com [10.11.55.18]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D64512026D4C for ; Tue, 9 Aug 2022 15:58:19 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 0FE5A824075 for ; Tue, 9 Aug 2022 15:58:16 +0000 (UTC) Received: from mail-oi1-f177.google.com (mail-oi1-f177.google.com [209.85.167.177]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-272-VDjiSnhvNMi_fPrAIzj3aw-1; Tue, 09 Aug 2022 11:58:10 -0400 X-MC-Unique: VDjiSnhvNMi_fPrAIzj3aw-1 Received: by mail-oi1-f177.google.com with SMTP id q184so14340542oif.1 for ; Tue, 09 Aug 2022 08:58:09 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=HUXaYVwE6orHodeBsCAxKkSFqqLupHxNZ2roYGcQJ3U=; b=NdKCwuYxdeulQF36LnhkHT57BiakVIW7y/Mc8H9mlfX56VRmGci1HzC4EAWu1vKbGN sEqHuoUeQaoz7z+RkwbUXQodQFMIz7+xppZJA15ayEIYAzu7k63J45CUhwW+d/PQBn2J a/R5xos26Nc5y2dYiG7HeOFp0fB9PBaayOPSour1b0MAD0PaokMeM15br9dnKIXWXzVX xKyV66EIKKGHXvVHaSANJ008cbZBmEGlcMbs1fUC+buF2l0wZyW+mq80xbw3nlKodoOy M2QmoK8HqpTVkTNQ25k/rXFfc0hgrnvbiHKJYerafc9aU1IMrPuitYJWsT562t2wWQT7 f9qg== X-Gm-Message-State: ACgBeo0x+YPQvc6OCGnOJGuaNQdk3nlajqmW25fuUKjkGfZjIUR2Ml/C lPmvYXn15oATpppD1m3X/6glNQ== X-Google-Smtp-Source: AA6agR5yALJSQiqpyuDxfVXadUjpSlKzadaxwr3uRwJCazGWMfl76Mg96IgJ2CaNNqe5ceJ+1WIb5A== X-Received: by 2002:a05:6808:1889:b0:33b:2f70:cca0 with SMTP id bi9-20020a056808188900b0033b2f70cca0mr10801550oib.253.1660060688904; Tue, 09 Aug 2022 08:58:08 -0700 (PDT) Received: from sequoia (162-237-133-238.lightspeed.rcsntx.sbcglobal.net. [162.237.133.238]) by smtp.gmail.com with ESMTPSA id c4-20020a056870c08400b0010e81e27b99sm3179258oad.17.2022.08.09.08.58.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 09 Aug 2022 08:58:08 -0700 (PDT) Date: Tue, 9 Aug 2022 10:57:50 -0500 From: Tyler Hicks To: Deven Bowers Subject: Re: [RFC PATCH v8 07/17] ipe: add auditing support Message-ID: <20220809155737.GA39351@sequoia> References: <1654714889-26728-1-git-send-email-deven.desai@linux.microsoft.com> <1654714889-26728-8-git-send-email-deven.desai@linux.microsoft.com> MIME-Version: 1.0 In-Reply-To: <1654714889-26728-8-git-send-email-deven.desai@linux.microsoft.com> X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-Mailman-Approved-At: Tue, 09 Aug 2022 16:02:31 +0000 X-BeenThere: linux-audit@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux Audit Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: axboe@kernel.dk, linux-security-module@vger.kernel.org, tytso@mit.edu, corbet@lwn.net, roberto.sassu@huawei.com, linux-doc@vger.kernel.org, snitzer@kernel.org, jmorris@namei.org, zohar@linux.ibm.com, linux-kernel@vger.kernel.org, ebiggers@kernel.org, dm-devel@redhat.com, linux-audit@redhat.com, linux-block@vger.kernel.org, eparis@redhat.com, linux-fscrypt@vger.kernel.org, linux-integrity@vger.kernel.org, agk@redhat.com, serge@hallyn.com Errors-To: linux-audit-bounces@redhat.com Sender: "Linux-audit" X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Disposition: inline Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit On 2022-06-08 12:01:19, Deven