From: Steve Grubb <sgrubb@redhat.com>
To: Richard Guy Briggs <rgb@redhat.com>
Cc: linux-audit@redhat.com
Subject: Re: [PATCH 2/2] errormsg: add descriptive macros to replace overloaded error codes
Date: Thu, 04 May 2017 17:09:23 -0400 [thread overview]
Message-ID: <124499206.jtSla3cULl@x2> (raw)
In-Reply-To: <20170504210535.GH21241@madcap2.tricolour.ca>
On Thursday, May 4, 2017 5:05:35 PM EDT Richard Guy Briggs wrote:
> On 2017-05-04 16:49, Steve Grubb wrote:
> > On Thursday, May 4, 2017 4:29:45 PM EDT Richard Guy Briggs wrote:
> > > On 2017-05-04 16:11, Steve Grubb wrote:
> > > > On Tuesday, April 4, 2017 6:37:48 AM EDT Richard Guy Briggs wrote:
> > > > > Several return codes were overloaded and no longer giving helpful
> > > > > error
> > > > > return messages from the field and comparison functions
> > > > > audit_rule_fieldpair_data() and audit_rule_interfield_comp_data().
> > > > >
> > > > > Introduce 3 new macros with more helpful error descriptions for data
> > > > > missing, incompatible fields and incompatible values.
> > > > >
> > > > > See: https://github.com/linux-audit/audit-userspace/issues/12
> > > > >
> > > > > Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
> > > > > ---
> > > > >
> > > > > lib/errormsg.h | 6 ++++++
> > > > > lib/libaudit.c | 28 ++++++++++++++--------------
> > > > > 2 files changed, 20 insertions(+), 14 deletions(-)
> > > > >
> > > > > diff --git a/lib/errormsg.h b/lib/errormsg.h
> > > > > index 35b7f95..50c7d50 100644
> > > > > --- a/lib/errormsg.h
> > > > > +++ b/lib/errormsg.h
> > > > > @@ -67,6 +67,9 @@ static const struct msg_tab err_msgtab[] = {
> > > > >
> > > > > { -29, 1, "only takes = operator" },
> > > > > { -30, 2, "Field option not supported by kernel:" },
> > > > > { -31, 1, "must be used with exclude, user, or exit
> > > > > filter"
> > > > > },
> > > > >
> > > > > + { -32, 0, "field data is missing" },
> > > >
> > > > Actually, this means that the filter is missing in the rule. This is
> > > > the
> > > > kind of thing I would normally just fixup after patching the source.
> > > >
> > > > > + { -33, 2, "-C field incompatible" },
> > > > > + { -34, 2, "-C value incompatible" },
> > > > >
> > > > > };
> > > > > #define EAU_OPMISSING 1
> > > > > #define EAU_FIELDUNKNOWN 2
> > > > >
> > > > > @@ -97,4 +100,7 @@ static const struct msg_tab err_msgtab[] = {
> > > > >
> > > > > #define EAU_OPEQ 29
> > > > > #define EAU_FIELDNOSUPPORT 30
> > > > > #define EAU_FIELDNOFILTER 31
> > > > >
> > > > > +#define EAU_DATAMISSING 32
> > > > > +#define EAU_COMPFIELDINCOMPAT 33
> > > > > +#define EAU_COMPVALINCOMPAT 34
> > > > >
> > > > > #endif
> > > > >
> > > > > diff --git a/lib/libaudit.c b/lib/libaudit.c
> > > > > index b481f52..b1f8f9c 100644
> > > > > --- a/lib/libaudit.c
> > > > > +++ b/lib/libaudit.c
> > > > > @@ -976,7 +976,7 @@ int audit_rule_interfield_comp_data(struct
> > > > > audit_rule_data **rulep, struct audit_rule_data *rule = *rulep;
> > > > >
> > > > > if (f == NULL)
> > > > >
> > > > > - return -1;
> > > > > + return -EAU_DATAMISSING;
> > > > >
> > > > > if (rule->field_count >= (AUDIT_MAX_FIELDS - 1))
> > > > >
> > > > > return -EAU_FIELDTOOMANY;
> > > > >
> > > > > @@ -1043,7 +1043,7 @@ int audit_rule_interfield_comp_data(struct
> > > > > audit_rule_data **rulep, AUDIT_COMPARE_UID_TO_EUID;
> > > > >
> > > > > break;
> > > > >
> > > > > default:
> > > > > - return -1;
> > > > > + return -EAU_COMPVALINCOMPAT;
> > > >
> > > > This means that we are attempting an incompatible comparison between
