From: Paul Moore <pmoore@redhat.com>
To: Richard Guy Briggs <rgb@redhat.com>
Cc: linux-audit@redhat.com, linux-kernel@vger.kernel.org,
Eric Paris <eparis@redhat.com>, Al Viro <aviro@redhat.com>,
Will Drewry <wad@chromium.org>, "H. Peter Anvin" <hpa@zytor.com>
Subject: Re: [PATCH 1/3] [RFC] audit: add AUDIT_ARCH_X86_X32 arch definition
Date: Fri, 11 Jul 2014 12:15:46 -0400 [thread overview]
Message-ID: <36980406.O4hutv41J6@sifl> (raw)
In-Reply-To: <b6655cee4250a69330ecbc6657a4df0d52ebd7da.1405023592.git.rgb@redhat.com>
On Thursday, July 10, 2014 11:38:12 PM Richard Guy Briggs wrote:
> Add a definition for 32-bit native system calls under 64-bit x86
> architectures. This is distict from 32-bit emulation under 64-bit x86
> architectures.
>
> Cc: Paul Moore <pmoore@redhat.com>
> Cc: Eric Paris <eparis@redhat.com>
> Cc: Al Viro <aviro@redhat.com>
> Cc: Will Drewry <wad@chromium.org>
> Cc: H. Peter Anvin <hpa@zytor.com>
> Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
> ---
> include/uapi/linux/audit.h | 1 +
> 1 files changed, 1 insertions(+), 0 deletions(-)
>
> diff --git a/include/uapi/linux/audit.h b/include/uapi/linux/audit.h
> index e15d6fc..4f5607f 100644
> --- a/include/uapi/linux/audit.h
> +++ b/include/uapi/linux/audit.h
> @@ -374,6 +374,7 @@ enum {
> #define AUDIT_ARCH_SPARC (EM_SPARC)
> #define AUDIT_ARCH_SPARC64 (EM_SPARCV9|__AUDIT_ARCH_64BIT)
> #define AUDIT_ARCH_X86_64 (EM_X86_64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
> +#define AUDIT_ARCH_X86_X32 (EM_X86_64|__AUDIT_ARCH_LE)
>
> #define AUDIT_PERM_EXEC 1
> #define AUDIT_PERM_WRITE 2
While I'm opposed to the other patches in this series (comments to follow), I
think this is a worthwhile addition and arguably should have been done when
x32 was merged.
That said, this change should probably be included in whatever patch first
makes use of this new value as this patch does nothing by itself.
--
paul moore
security and virtualization @ redhat
next prev parent reply other threads:[~2014-07-11 16:15 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-07-11 3:38 [PATCH 0/3] [RFC] X32: fix syscall_get_nr while not breaking seccomp BPF Richard Guy Briggs
2014-07-11 3:38 ` [PATCH 1/3] [RFC] audit: add AUDIT_ARCH_X86_X32 arch definition Richard Guy Briggs
2014-07-11 16:15 ` Paul Moore [this message]
2014-07-11 3:38 ` [PATCH 2/3] [RFC] seccomp: give BPF x32 bit when restoring x32 filter Richard Guy Briggs
2014-07-11 4:06 ` H. Peter Anvin
2014-07-11 16:11 ` Paul Moore
2014-07-11 16:13 ` H. Peter Anvin
2014-07-11 16:16 ` Eric Paris
2014-07-11 16:21 ` Paul Moore
2014-07-11 16:23 ` Eric Paris
2014-07-11 16:30 ` H. Peter Anvin
2014-07-11 16:32 ` Paul Moore
2014-07-11 18:31 ` Eric Paris
2014-07-11 19:36 ` Paul Moore
2014-07-11 22:48 ` Kees Cook
2014-07-11 22:52 ` Kees Cook
2014-07-11 22:55 ` H. Peter Anvin
2014-07-11 23:02 ` Kees Cook
2014-07-11 23:12 ` Andy Lutomirski
2014-07-11 16:36 ` Paul Moore
2014-07-11 16:44 ` H. Peter Anvin
2014-07-11 3:38 ` [PATCH 3/3] [RFC] Revert "x86: remove the x32 syscall bitmask from syscall_get_nr()" Richard Guy Briggs
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=36980406.O4hutv41J6@sifl \
--to=pmoore@redhat.com \
--cc=aviro@redhat.com \
--cc=eparis@redhat.com \
--cc=hpa@zytor.com \
--cc=linux-audit@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=rgb@redhat.com \
--cc=wad@chromium.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox