On Thu, Aug 10, 2017 at 9:33 PM, Tyler Hicks <tyhi...@canonical.com> wrote:
> +static int seccomp_actions_logged_handler(struct ctl_table *ro_table, int
> write,
> + void __user *buffer, size_t *lenp,
> + loff_t *ppos)
> +{
> + char names[sizeof(seccomp_actions_avail)];
> + struct ctl_table table;
> + int ret;
> +
> + if (write && !capable(CAP_SYS_ADMIN))
> + return -EPERM;
> +
> + memset(names, 0, sizeof(names));
> +
> + if (!write) {
> + if (!seccomp_names_from_actions_logged(names, sizeof(names),
> +
> seccomp_actions_logged))
> + return -EINVAL;
> + }
> +
> + table = *ro_table;
> + table.data = names;
> + table.maxlen = sizeof(names);
> + ret = proc_dostring(&table, write, buffer, lenp, ppos);
> + if (ret)
> + return ret;
> +
> + if (write) {
> + u32 actions_logged;
> +
> + if (!seccomp_actions_logged_from_names(&actions_logged,
> + table.data))
> + return -EINVAL;
> +
> + if (actions_logged & SECCOMP_LOG_ALLOW)
> + return -EINVAL;
> +
> + seccomp_actions_logged = actions_logged;
> + }
> +
> + return 0;
> +}
One thought here: should "kill" be always forced on during a write?
This flag effectively cannot be disabled, so listing it (or not) in
the sysctl may be confusing...
-Kees
--
Kees Cook
Pixel Security
--
Linux-audit mailing list
Linux-audit@redhat.com
https://www.redhat.com/mailman/listinfo/linux-audit
