* [PATCH] audit: skip sessionid sentinel value when auto-incrementing
@ 2016-11-10 6:41 Richard Guy Briggs
[not found] ` <2e99896c655ae31ea481240692a720e9701b0a76.1478758980.git.rgb-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2016-12-05 8:04 ` Richard Guy Briggs
0 siblings, 2 replies; 7+ messages in thread
From: Richard Guy Briggs @ 2016-11-10 6:41 UTC (permalink / raw)
To: linux-audit, linux-kernel, containers
Cc: Richard Guy Briggs, Eric Paris, Paul Moore, Steve Grubb
The value (unsigned int)-1 is used as a sentinel to indicate the
sessionID is unset. Skip this value when the session_id value wraps.
Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
---
kernel/auditsc.c | 5 ++++-
1 files changed, 4 insertions(+), 1 deletions(-)
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 5abf1dc..e414dfa 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -2025,8 +2025,11 @@ int audit_set_loginuid(kuid_t loginuid)
goto out;
/* are we setting or clearing? */
- if (uid_valid(loginuid))
+ if (uid_valid(loginuid)) {
sessionid = (unsigned int)atomic_inc_return(&session_id);
+ if (unlikely(sessionid == (unsigned int)-1))
+ sessionid = (unsigned int)atomic_inc_return(&session_id);
+ }
task->sessionid = sessionid;
task->loginuid = loginuid;
--
1.7.1
^ permalink raw reply related [flat|nested] 7+ messages in thread[parent not found: <2e99896c655ae31ea481240692a720e9701b0a76.1478758980.git.rgb-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>]
* Re: [PATCH] audit: skip sessionid sentinel value when auto-incrementing [not found] ` <2e99896c655ae31ea481240692a720e9701b0a76.1478758980.git.rgb-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org> @ 2016-11-14 20:17 ` Paul Moore 2016-11-15 8:49 ` Richard Guy Briggs 0 siblings, 1 reply; 7+ messages in thread From: Paul Moore @ 2016-11-14 20:17 UTC (permalink / raw) To: Richard Guy Briggs Cc: containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA, linux-audit-H+wXaHxf7aLQT0dZR+AlfA, linux-kernel-u79uwXL29TY76Z2rM5mHXA On Thu, Nov 10, 2016 at 1:41 AM, Richard Guy Briggs <rgb-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org> wrote: > The value (unsigned int)-1 is used as a sentinel to indicate the > sessionID is unset. Skip this value when the session_id value wraps. > > Signed-off-by: Richard Guy Briggs <rgb-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org> > --- > kernel/auditsc.c | 5 ++++- > 1 files changed, 4 insertions(+), 1 deletions(-) Since we haven't merged the session ID kernel patches into audit#next yet, why don't you just squash this patch in with the session ID patch and resubmit upstream in one nice neat patch. > diff --git a/kernel/auditsc.c b/kernel/auditsc.c > index 5abf1dc..e414dfa 100644 > --- a/kernel/auditsc.c > +++ b/kernel/auditsc.c > @@ -2025,8 +2025,11 @@ int audit_set_loginuid(kuid_t loginuid) > goto out; > > /* are we setting or clearing? */ > - if (uid_valid(loginuid)) > + if (uid_valid(loginuid)) { > sessionid = (unsigned int)atomic_inc_return(&session_id); > + if (unlikely(sessionid == (unsigned int)-1)) > + sessionid = (unsigned int)atomic_inc_return(&session_id); > + } > > task->sessionid = sessionid; > task->loginuid = loginuid; > -- > 1.7.1 > > -- > Linux-audit mailing list > Linux-audit-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org > https://www.redhat.com/mailman/listinfo/linux-audit -- paul moore www.paul-moore.com ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] audit: skip sessionid sentinel value when auto-incrementing 2016-11-14 20:17 ` Paul Moore @ 2016-11-15 8:49 ` Richard Guy Briggs 2016-11-17 23:34 ` Paul Moore 0 siblings, 1 