lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 27 Aug 2020 18:06:34 +0100
From:   Alex Dewar <alex.dewar90@...il.com>
To:     Paul Moore <paul@...l-moore.com>
Cc:     Alex Dewar <alex.dewar90@...il.com>,
        "David S. Miller" <davem@...emloft.net>,
        Jakub Kicinski <kuba@...nel.org>, netdev@...r.kernel.org,
        linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH RFC] netlabel: remove unused param from audit_log_format()

On Thu, Aug 27, 2020 at 01:00:58PM -0400, Paul Moore wrote:
> On Thu, Aug 27, 2020 at 12:39 PM Alex Dewar <alex.dewar90@...il.com> wrote:
> >
> > Commit d3b990b7f327 ("netlabel: fix problems with mapping removal")
> > added a check to return an error if ret_val != 0, before ret_val is
> > later used in a log message. Now it will unconditionally print "...
> > res=0". So don't print res anymore.
> >
> > Addresses-Coverity: ("Dead code")
> > Fixes: d3b990b7f327 ("netlabel: fix problems with mapping removal")
> > Signed-off-by: Alex Dewar <alex.dewar90@...il.com>
> > ---
> >
> > I wasn't sure whether it was intended that something other than ret_val
> > be printed in the log, so that's why I'm sending this as an RFC.
> 
> It's intentional for a couple of reasons:
> 
> * The people who care about audit logs like to see success/fail (e.g.
> "res=X") for audit events/records, so printing this out gives them the
> warm fuzzies.
> 
> * For a lot of awful reasons that I won't bore you with, we really
> don't want to add/remove fields in the middle of an audit record so we
> pretty much need to keep the "res=0" there even if it seems a bit
> redundant.
> 
> So NACK from me, but thanks for paying attention just the same :)

Would you rather just have an explicit "res=0" in there, without looking
at ret_val? The thing is that ret_val will *always* be zero at this point in
the code, because, if not, the function will already have returned.
That's why Coverity flagged it up as a redundant check.

> 
> >  net/netlabel/netlabel_domainhash.c | 5 ++---
> >  1 file changed, 2 insertions(+), 3 deletions(-)
> >
> > diff --git a/net/netlabel/netlabel_domainhash.c b/net/netlabel/netlabel_domainhash.c
> > index f73a8382c275..526762b2f3a9 100644
> > --- a/net/netlabel/netlabel_domainhash.c
> > +++ b/net/netlabel/netlabel_domainhash.c
> > @@ -612,9 +612,8 @@ int netlbl_domhsh_remove_entry(struct netlbl_dom_map *entry,
> >         audit_buf = netlbl_audit_start_common(AUDIT_MAC_MAP_DEL, audit_info);
> >         if (audit_buf != NULL) {
> >                 audit_log_format(audit_buf,
> > -                                " nlbl_domain=%s res=%u",
> > -                                entry->domain ? entry->domain : "(default)",
> > -                                ret_val == 0 ? 1 : 0);
> > +                                " nlbl_domain=%s",
> > +                                entry->domain ? entry->domain : "(default)");
> >                 audit_log_end(audit_buf);
> >         }
> >
> 
> -- 
> paul moore
> www.paul-moore.com

Powered by blists - more mailing lists