> > > > fields.>
> > > >
> > > > > }
> > > > > break;
> > > > >
> > > > > case AUDIT_FSUID:
> > > > > @@ -1069,7 +1069,7 @@ int audit_rule_interfield_comp_data(struct
> > > > > audit_rule_data **rulep, AUDIT_COMPARE_UID_TO_FSUID;
> > > > >
> > > > > break;
> > > > >
> > > > > default:
> > > > > - return -1;
> > > > > + return -EAU_COMPVALINCOMPAT;
> > > > >
> > > > > }
> > > > > break;
> > > > >
> > > > > case AUDIT_LOGINUID:
> > > > > @@ -1095,7 +1095,7 @@ int audit_rule_interfield_comp_data(struct
> > > > > audit_rule_data **rulep, AUDIT_COMPARE_UID_TO_AUID;
> > > > >
> > > > > break;
> > > > >
> > > > > default:
> > > > > - return -1;
> > > > > + return -EAU_COMPVALINCOMPAT;
> > > > >
> > > > > }
> > > > > break;
> > > > >
> > > > > case AUDIT_SUID:
> > > > > @@ -1121,7 +1121,7 @@ int audit_rule_interfield_comp_data(struct
> > > > > audit_rule_data **rulep, AUDIT_COMPARE_UID_TO_SUID;
> > > > >
> > > > > break;
> > > > >
> > > > > default:
> > > > > - return -1;
> > > > > + return -EAU_COMPVALINCOMPAT;
> > > > >
> > > > > }
> > > > > break;
> > > > >
> > > > > case AUDIT_OBJ_UID:
> > > > > @@ -1147,7 +1147,7 @@ int audit_rule_interfield_comp_data(struct
> > > > > audit_rule_data **rulep, AUDIT_COMPARE_SUID_TO_OBJ_UID;
> > > > >
> > > > > break;
> > > > >
> > > > > default:
> > > > > - return -1;
> > > > > + return -EAU_COMPVALINCOMPAT;
> > > > >
> > > > > }
> > > > > break;
> > > > >
> > > > > case AUDIT_UID:
> > > > > @@ -1173,7 +1173,7 @@ int audit_rule_interfield_comp_data(struct
> > > > > audit_rule_data **rulep, AUDIT_COMPARE_UID_TO_SUID;
> > > > >
> > > > > break;
> > > > >
> > > > > default:
> > > > > - return -1;
> > > > > + return -EAU_COMPVALINCOMPAT;
> > > > >
> > > > > }
> > > > > break;
> > > > >
> > > > > @@ -1197,7 +1197,7 @@ int audit_rule_interfield_comp_data(struct
> > > > > audit_rule_data **rulep, AUDIT_COMPARE_EGID_TO_SGID;
> > > > >
> > > > > break;
> > > > >
> > > > > default:
> > > > > - return -1;
> > > > > + return -EAU_COMPVALINCOMPAT;
> > > > >
> > > > > }
> > > > > break;
> > > > >
> > > > > case AUDIT_FSGID:
> > > > > @@ -1219,7 +1219,7 @@ int audit_rule_interfield_comp_data(struct
> > > > > audit_rule_data **rulep, AUDIT_COMPARE_EGID_TO_FSGID;
> > > > >
> > > > > break;
> > > > >
> > > > > default:
> > > > > - return -1;
> > > > > + return -EAU_COMPVALINCOMPAT;
> > > > >
> > > > > }
> > > > > break;
> > > > >
> > > > > case AUDIT_GID:
> > > > > @@ -1241,7 +1241,7 @@ int audit_rule_interfield_comp_data(struct
> > > > > audit_rule_data **rulep, AUDIT_COMPARE_GID_TO_SGID;
> > > > >
> > > > > break;
> > > > >
> > > > > default:
> > > > > - return -1;
> > > > > + return -EAU_COMPVALINCOMPAT;
> > > > >
> > > > > }
> > > > > break;
> > > > >
> > > > > case AUDIT_OBJ_GID:
> > > > > @@ -1263,7 +1263,7 @@ int audit_rule_interfield_comp_data(struct
> > > > > audit_rule_data **rulep, AUDIT_COMPARE_SGID_TO_OBJ_GID;
> > > > >
> > > > > break;
> > > > >
> > > > > default:
> > > > > - return -1;
> > > > > + return -EAU_COMPVALINCOMPAT;
> > > > >
> > > > > }
> > > > > break;
> > > > >
> > > > > case AUDIT_SGID:
> > > > > @@ -1285,11 +1285,11 @@ int audit_rule_interfield_comp_data(struct
> > > > > audit_rule_data **rulep, AUDIT_COMPARE_EGID_TO_SGID;
> > > > >
> > > > > break;
> > > > >
> > > > > default:
> > > > > - return -1;
> > > > > + return -EAU_COMPVALINCOMPAT;
> > > > >
> > > > > }
> > > > > break;
> > > > >
> > > > > default:
> > > > > - return -1;
> > > > > + return -EAU_COMPFIELDINCOMPAT;
> > > >
> > > > This means the same thing.