reply; 7+ messages in thread From: Richard Guy Briggs @ 2016-11-15 8:49 UTC (permalink / raw) To: Paul Moore; +Cc: linux-audit, linux-kernel On 2016-11-14 15:17, Paul Moore wrote: > On Thu, Nov 10, 2016 at 1:41 AM, Richard Guy Briggs <rgb@redhat.com> wrote: > > The value (unsigned int)-1 is used as a sentinel to indicate the > > sessionID is unset. Skip this value when the session_id value wraps. > > > > Signed-off-by: Richard Guy Briggs <rgb@redhat.com> > > --- > > kernel/auditsc.c | 5 ++++- > > 1 files changed, 4 insertions(+), 1 deletions(-) > > Since we haven't merged the session ID kernel patches into audit#next > yet, why don't you just squash this patch in with the session ID patch > and resubmit upstream in one nice neat patch. This was an existing bug regardless of new functionality added, so the fix should not be buried in a new feature patch. > > diff --git a/kernel/auditsc.c b/kernel/auditsc.c > > index 5abf1dc..e414dfa 100644 > > --- a/kernel/auditsc.c > > +++ b/kernel/auditsc.c > > @@ -2025,8 +2025,11 @@ int audit_set_loginuid(kuid_t loginuid) > > goto out; > > > > /* are we setting or clearing? */ > > - if (uid_valid(loginuid)) > > + if (uid_valid(loginuid)) { > > sessionid = (unsigned int)atomic_inc_return(&session_id); > > + if (unlikely(sessionid == (unsigned int)-1)) > > + sessionid = (unsigned int)atomic_inc_return(&session_id); > > + } > > > > task->sessionid = sessionid; > > task->loginuid = loginuid; > > paul moore - RGB -- Richard Guy Briggs <rgb@redhat.com> Kernel Security Engineering, Base Operating Systems, Red Hat Remote, Ottawa, Canada Voice: +1.647.777.2635, Internal: (81) 32635 ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] audit: skip sessionid sentinel value when auto-incrementing 2016-11-15 8:49 ` Richard Guy Briggs @ 2016-11-17 23:34 ` Paul Moore 2016-11-18 2:27 ` Richard Guy Briggs 0 siblings, 1 reply; 7+ messages in thread From: Paul Moore @ 2016-11-17 23:34 UTC (permalink / raw) To: Richard Guy Briggs; +Cc: linux-audit, linux-kernel On Tue, Nov 15, 2016 at 3:49 AM, Richard Guy Briggs <rgb@redhat.com> wrote: > On 2016-11-14 15:17, Paul Moore wrote: >> On Thu, Nov 10, 2016 at 1:41 AM, Richard Guy Briggs <rgb@redhat.com> wrote: >> > The value (unsigned int)-1 is used as a sentinel to indicate the >> > sessionID is unset. Skip this value when the session_id value wraps. >> > >> > Signed-off-by: Richard Guy Briggs <rgb@redhat.com> >> > --- >> > kernel/auditsc.c | 5 ++++- >> > 1 files changed, 4 insertions(+), 1 deletions(-) >> >> Since we haven't merged the session ID kernel patches into audit#next >> yet, why don't you just squash this patch in with the session ID patch >> and resubmit upstream in one nice neat patch. > > This was an existing bug regardless of new functionality added, so the > fix should not be buried in a new feature patch. No, it's not an existing bug. The existing code simply reports/logs the session ID, it doesn't filter on it, so there are no magic values to worry about. >> > diff --git a/kernel/auditsc.c b/kernel/auditsc.c >> > index 5abf1dc..e414dfa 100644 >> > --- a/kernel/auditsc.c >> > +++ b/kernel/auditsc.c >> > @@ -2025,8 +2025,11 @@ int audit_set_loginuid(kuid_t loginuid) >> > goto out; >> > >> > /* are we setting or clearing? */ >> > - if (uid_valid(loginuid)) >> > + if (uid_valid(loginuid)) { >> > sessionid = (unsigned int)atomic_inc_return(&session_id); >> > + if (unlikely(sessionid == (unsigned int)-1)) >> > + sessionid = (unsigned int)atomic_inc_return(&session_id); >> > + } >> > >> > task->sessionid = sessionid; >> > task->loginuid = loginuid; >> >> paul moore > > - RGB > > -- > Richard