Bowers wrote: > +/** > + * getaudit: Read handler for the securityfs node, "ipe/success_audit" > + * @f: Supplies a file structure representing the securityfs node. > + * @data: Supplies a buffer passed to the read syscall > + * @len: Supplies the length of @data > + * @offset: unused. > + * > + * Return: > + * >0 - Success, Length of buffer written > + * <0 - Error > + */ > +static ssize_t getaudit(struct file *f, char __user *data, > + size_t len, loff_t *offset) > +{ > + const char *result; > + struct ipe_context *ctx; > + > + ctx = ipe_current_ctx(); > + > + rcu_read_lock(); > + result = ((READ_ONCE(ctx->success_audit)) ? "1" : "0"); > + rcu_read_unlock(); > + > + ipe_put_ctx(ctx); > + return simple_read_from_buffer(data, len, offset, result, 2); While doing some internal testing, I noticed that some of the IPE files in securityfs (ipe/audit, ipe/enforce, and ipe/policies/*/active) are including the NULL terminator (size of 2) in the securityfs file contents. This is not common to do and this busybox build that my test machine is using even has some trouble when displaying those files with cat. I see all three instances of this pattern with this command: $ git grep simple_read_from_buffer\(.*,\ 2\) security/ipe I think going to a length of 1 would be best. Tyler -- Linux-audit mailing list Linux-audit@redhat.com https://listman.redhat.com/mailman/listinfo/linux-audit From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id EB437C25B07 for ; Tue, 9 Aug 2022 15:58:15 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235725AbiHIP6P (ORCPT ); Tue, 9 Aug 2022 11:58:15 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54298 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S244775AbiHIP6L (ORCPT ); Tue, 9 Aug 2022 11:58:11 -0400 Received: from mail-oi1-x233.google.com (mail-oi1-x233.google.com [IPv6:2607:f8b0:4864:20::233]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 91740186EA for ; Tue, 9 Aug 2022 08:58:09 -0700 (PDT) Received: by mail-oi1-x233.google.com with SMTP id c185so14339099oia.7 for ; Tue, 09 Aug 2022 08:58:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tyhicks-com.20210112.gappssmtp.com; s=20210112; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=HUXaYVwE6orHodeBsCAxKkSFqqLupHxNZ2roYGcQJ3U=; b=qLwOZH9UT3mHrvDuf0QBZ8Am9wtvtBRS7umuarT0r9UbJrssHJXWIg3h17TiycX1dn qNENXZ3y9l8gp9q5l7k7gVd+1kToWHoZlaQeyXGNtDa1Fjdv5FtAHWLTAuo0i/HDTXtu Ka+AzCyLNZ4IjM1vO/jXPagJT2MvcrqGBhTMTrTQldfvo9C7x7+I66tQNMdXJ+/72K87 yjjt59mRZjWUoigeMet/tlZrmNdPLPYXuEJpvtVGq7r0+3OrCGBlvcaO0FKvBuZHkbhU n5a3agXQ6rwmxQV5QaRqMGukQA9NhloWit2Ndwft7b6D9v0HCU8O44NqoCkfz80MYgoW 8ghw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=HUXaYVwE6orHodeBsCAxKkSFqqLupHxNZ2roYGcQJ3U=; b=rqzdLA+kGLbcavmOEWmbOHpE7zkla76B7T6vERRT1fRRR6w1SkVY+85iWAVGXHDVtM fHZqnU4ESIgL0SxppACQD2xcXhUr8IcsIK8juVPgbMDqgqNLAYUCHt0pxeBsADySAzJ8 DqorxwLm+vu9BB3C0AH7QdvewtPmC4AfaQGNwYHMfVvhS/zXRBHgv7ZrxvApYf0+QS5H bO5JITQeMtHWCwUZ8cquGit6Bbjry1CwPg2FrZanCQROdvDoNsH6OuyLb4Xytg+CkWtb