lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAHC9VhRuvV9vjhmTM4eGJkWmpZmSkgVaoQ=L6g3cahej-F52tQ@mail.gmail.com>
Date:   Fri, 27 Jan 2023 17:38:06 -0500
From:   Paul Moore <paul@...l-moore.com>
To:     Jens Axboe <axboe@...nel.dk>
Cc:     Richard Guy Briggs <rgb@...hat.com>,
        Linux-Audit Mailing List <linux-audit@...hat.com>,
        LKML <linux-kernel@...r.kernel.org>, io-uring@...r.kernel.org,
        Eric Paris <eparis@...isplace.org>,
        Steve Grubb <sgrubb@...hat.com>, Stefan Roesch <shr@...com>,
        Christian Brauner <brauner@...nel.org>,
        Pavel Begunkov <asml.silence@...il.com>
Subject: Re: [PATCH v1 0/2] two suggested iouring op audit updates

On Fri, Jan 27, 2023 at 2:43 PM Jens Axboe <axboe@...nel.dk> wrote:
> On 1/27/23 12:42 PM, Paul Moore wrote:
> > On Fri, Jan 27, 2023 at 12:40 PM Jens Axboe <axboe@...nel.dk> wrote:
> >> On 1/27/23 10:23 AM, Richard Guy Briggs wrote:
> >>> A couple of updates to the iouring ops audit bypass selections suggested in
> >>> consultation with Steve Grubb.
> >>>
> >>> Richard Guy Briggs (2):
> >>>   io_uring,audit: audit IORING_OP_FADVISE but not IORING_OP_MADVISE
> >>>   io_uring,audit: do not log IORING_OP_*GETXATTR
> >>>
> >>>  io_uring/opdef.c | 4 +++-
> >>>  1 file changed, 3 insertions(+), 1 deletion(-)
> >>
> >> Look fine to me - we should probably add stable to both of them, just
> >> to keep things consistent across releases. I can queue them up for 6.3.
> >
> > Please hold off until I've had a chance to look them over ...
>
> I haven't taken anything yet, for things like this I always let it
> simmer until people have had a chance to do so.

Thanks.  FWIW, that sounds very reasonable to me, but I've seen lots
of different behaviors across subsystems and wanted to make sure we
were on the same page.

-- 
paul-moore.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