Guy Briggs <rgb@redhat.com> > Kernel Security Engineering, Base Operating Systems, Red Hat > Remote, Ottawa, Canada > Voice: +1.647.777.2635, Internal: (81) 32635 -- paul moore www.paul-moore.com ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] audit: skip sessionid sentinel value when auto-incrementing 2016-11-17 23:34 ` Paul Moore @ 2016-11-18 2:27 ` Richard Guy Briggs 2016-11-20 20:34 ` Paul Moore 0 siblings, 1 reply; 7+ messages in thread From: Richard Guy Briggs @ 2016-11-18 2:27 UTC (permalink / raw) To: Paul Moore; +Cc: linux-audit, linux-kernel On 2016-11-17 18:34, Paul Moore wrote: > On Tue, Nov 15, 2016 at 3:49 AM, Richard Guy Briggs <rgb@redhat.com> wrote: > > On 2016-11-14 15:17, Paul Moore wrote: > >> On Thu, Nov 10, 2016 at 1:41 AM, Richard Guy Briggs <rgb@redhat.com> wrote: > >> > The value (unsigned int)-1 is used as a sentinel to indicate the > >> > sessionID is unset. Skip this value when the session_id value wraps. > >> > > >> > Signed-off-by: Richard Guy Briggs <rgb@redhat.com> > >> > --- > >> > kernel/auditsc.c | 5 ++++- > >> > 1 files changed, 4 insertions(+), 1 deletions(-) > >> > >> Since we haven't merged the session ID kernel patches into audit#next > >> yet, why don't you just squash this patch in with the session ID patch > >> and resubmit upstream in one nice neat patch. > > > > This was an existing bug regardless of new functionality added, so the > > fix should not be buried in a new feature patch. > > No, it's not an existing bug. The existing code simply reports/logs > the session ID, it doesn't filter on it, so there are no magic values > to worry about. The existing code autoincrements through sessionID==-1. The existing code (ausearch and aureport) reports and logs the sessionID and there are existing reporting tools that are able to filter on sessionID even though kernel filters don't yet exist for them. Therefore, it is possible for the counter to roll and to erroneously report that the value is unset. Steve, am I wrong here? > >> > diff --git a/kernel/auditsc.c b/kernel/auditsc.c > >> > index 5abf1dc..e414dfa 100644 > >> > --- a/kernel/auditsc.c > >> > +++ b/kernel/auditsc.c > >> > @@ -2025,8 +2025,11 @@ int audit_set_loginuid(kuid_t loginuid) > >> > goto out; > >> > > >> > /* are we setting or clearing? */ > >> > - if (uid_valid(loginuid)) > >> > + if (uid_valid(loginuid)) { > >> > sessionid = (unsigned int)atomic_inc_return(&session_id); > >> > + if (unlikely(sessionid == (unsigned int)-1)) > >> > + sessionid = (unsigned int)atomic_inc_return(&session_id); > >> > + } > >> > > >> > task->sessionid = sessionid; > >> > task->loginuid = loginuid; > >> > >> paul moore > > > > - RGB > > paul moore - RGB -- Richard Guy Briggs <rgb@redhat.com> Kernel Security Engineering, Base Operating Systems, Red Hat Remote, Ottawa, Canada Voice: +1.647.777.2635, Internal: (81) 32635 ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] audit: skip sessionid sentinel value when auto-incrementing 2016-11-18 2:27 ` Richard Guy Briggs @ 2016-11-20 20:34 ` Paul Moore 0 siblings, 0 replies; 7+ messages in thread From: Paul Moore @ 2016-11-20 20:34 UTC (permalink / raw) To: Richard Guy Briggs; +Cc: linux-audit, linux-kernel On Thu, Nov 17, 2016 at 9:27 PM, Richard Guy Briggs <rgb@redhat.com> wrote: > On 2016-11-17 18:34, Paul Moore wrote: >> On Tue, Nov 15, 2016 at 3:49 AM, Richard Guy Briggs <rgb@redhat.com> wrote: >> > On 2016-11-14 15:17, Paul Moore wrote: >> >> On Thu, Nov 10, 2016 at 1:41 AM, Richard Guy Briggs <rgb@redhat.com> wrote: >> >> > The value (unsigned int)-1 is used as a sentinel to indicate the >> >> > sessionID is