c5tkNrs40c0AgPzbx+qWmYSrnYrTzM+nibb8EB78NNr/7rRjBMI4peg+QPjVA9iFaMNi akdQ== X-Gm-Message-State: ACgBeo1XqRYkFzh+ep74va1cmdv/uUH8sQNB8q38ruz9JbwOv7vAuSiA efjSWEWhFlon7EFjAYuxtaX3Wg== X-Google-Smtp-Source: AA6agR5yALJSQiqpyuDxfVXadUjpSlKzadaxwr3uRwJCazGWMfl76Mg96IgJ2CaNNqe5ceJ+1WIb5A== X-Received: by 2002:a05:6808:1889:b0:33b:2f70:cca0 with SMTP id bi9-20020a056808188900b0033b2f70cca0mr10801550oib.253.1660060688904; Tue, 09 Aug 2022 08:58:08 -0700 (PDT) Received: from sequoia (162-237-133-238.lightspeed.rcsntx.sbcglobal.net. [162.237.133.238]) by smtp.gmail.com with ESMTPSA id c4-20020a056870c08400b0010e81e27b99sm3179258oad.17.2022.08.09.08.58.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 09 Aug 2022 08:58:08 -0700 (PDT) Date: Tue, 9 Aug 2022 10:57:50 -0500 From: Tyler Hicks To: Deven Bowers Cc: corbet@lwn.net, zohar@linux.ibm.com, jmorris@namei.org, serge@hallyn.com, tytso@mit.edu, ebiggers@kernel.org, axboe@kernel.dk, agk@redhat.com, snitzer@kernel.org, eparis@redhat.com, paul@paul-moore.com, dm-devel@redhat.com, linux-doc@vger.kernel.org, roberto.sassu@huawei.com, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, linux-block@vger.kernel.org, linux-fscrypt@vger.kernel.org, linux-audit@redhat.com, linux-integrity@vger.kernel.org Subject: Re: [RFC PATCH v8 07/17] ipe: add auditing support Message-ID: <20220809155737.GA39351@sequoia> References: <1654714889-26728-1-git-send-email-deven.desai@linux.microsoft.com> <1654714889-26728-8-git-send-email-deven.desai@linux.microsoft.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1654714889-26728-8-git-send-email-deven.desai@linux.microsoft.com> Precedence: bulk List-ID: X-Mailing-List: linux-block@vger.kernel.org On 2022-06-08 12:01:19, Deven Bowers wrote: > +/** > + * getaudit: Read handler for the securityfs node, "ipe/success_audit" > + * @f: Supplies a file structure representing the securityfs node. > + * @data: Supplies a buffer passed to the read syscall > + * @len: Supplies the length of @data > + * @offset: unused. > + * > + * Return: > + * >0 - Success, Length of buffer written > + * <0 - Error > + */ > +static ssize_t getaudit(struct file *f, char __user *data, > + size_t len, loff_t *offset) > +{ > + const char *result; > + struct ipe_context *ctx; > + > + ctx = ipe_current_ctx(); > + > + rcu_read_lock(); > + result = ((READ_ONCE(ctx->success_audit)) ? "1" : "0"); > + rcu_read_unlock(); > + > + ipe_put_ctx(ctx); > + return simple_read_from_buffer(data, len, offset, result, 2); While doing some internal testing, I noticed that some of the IPE files in securityfs (ipe/audit, ipe/enforce, and ipe/policies/*/active) are including the NULL terminator (size of 2) in the securityfs file contents. This is not common to do and this busybox build that my test machine is using even has some trouble when displaying those files with cat. I see all three instances of this pattern with this command: $ git grep simple_read_from_buffer\(.*,\ 2\) security/ipe I think going to a length of 1 would be best. Tyler