lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Mon, 21 Dec 2020 12:57:12 -0500
From:   Richard Guy Briggs <rgb@...hat.com>
To:     Paul Moore <paul@...l-moore.com>
Cc:     Linux Containers List <containers@...ts.linux-foundation.org>,
        Linux API <linux-api@...r.kernel.org>,
        Linux-Audit Mailing List <linux-audit@...hat.com>,
        Linux FSdevel <linux-fsdevel@...r.kernel.org>,
        LKML <linux-kernel@...r.kernel.org>,
        Linux NetDev Upstream Mailing List <netdev@...r.kernel.org>,
        Netfilter Devel List <netfilter-devel@...r.kernel.org>,
        Jens Axboe <axboe@...nel.dk>,
        Neil Horman <nhorman@...driver.com>,
        David Howells <dhowells@...hat.com>,
        "Eric W. Biederman" <ebiederm@...ssion.com>,
        Simo Sorce <simo@...hat.com>,
        Eric Paris <eparis@...isplace.org>,
        Christian Brauner <christian.brauner@...ntu.com>,
        mpatel@...hat.com, Serge Hallyn <serge@...lyn.com>
Subject: Re: [PATCH ghak90 v10 01/11] audit: collect audit task parameters

On 2020-12-21 12:14, Paul Moore wrote:
> On Mon, Dec 21, 2020 at 11:57 AM Richard Guy Briggs <rgb@...hat.com> wrote:
> >
> > The audit-related parameters in struct task_struct should ideally be
> > collected together and accessed through a standard audit API and the audit
> > structures made opaque to other kernel subsystems.
> >
> > Collect the existing loginuid, sessionid and audit_context together in a
> > new opaque struct audit_task_info called "audit" in struct task_struct.
> >
> > Use kmem_cache to manage this pool of memory.
> > Un-inline audit_free() to be able to always recover that memory.
> >
> > Please see the upstream github issues
> > https://github.com/linux-audit/audit-kernel/issues/81
> > https://github.com/linux-audit/audit-kernel/issues/90
> >
> > Signed-off-by: Richard Guy Briggs <rgb@...hat.com>
> > Acked-by: Neil Horman <nhorman@...driver.com>
> > Reviewed-by: Ondrej Mosnacek <omosnace@...hat.com>
> 
> Did Neil and Ondrej really ACK/Review the changes that you made here
> in v10 or are you just carrying over the ACK/Review?  I'm hopeful it
> is the former, because I'm going to be a little upset if it is the
> latter.

It is the latter, sorry.  So, this needs to be reposted without their
ACK/Review lines.

> > ---
> >  fs/io-wq.c            |   8 +--
> >  fs/io_uring.c         |  16 ++---
> >  include/linux/audit.h |  49 +++++---------
> >  include/linux/sched.h |   7 +-
> >  init/init_task.c      |   3 +-
> >  init/main.c           |   2 +
> >  kernel/audit.c        | 154 +++++++++++++++++++++++++++++++++++++++++-
> >  kernel/audit.h        |   7 ++
> >  kernel/auditsc.c      |  24 ++++---
> >  kernel/fork.c         |   1 -
> >  10 files changed, 205 insertions(+), 66 deletions(-)
> 
> -- 
> paul moore
> www.paul-moore.com
> 

- RGB

--
Richard Guy Briggs <rgb@...hat.com>
Sr. S/W Engineer, Kernel Security, Base Operating Systems
Remote, Ottawa, Red Hat Canada
IRC: rgb, SunRaycer
Voice: +1.647.777.2635, Internal: (81) 32635

Powered by blists - more mailing lists