unset. Skip this value when the session_id value wraps. >> >> > >> >> > Signed-off-by: Richard Guy Briggs <rgb@redhat.com> >> >> > --- >> >> > kernel/auditsc.c | 5 ++++- >> >> > 1 files changed, 4 insertions(+), 1 deletions(-) >> >> >> >> Since we haven't merged the session ID kernel patches into audit#next >> >> yet, why don't you just squash this patch in with the session ID patch >> >> and resubmit upstream in one nice neat patch. >> > >> > This was an existing bug regardless of new functionality added, so the >> > fix should not be buried in a new feature patch. >> >> No, it's not an existing bug. The existing code simply reports/logs >> the session ID, it doesn't filter on it, so there are no magic values >> to worry about. > > The existing code autoincrements through sessionID==-1. The existing > code (ausearch and aureport) reports and logs the sessionID and there > are existing reporting tools that are able to filter on sessionID even > though kernel filters don't yet exist for them. Therefore, it is > possible for the counter to roll and to erroneously report that the > value is unset. I hadn't realize that the audit userspace was using this as an unset value. Anyway, merged. -- paul moore www.paul-moore.com ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] audit: skip sessionid sentinel value when auto-incrementing 2016-11-10 6:41 [PATCH] audit: skip sessionid sentinel value when auto-incrementing Richard Guy Briggs [not found] ` <2e99896c655ae31ea481240692a720e9701b0a76.1478758980.git.rgb-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org> @ 2016-12-05 8:04 ` Richard Guy Briggs 1 sibling, 0 replies; 7+ messages in thread From: Richard Guy Briggs @ 2016-12-05 8:04 UTC (permalink / raw) To: linux-audit On 2016-12-05 02:55, Richard Guy Briggs wrote: > The value (unsigned int)-1 is used as a sentinel to indicate the > sessionID is unset. Skip this value when the session_id value wraps. I'm very sorry, this was a brain fart. I sent/resent this patch by accident, please ignore! > Signed-off-by: Richard Guy Briggs <rgb@redhat.com> > --- > kernel/auditsc.c | 5 ++++- > 1 files changed, 4 insertions(+), 1 deletions(-) > > diff --git a/kernel/auditsc.c b/kernel/auditsc.c > index 5abf1dc..e414dfa 100644 > --- a/kernel/auditsc.c > +++ b/kernel/auditsc.c > @@ -2025,8 +2025,11 @@ int audit_set_loginuid(kuid_t loginuid) > goto out; > > /* are we setting or clearing? */ > - if (uid_valid(loginuid)) > + if (uid_valid(loginuid)) { > sessionid = (unsigned int)atomic_inc_return(&session_id); > + if (unlikely(sessionid == (unsigned int)-1)) > + sessionid = (unsigned int)atomic_inc_return(&session_id); > + } > > task->sessionid = sessionid; > task->loginuid = loginuid; > -- > 1.7.1 > > -- > Linux-audit mailing list > Linux-audit@redhat.com > https://www.redhat.com/mailman/listinfo/linux-audit - RGB -- Richard Guy Briggs <rgb@redhat.com> Kernel Security Engineering, Base Operating Systems, Red Hat Remote, Ottawa, Canada Voice: +1.647.777.2635, Internal: (81) 32635 ^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2016-12-05 8:04 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-11-10 6:41 [PATCH] audit: skip sessionid sentinel value when auto-incrementing Richard Guy Briggs
[not found] ` <2e99896c655ae31ea481240692a720e9701b0a76.1478758980.git.rgb-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2016-11-14 20:17 ` Paul Moore
2016-11-15 8:49 ` Richard Guy Briggs
2016-11-17 23:34 ` Paul Moore
2016-11-18 2:27 ` Richard Guy Briggs
2016-11-20 20:34 ` Paul Moore
2016-12-05 8:04 ` Richard Guy Briggs
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox