lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <1343301673-10642-1-git-send-email-jlayton@redhat.com>
Date:	Thu, 26 Jul 2012 07:21:04 -0400
From:	Jeff Layton <jlayton@...hat.com>
To:	eparis@...hat.com, viro@...iv.linux.org.uk
Cc:	linux-audit@...hat.com, linux-fsdevel@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: [PATCH v5 0/9] audit: overhaul audit_names handling to allow for retrying on path-based syscalls

This patchset is a minor respin of the series that I posted June 26th.
The main reason is to deal with some fairly minor merge conflicts that
have cropped up due to recent changes. This patch also relies on the
patch that I sent separately yesterday entitled "vfs: don't let do_last
pass negative dentry to audit_inode".

This series is available via the "audit" branch of my git tree as well:

    git://git.samba.org/jlayton/linux.git audit

The original cover letter text follows:

I recently posted a set of patches to have the kernel retry the lookup
and call when path-based syscalls would ordinarily return ESTALE. Al
took a look and pointed out that this would break the fragile logic that
handles the audit_names for syscall auditing.

This patchset comprises a number of incremental changes that should make
it ok to retry on a path-based syscall. The main caveat is that the retry
mustn't redo the getname() on the strings involved.

Unfortunately, we don't have anything that really describes what the
correct behavior is for this stuff, so I'm shooting here for "no
discernable difference" on a retry.

This seems to do the right thing in the cases that I've tested; mostly
the normal case where things succeed or fail for some reason and where
the syscall is retried after an ESTALE error.

Review is of course appreciated. There are some fixes in here too for
some subtle bugs in the existing code. Some of these patches may also
help performance in some cases, but I haven't measured it for that.

I'd like to see this patchset go into 3.6 if at all possible.

Eric Paris (1):
  audit: make audit_compare_dname_path use parent_len helper

Jeff Layton (8):
  audit: remove unnecessary NULL ptr checks from do_path_lookup
  audit: pass in dentry to audit_copy_inode wherever possible
  audit: reverse arguments to audit_inode_child
  audit: add a new "type" field to audit_names struct
  audit: set the name_len in audit_inode for parent lookups
  audit: remove dirlen argument to audit_compare_dname_path
  audit: optimize audit_compare_dname_path
  audit: overhaul __audit_inode_child to accomodate retrying

 fs/btrfs/ioctl.c         |   2 +-
 fs/namei.c               |  22 ++++-----
 fs/open.c                |   4 +-
 fs/xattr.c               |   8 ++--
 include/linux/audit.h    |  36 ++++++++++-----
 include/linux/fsnotify.h |   8 ++--
 ipc/mqueue.c             |   8 ++--
 kernel/audit.h           |   7 ++-
 kernel/audit_watch.c     |   3 +-
 kernel/auditfilter.c     |  65 +++++++++++++++++----------
 kernel/auditsc.c         | 115 ++++++++++++++++++++++++++++-------------------
 11 files changed, 166 insertions(+), 112 deletions(-)

-- 
1.7.11.2

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