Thanks Peter, this looks like a great start.
> Perhaps the two of you could work together to come up with a common
tracepoint that addresses both needs.
Agreed.
> 1 Filtering. Types goes to trace so we can put up a filter for contexts or
> type etc.
That's right. I think this is the main
On 7/30/20 9:29 PM, Steven Rostedt wrote:
> On Thu, 30 Jul 2020 21:12:39 +0200
> peter enderborg wrote:
>
avc: denied { find } for interface=vendor.qti.hardware.perf::IPerf
sid=u:r:permissioncontroller_app:s0:c230,c256,c512,c768 pid=9164
On Thu, 30 Jul 2020 21:12:39 +0200
peter enderborg wrote:
> >> avc: denied { find } for interface=vendor.qti.hardware.perf::IPerf
> >> sid=u:r:permissioncontroller_app:s0:c230,c256,c512,c768 pid=9164
> >> scontext=u:r:permissioncontroller_app:s0:c230,c256,c512,c768
> >>
On 7/30/20 7:16 PM, Steven Rostedt wrote:
> On Thu, 30 Jul 2020 19:05:49 +0200
> peter enderborg wrote:
>
It should be a full structure with a lot of sub strings. But that make is
even more relevant.
>>> So one event instance can have a list of strings recorded?
>> Yes, it is a
On Thu, 30 Jul 2020 19:05:49 +0200
peter enderborg wrote:
> >> It should be a full structure with a lot of sub strings. But that make is
> >> even more relevant.
> > So one event instance can have a list of strings recorded?
>
> Yes, it is a list very similar to a normal trace. But it is
On 7/30/20 6:02 PM, Steven Rostedt wrote:
> On Thu, 30 Jul 2020 17:31:17 +0200
> peter enderborg wrote:
>
>> On 7/30/20 5:04 PM, Steven Rostedt wrote:
>>> On Thu, 30 Jul 2020 16:29:12 +0200
>>> peter enderborg wrote:
>>>
+#undef TRACE_SYSTEM
+#define TRACE_SYSTEM avc
+
+#if
On Thu, 30 Jul 2020 17:31:17 +0200
peter enderborg wrote:
> On 7/30/20 5:04 PM, Steven Rostedt wrote:
> > On Thu, 30 Jul 2020 16:29:12 +0200
> > peter enderborg wrote:
> >
> >> +#undef TRACE_SYSTEM
> >> +#define TRACE_SYSTEM avc
> >> +
> >> +#if !defined(_TRACE_AVC_H) ||
On 7/30/20 4:50 PM, Stephen Smalley wrote:
> On Thu, Jul 30, 2020 at 10:29 AM peter enderborg
> wrote:
>> I did manage to rebase it but this is about my approach.
>>
>> Compared to Thiébaud Weksteen patch this adds:
>>
>> 1 Filtering. Types goes to trace so we can put up a filter for contexts or
On 7/30/20 5:04 PM, Steven Rostedt wrote:
> On Thu, 30 Jul 2020 16:29:12 +0200
> peter enderborg wrote:
>
>> +#undef TRACE_SYSTEM
>> +#define TRACE_SYSTEM avc
>> +
>> +#if !defined(_TRACE_AVC_H) || defined(TRACE_HEADER_MULTI_READ)
>> +#define _TRACE_AVC_H
>> +
>> +#include
>>
On Thu, 30 Jul 2020 16:29:12 +0200
peter enderborg wrote:
> +#undef TRACE_SYSTEM
> +#define TRACE_SYSTEM avc
> +
> +#if !defined(_TRACE_AVC_H) || defined(TRACE_HEADER_MULTI_READ)
> +#define _TRACE_AVC_H
> +
> +#include
> +TRACE_EVENT(avc_data,
> + TP_PROTO(u32 requested,
> +
On Thu, Jul 30, 2020 at 10:29 AM peter enderborg
wrote:
>
> I did manage to rebase it but this is about my approach.
>
> Compared to Thiébaud Weksteen patch this adds:
>
> 1 Filtering. Types goes to trace so we can put up a filter for contexts or
> type etc.
>
> 2 It tries also to cover non
is not right)
and there are memory leaks, extra debug info and nonsense variable etc.
From: Peter Enderborg
Date: Thu, 30 Jul 2020 14:44:53 +0200
Subject: [PATCH] RFC: selinux avc trace
This is not done yet. But it shows a trace for selinux avc.
---
include/trace/events/avc.h | 92
12 matches
Mail list logo