lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <1592503804.4615.47.camel@linux.ibm.com>
Date:   Thu, 18 Jun 2020 14:10:04 -0400
From:   Mimi Zohar <zohar@...ux.ibm.com>
To:     Lakshmi Ramasubramanian <nramas@...ux.microsoft.com>,
        bauerman@...ux.ibm.com, nayna@...ux.ibm.com, sgrubb@...hat.com,
        paul@...l-moore.com
Cc:     rgb@...hat.com, linux-integrity@...r.kernel.org,
        linux-audit@...hat.com, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 2/2] integrity: Add errno field in audit message

On Thu, 2020-06-18 at 11:05 -0700, Lakshmi Ramasubramanian wrote:
> On 6/18/20 10:41 AM, Mimi Zohar wrote:
> 
> > 
> > For the reasons that I mentioned previously, unless others are willing
> > to add their Reviewed-by tag not for the audit aspect in particular,
> > but IMA itself, I'm not comfortable making this change all at once.
> > 
> > Previously I suggested making the existing integrity_audit_msg() a
> > wrapper for a new function with errno.  Steve said, "We normally do
> > not like to have fields that swing in and out ...", but said setting
> > errno to 0 is fine.  The original integrity_audit_msg() function would
> > call the new function with errno set to 0.
> 
> If the original integrity_audit_msg() always calls the new function with 
> errno set to 0, there would be audit messages where "res" field is set 
> to "0" (fail) because "result" was non-zero, but errno set to "0" 
> (success). Wouldn't this be confusing?
> 
> In PATCH 1/2 I've made changes to make the "result" parameter to 
> integrity_audit_msg() consistent - i.e., it is always an error code (0 
> for success and a negative value for error). Would that address your 
> concerns?

You're overloading "res" to imply errno.  Define a new parameter
specifically for errno.

Mimi

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