kernel/debug/ files:
>>
>> Acked-by: Daniel Thompson
>>
>> Will you be putting this in an immutable branch once you've collected
>> enough acks?
>
> No, I expect Linus will either run the script
> or apply this patch one day.
Please coordinate and get something li
s.
Why is the double logging useful? It only tells you that the invocation
was via io_uring as the delivery mechanism rather than the usual system
call, but the effect is the same - the file is opened, for example.
I feel like I'm missing something here, or the other side is. Or both!
--
Jens A
On 5/25/21 8:04 PM, Paul Moore wrote:
> On Tue, May 25, 2021 at 9:11 PM Jens Axboe wrote:
>> On 5/24/21 1:59 PM, Paul Moore wrote:
>>> That said, audit is not for everyone, and we have build time and
>>> runtime options to help make life easier. Beyond simply disablin
On 5/26/21 11:15 AM, Jens Axboe wrote:
> On 5/25/21 8:04 PM, Paul Moore wrote:
>> On Tue, May 25, 2021 at 9:11 PM Jens Axboe wrote:
>>> On 5/24/21 1:59 PM, Paul Moore wrote:
>>>> That said, audit is not for everyone, and we have build time and
>>>>
On 5/26/21 11:31 AM, Jens Axboe wrote:
> On 5/26/21 11:15 AM, Jens Axboe wrote:
>> On 5/25/21 8:04 PM, Paul Moore wrote:
>>> On Tue, May 25, 2021 at 9:11 PM Jens Axboe wrote:
>>>> On 5/24/21 1:59 PM, Paul Moore wrote:
>>>>> That said, audi
On 5/26/21 11:54 AM, Jens Axboe wrote:
> On 5/26/21 11:31 AM, Jens Axboe wrote:
>> On 5/26/21 11:15 AM, Jens Axboe wrote:
>>> On 5/25/21 8:04 PM, Paul Moore wrote:
>>>> On Tue, May 25, 2021 at 9:11 PM Jens Axboe wrote:
>>>>> On 5/24/21 1:59
t logging a buffer registration or a polled read from a
device/file? I highly doubt it, and we don't do that for alternative
methods either. Doesn't really make sense for a lot of the other
operations, imho.
--
Jens Axboe
--
Linux-audit mailing list
Linux-audit@redhat.com
https://listman.redhat.com/mailman/listinfo/linux-audit
On 5/26/21 12:44 PM, Paul Moore wrote:
> On Wed, May 26, 2021 at 2:01 PM Jens Axboe wrote:
>> On 5/26/21 11:54 AM, Jens Axboe wrote:
>>> On 5/26/21 11:31 AM, Jens Axboe wrote:
>>>> On 5/26/21 11:15 AM, Jens Axboe wrote:
>>>>> On 5/25/21 8:04 PM, Paul
n't think
going the route of mutual exclusion in kconfig helps anyone, it'd
be counter productive to both sides.
Hope that works and helps move this forward. I'll be mostly out of touch
the next week and a half, but wanted to ensure that I sent out my
(brief) thoughts before going away.
--
Jens Axboe
--
Linux-audit mailing list
Linux-audit@redhat.com
https://listman.redhat.com/mailman/listinfo/linux-audit
SG_ZC operation should be subject to
> auditing just as SENDMSG.
As far as I can tell you're right, it's not audited further down.
I'll add a patch getting rid of that audit_skip for SENDMSG_ZC.
--
Jens Axboe
--
Linux-audit mailing list
Linux-audit@redhat.com
https://listman.redhat.com/mailman/listinfo/linux-audit
2-rc1 release when
> create_io_thread() was introduced. Prior to create_io_thread() it
> appears that io_uring/io-wq wasn't calling into copy_process() and
> thus was not getting an audit_context allocated in the kernel thread's
> task_struct; the solution for those original development drafts was to
> add a call to a new audit_alloc_kernel() which would handle the
> audit_context allocation. Unfortunately, I didn't notice the move to
> create_io_thread() during development and the redundant
> audit_alloc_kernel() calls remained :/
I agree with your analysis and suggested solution. Post the native io-wq
workers create_io_thread() -> copy_process() is always used for io-wq
(and sqpoll, for that matter).
--
Jens Axboe
--
Linux-audit mailing list
Linux-audit@redhat.com
https://listman.redhat.com/mailman/listinfo/linux-audit
fectively audit_alloc()) and overwrites @audit_context,
> causing:
>
> [...]
Applied, thanks!
[1/1] audit, io_uring, io-wq: Fix memory leak in io_sq_thread() and
io_wqe_worker()
commit: f482aa98652795846cc55da98ebe331eb74f3d0b
Best regards,
--
Jens Axboe
--
Linux-
the newer layout in
> io_uring/ introduced during this merge window.
>
> Jens, did you want to take this via the io_uring tree or should I take
> it via the audit tree? If the latter, an ACK would be appreciated, if
> the former my ACK is below.
>
> Acked-by: Paul Moore
Probably better if I take it, since I need to massage it into the
current tree anyway. We can then use this one as the base for the stable
backports that are going to be required.
--
Jens Axboe
--
Linux-audit mailing list
Linux-audit@redhat.com
https://listman.redhat.com/mailman/listinfo/linux-audit
not log IORING_OP_*GETXATTR
>
> io_uring/opdef.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
Look fine to me - we should probably add stable to both of them, just
to keep things consistent across releases. I can queue them up for 6.3.
--
Jens Axboe
--
Linux-aud
On 1/27/23 12:42 PM, Paul Moore wrote:
> On Fri, Jan 27, 2023 at 12:40 PM Jens Axboe wrote:
>> On 1/27/23 10:23 AM, Richard Guy Briggs wrote:
>>> A couple of updates to the iouring ops audit bypass selections suggested in
>>> consultation with Steve Grubb.
&g
On 1/27/23 3:53 PM, Paul Moore wrote:
> On Fri, Jan 27, 2023 at 5:46 PM Jens Axboe wrote:
>> On 1/27/23 3:38 PM, Paul Moore wrote:
>>> On Fri, Jan 27, 2023 at 2:43 PM Jens Axboe wrote:
>>>> On 1/27/23 12:42 PM, Paul Moore wrote:
>>>>> On Fr
On 1/27/23 3:38 PM, Paul Moore wrote:
> On Fri, Jan 27, 2023 at 2:43 PM Jens Axboe wrote:
>> On 1/27/23 12:42 PM, Paul Moore wrote:
>>> On Fri, Jan 27, 2023 at 12:40 PM Jens Axboe wrote:
>>>> On 1/27/23 10:23 AM, Richard Guy Briggs wrote:
>>>>> A coup
On 1/27/23 4:02 PM, Richard Guy Briggs wrote:
> On 2023-01-27 15:45, Jens Axboe wrote:
>> On 1/27/23 3:35?PM, Paul Moore wrote:
>>> On Fri, Jan 27, 2023 at 12:24 PM Richard Guy Briggs wrote:
>>>>
>>>> Since FADVISE can truncate files and MADVISE opera
the
> page cache, but that shouldn't actually modify the file ... right?
Yeah, honestly not sure where that came from. Maybe it's being mixed up
with fallocate? All fadvise (or madvise, for that matter) does is
provide hints on the caching or access pattern. On second thought, both
of these should be able to set audit_skip as far as I can tell.
--
Jens Axboe
--
Linux-audit mailing list
Linux-audit@redhat.com
https://listman.redhat.com/mailman/listinfo/linux-audit
g
>> isn't necessary - and you may be right - but based on our experience
>> so far with this patchset I would like to hear that you have properly
>> investigated all of the madvise code paths, and I would like that in
>> the commit description.
>
> I think you're being
commit: 2bd59885eb9c2094d118b4321d5f74e12e77ef0f
Best regards,
--
Jens Axboe
--
Linux-audit mailing list
Linux-audit@redhat.com
https://listman.redhat.com/mailman/listinfo/linux-audit
On 2/10/23 8:39?AM, Paul Moore wrote:
> On Thu, Feb 9, 2023 at 7:15 PM Jens Axboe wrote:
>> On 2/9/23 3:54?PM, Steve Grubb wrote:
>>> On Thursday, February 9, 2023 5:37:22 PM EST Paul Moore wrote:
>>>> On Thu, Feb 9, 2023 at 4:53 PM Richard Guy Briggs wrote:
>>
22 matches
Mail list logo