> > > >
> > > > > break;
> > > > >
> > > > > }
> > > > > rule->field_count++;
> > > > >
> > > > > @@ -1389,7 +1389,7 @@ int audit_rule_fieldpair_data(struct
> > > > > audit_rule_data
> > > > > **rulep, const char *pair, struct audit_rule_data *rule = *rulep;
> > > > >
> > > > > if (f == NULL)
> > > > >
> > > > > - return -1;
> > > > > + return -EAU_DATAMISSING;
> > > >
> > > > This also means that the filter was not given. Patch not applied.
>
> Ok, so coming back to patch acceptance, if I read correctly your
> comments, reduce the four new error types to two?
Yes, two are needed. One for missing filter/action and one for we are
attempting an incompatible comparison between fields.
-Steve
> > > > Was there a patch in this series that converted errormsg.h to use the
> > > > macros?
> > >
> > > I don't quite follow. Can you give a fictional example off the top of
> > > your head of what you are hoping for?
> >
> > This table:
> >
> > static const struct msg_tab err_msgtab[] = {
> >
> > { -1, 2, "-F missing operation for" },
> > { -2, 2, "-F unknown field:" },
> > { -3, 1, "must be before -S" },
> > { -4, 1, "machine type not found" },
> >
> > ...
> >
> > converted to using the defines. The libaudit return codes were fixed to
> > defines. But the table the return codes are looked up in is still using
> > numbers.
>
> Ah, got it, yes, completely agree.
>
> > > I'm hoping to eventually replace them with an enum list.
> >
> > define, enum, does it really matter? I don't like lots of patches just
> > shuffling things around. Let's just keep it a define at this point.
>
> Fair enough.
>
> > -Steve
>
> - RGB
>
> --
> Richard Guy Briggs <rgb@redhat.com>
> Sr. S/W Engineer, Kernel Security, Base Operating Systems
> Remote, Ottawa, Red Hat Canada
> IRC: rgb, SunRaycer
> Voice: +1.647.777.2635, Internal: (81) 32635
next prev parent reply other threads:[~2017-05-04 21:09 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-04-04 10:37 [PATCH 1/2] errormsg: correct a number of messages that have drifted Richard Guy Briggs
2017-04-04 10:37 ` [PATCH 2/2] errormsg: add descriptive macros to replace overloaded error codes Richard Guy Briggs
2017-05-04 20:11 ` Steve Grubb
2017-05-04 20:29 ` Richard Guy Briggs
2017-05-04 20:49 ` Steve Grubb
2017-05-04 21:05 ` Richard Guy Briggs
2017-05-04 21:09 ` Steve Grubb [this message]
2017-05-08 13:52 ` Richard Guy Briggs
2017-05-24 20:02 ` Steve Grubb
2017-05-24 21:46 ` Richard Guy Briggs
2017-05-29 15:36 ` Richard Guy Briggs
2017-05-08 13:48 ` errormsg table macros [was: Re: [PATCH 2/2] errormsg: add descriptive macros to replace overloaded error codes] Richard Guy Briggs
2017-05-04 19:50 ` [PATCH 1/2] errormsg: correct a number of messages that have drifted Steve Grubb
2017-05-04 20:25 ` Richard Guy Briggs
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=124499206.jtSla3cULl@x2 \
--to=sgrubb@redhat.com \
--cc=linux-audit@redhat.com \
--cc=rgb@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox