Re: [PATCH 2/2] XXX: printks to see whats going on

Mon, 18 Nov 2013 13:08:44 -0800 

On Mon, Nov 18, 2013 at 12:09 PM, William Roberts
<bill.c.robe...@gmail.com> wrote:
> On Mon, Nov 18, 2013 at 12:06 PM, William Roberts
> <bill.c.robe...@gmail.com> wrote:
>> Change-Id: I795b14db029f64da2112a50a4b175b9b0afdf44d
>> ---
>>  kernel/auditsc.c |    4 ++++
>>  1 file changed, 4 insertions(+)
>>
>> diff --git a/kernel/auditsc.c b/kernel/auditsc.c
>> index d917c76..4a45f63 100644
>> --- a/kernel/auditsc.c
>> +++ b/kernel/auditsc.c
>> @@ -270,6 +270,7 @@ struct audit_context {
>>                 } mmap;
>>         };
>>         int fds[2];
>> +       char *cmdline;
>>
>>  #if AUDIT_DEBUG
>>         int                 put_count;
>> @@ -1061,6 +1062,7 @@ static inline struct audit_context 
>> *audit_alloc_context(enum audit_state state)
>>         audit_zero_context(context, state);
>>         INIT_LIST_HEAD(&context->killed_trees);
>>         INIT_LIST_HEAD(&context->names_list);
>> +       printk("BILL cmdline: %p---%p", context, context->cmdline);
>>         return context;
>>  }
>>
>> @@ -1157,6 +1159,7 @@ static void audit_log_add_cmdline(struct audit_buffer 
>> *ab,
>>  {
>>         int len;
>>         unsigned long page;
>> +       struct audit_context *audit_ctx = tsk->audit_context;
>>         char *msg = "(null)";
>>
>>         audit_log_format(ab, " cmdline=");
>> @@ -1181,6 +1184,7 @@ static void audit_log_add_cmdline(struct audit_buffer 
>> *ab,
>>         msg = (char *)page;
>>         audit_log_untrustedstring(ab, msg);
>>         free_page(page);
>> +       printk("BILL cmdline-use: %p", audit_ctx);
>>  }
>>
>>  EXPORT_SYMBOL(audit_log_task_context);
>> --
>> 1.7.9.5
>>
>
> Working on the version that caches, applying this patch, you can see
> that the audit_ctx is not initialized yet for caching... so do we
> perhaps print the cmdline elsewhere in the flow the results in this
> struct being initialized, or re-work the initialization?

Looks like I could do it in here:
__audit_syscall_exit()

 but then the cmdline info won't be in the same place... and I don't
want to just scatter stuff all around. Cacheing when the process is
created is too early in its life
to get the value post setproctitle(). This is where I could see adding
an explicit value and setter/getter via prctl would be of value, and
we have a defined
interface that we can use for marking the cache dirty.

-- 
Respectfully,

William C Roberts

--
This message was distributed to subscribers of the seandroid-list mailing list.
If you no longer wish to subscribe, send mail to majord...@tycho.nsa.gov with
the words "unsubscribe seandroid-list" without quotes as the message.

Reply via email to