lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAHC9VhS0ht0wWtruDjVvOsy_1LOCswF0kjmd9u8XZXm00jHvOw@mail.gmail.com>
Date:   Tue, 26 Apr 2022 14:15:23 -0400
From:   Paul Moore <paul@...l-moore.com>
To:     John Johansen <john.johansen@...onical.com>
Cc:     Casey Schaufler <casey@...aufler-ca.com>,
        casey.schaufler@...el.com, jmorris@...ei.org,
        linux-security-module@...r.kernel.org, selinux@...r.kernel.org,
        linux-audit@...hat.com, keescook@...omium.org,
        penguin-kernel@...ove.sakura.ne.jp, stephen.smalley.work@...il.com,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH v35 26/29] Audit: Add record for multiple task security contexts

On Mon, Apr 25, 2022 at 9:08 PM John Johansen
<john.johansen@...onical.com> wrote:
> On 4/18/22 07:59, Casey Schaufler wrote:
> > Create a new audit record AUDIT_MAC_TASK_CONTEXTS.
> > An example of the MAC_TASK_CONTEXTS (1420) record is:
> >
> >     type=MAC_TASK_CONTEXTS[1420]
> >     msg=audit(1600880931.832:113)
> >     subj_apparmor=unconfined
> >     subj_smack=_
> >
> > When an audit event includes a AUDIT_MAC_TASK_CONTEXTS record
> > the "subj=" field in other records in the event will be "subj=?".
> > An AUDIT_MAC_TASK_CONTEXTS record is supplied when the system has
> > multiple security modules that may make access decisions based
> > on a subject security context.
> >
> > Functions are created to manage the skb list in the audit_buffer.
> >
> > Signed-off-by: Casey Schaufler <casey@...aufler-ca.com>
>
> Besides moving the aux fns, and the whining below
> Reviewed-by: John Johansen <john.johansen@...onical.com>

...

> > diff --git a/kernel/audit.c b/kernel/audit.c
> > index 4d44c05053b0..8ed2d717c217 100644
> > --- a/kernel/audit.c
> > +++ b/kernel/audit.c
> > @@ -2185,16 +2238,44 @@ int audit_log_task_context(struct audit_buffer *ab)
> >       if (!lsmblob_is_set(&blob))
> >               return 0;
> >
> > -     error = security_secid_to_secctx(&blob, &context, LSMBLOB_FIRST);
> > +     if (!lsm_multiple_contexts()) {
> > +             error = security_secid_to_secctx(&blob, &context,
> > +                                              LSMBLOB_FIRST);
> > +             if (error) {
> > +                     if (error != -EINVAL)
> > +                             goto error_path;
> > +                     return 0;
> > +             }
> >
> > -     if (error) {
> > -             if (error != -EINVAL)
> > +             audit_log_format(ab, " subj=%s", context.context);
> > +             security_release_secctx(&context);
> > +     } else {
> > +             /* Multiple LSMs provide contexts. Include an aux record. */
> > +             audit_log_format(ab, " subj=?");
>
> just me whining, you sure we can't just drop subj= here

Have I recently given you my "the audit code is crap" speech? ;)

I more or less answered this with my comments on the earlier patch,
but we need to keep this around for compatibility.  It will get better
in the future.

-- 
paul-moore.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