From: "Serge E. Hallyn" <serge@hallyn.com>
To: Paul Moore <paul@paul-moore.com>
Cc: Jordan Rome <linux@jordanrome.com>,
Serge Hallyn <sergeh@kernel.org>,
linux-security-module@vger.kernel.org,
linux-trace-kernel@vger.kernel.org,
Andrii Nakryiko <andrii@kernel.org>,
Kernel Team <kernel-team@fb.com>,
Yonghong Song <yonghong.song@linux.dev>,
Linus Torvalds <torvalds@linux-foundation.org>
Subject: Re: [v8] security: add trace event for cap_capable
Date: Sat, 30 Nov 2024 14:07:05 -0600 [thread overview]
Message-ID: <20241130200705.GA75312@mail.hallyn.com> (raw)
In-Reply-To: <CAHC9VhSds8SKprWxN4NQiCJ090eYk7bzTZ=yy0KOAYLHMqOUJw@mail.gmail.com>
On Fri, Nov 29, 2024 at 09:57:54PM -0500, Paul Moore wrote:
> On Thu, Nov 28, 2024 at 5:49 PM Jordan Rome <linux@jordanrome.com> wrote:
> >
> > In cases where we want a stable way to observe/trace
> > cap_capable (e.g. protection from inlining and API updates)
> > add a tracepoint that passes:
> > - The credentials used
> > - The user namespace of the resource being accessed
> > - The user namespace in which the credential provides the
> > capability to access the targeted resource
> > - The capability to check for
> > - The return value of the check
> >
> > Signed-off-by: Jordan Rome <linux@jordanrome.com>
> > ---
> > MAINTAINERS | 1 +
> > include/trace/events/capability.h | 57 +++++++++++++++++++++++++++++++
> > security/commoncap.c | 57 +++++++++++++++++++++----------
> > 3 files changed, 97 insertions(+), 18 deletions(-)
> > create mode 100644 include/trace/events/capability.h
>
> I'm personally not a fan of the helper based approach here, it adds
> unnecessary complexity in my opinion, but I understand that was an
> edict handed to you. Otherwise, and within the other constraints, I
> think this looks okay.
>
> Reviewed-by: Paul Moore <paul@paul-moore.com>
Reviewed-by: Serge Hallyn <serge@hallyn.com>
Thanks, I'll add it to the caps-next tree so it can get some
testing until the next merge window.
>
> --
> paul-moore.com
prev parent reply other threads:[~2024-11-30 20:07 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-11-28 22:48 [v8] security: add trace event for cap_capable Jordan Rome
2024-11-30 2:57 ` Paul Moore
2024-11-30 20:07 ` Serge E. Hallyn [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241130200705.GA75312@mail.hallyn.com \
--to=serge@hallyn.com \
--cc=andrii@kernel.org \
--cc=kernel-team@fb.com \
--cc=linux-security-module@vger.kernel.org \
--cc=linux-trace-kernel@vger.kernel.org \
--cc=linux@jordanrome.com \
--cc=paul@paul-moore.com \
--cc=sergeh@kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=yonghong.song@linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).