lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <1741385035-22090-1-git-send-email-jasjivsingh@linux.microsoft.com>
Date: Fri,  7 Mar 2025 14:03:54 -0800
From: Jasjiv Singh <jasjivsingh@...ux.microsoft.com>
To: corbet@....net,
	jmorris@...ei.org,
	serge@...lyn.com,
	eparis@...hat.com,
	paul@...l-moore.com
Cc: linux-doc@...r.kernel.org,
	linux-security-module@...r.kernel.org,
	audit@...r.kernel.org,
	linux-kernel@...r.kernel.org,
	Jasjiv Singh <jasjivsingh@...ux.microsoft.com>
Subject: [PATCH v4 0/1] ipe: add errno field to IPE policy load auditing

Hello,

When deployment of a new IPE policy fails, there is no audit trail.
The failure is written to stderr, but not to the system log. So,
users of IPE require a way to identify when and why an operation fails,
allowing them to both respond to violations of policy and be notified
of potentially malicious actions on their systems with respect to IPE.

Previous Postings
-----------------
v3: https://lore.kernel.org/linux-security-module/1740784265-19829-1-git-send-email-jasjivsingh@linux.microsoft.com/
v2: https://lore.kernel.org/linux-security-module/1740696377-3986-1-git-send-email-jasjivsingh@linux.microsoft.com/
v1: https://lore.kernel.org/linux-security-module/1739569319-22015-1-git-send-email-jasjivsingh@linux.microsoft.com/

Changelog
---------

v4:
* added a seperate errno table to IPE AUDIT_IPE_POLICY_LOAD documentation.
* fixed error code handling that happens when memdup_user_nul is called
  in new_policy() and update_policy().
* added additional errno documentation to new_policy(), update_policy(),
  ipe_new_policy() and ipe_update_policy().
* added ENOKEY and EKEYREJECTED to IPE errno table documentation.

v3:
* used ERR_PTR(rc) directly rather than assigning to struct ipe_policy.
* removed unnecessary var from update_policy().
* removed unnecessary error handling from update_policy().

v2:
* added additional IPE audit log information to commit to show the errno case.
* changed log format from AUDIT_POLICY_LOAD_NULL_FMT to
  AUDIT_POLICY_LOAD_FAIL_FMT.
* removed unnecessary res var from ipe_audit_policy_load().
* handled security fs failure case in new_policy() and update_policy().
* handled insufficent failure case in new_policy() and update_policy().

Jasjiv Singh (1):
  ipe: add errno field to IPE policy load auditing

 Documentation/admin-guide/LSM/ipe.rst | 69 +++++++++++++++++++--------
 security/ipe/audit.c                  | 21 ++++++--
 security/ipe/fs.c                     | 19 ++++++--
 security/ipe/policy.c                 | 11 ++++-
 security/ipe/policy_fs.c              | 29 ++++++++---
 5 files changed, 111 insertions(+), 38 deletions(-)

-- 
2.34.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