On Wed, 2013-11-06 at 17:27 +1100, Stephen Rothwell wrote:
> Hi Eric,
>
> After merging the audit tree, today's linux-next build (x86_64
> allmodconfig) failed like this:
>
> kernel/auditsc.c: In function 'audit_set_loginuid':
> kernel/auditsc.c:2003:15: error: incompatible types when assigning
On Thu, 2013-11-07 at 10:39 -0800, Kees Cook wrote:
> On Thu, Nov 7, 2013 at 10:16 AM, Andy Lutomirski wrote:
> > On Thu, Nov 7, 2013 at 9:47 AM, Kees Cook wrote:
> >> Make sure that seccomp filter won't be built when ARM OABI is in use,
> >> since there is work needed to distinguish calling
On Fri, Nov 22, 2013 at 10:33 AM, Jiri Kosina wrote:
> On Fri, 22 Nov 2013, Geert Uytterhoeven wrote:
>
>> >> Only arm, i386, ppc, ppc64, sh, and x86_64 support zImage.
>> >> It's not clear to me what alpha supports (if it supports anything at
>> >> all?).
>> >
>> > Motiviation behind this
6e4664525b1db28f8c4e1130957f70a94c19213e:
Linux 3.11 (2013-09-02 13:46:10 -0700)
are available in the git repository at:
git://git.infradead.org/users/eparis/audit.git master
for you to fetch changes up to 9175c9d2aed528800175ef81c90569d00d23f9be:
audit: fix type of sessionid in audit_set_loginuid()
I know we talked about this patch, and it seemed like a good idea at the
time, but honestly, these races are so rare, it isn't worth the code
complexity. I tried to simplify the readability of your code and got
something better, but still the loop is needless...
Just log the messages on any
On Fri, 2013-12-13 at 09:36 -0500, Paul Moore wrote:
> On Fri, Dec 13, 2013 at 9:02 AM, Josh Boyer wrote:
> > Should probably figure out which path to take on this one soon:
> >
> > http://thread.gmane.org/gmane.linux.kernel/1611662
> >
> > A revert might be the easiest for now.
>
> Yeah, I
On Fri, 2013-03-15 at 11:45 -0700, Kees Cook wrote:
> On Fri, Mar 15, 2013 at 11:28 AM, Nicolas Schichan
> wrote:
> > diff --git a/include/linux/seccomp.h b/include/linux/seccomp.h
> > index 6f19cfd..af27494 100644
> > --- a/include/linux/seccomp.h
> > +++ b/include/linux/seccomp.h
> > @@ -6,6
task tries to
violate the nproc limit. (note that kthreads count against root, so on
a sufficiently large machine we can actually get past the default limits
before any userspace tasks are launched.)
Signed-off-by: Eric Paris
---
kernel/fork.c | 4 ++--
1 file changed, 2 insertions(+), 2
On Wed, 2013-05-15 at 13:20 +1000, Stephen Rothwell wrote:
> Hi ,
>
> After merging the final tree, today's linux-next build (i386 defconfig)
> produced this warning:
>
> kernel/auditfilter.c: In function 'audit_data_to_entry':
> kernel/auditfilter.c:426:3: warning: this decimal constant is
On Fri, 2013-05-17 at 10:47 +0530, Viresh Kumar wrote:
> On Wed, May 15, 2013 at 7:02 PM, Eric Paris wrote:
> > On Wed, 2013-05-15 at 13:20 +1000, Stephen Rothwell wrote:
> >> Hi ,
> >>
> >> After merging the final tree, today's linux-next build (i386 d
I picked it up for 3.10. Sorry, should have said something. Thanks!
-Eric
- Original Message -
> On Mon, 1 Apr 2013 11:00:00 +0400, Dmitry Monakhov
> wrote:
> Ping. Patch (https://lkml.org/lkml/2013/4/1/65) was not a 1'st April's joke.
> Add CC:linux-au...@redhat.com
> > filename
What kernel are these patches against?
On Tue, 2013-05-07 at 10:20 +0800, Gao feng wrote:
> This patchset try to add namespace support for audit.
>
> I choose to assign audit to the user namespace.
> Right now,there are six kinds of namespaces, such as
> net, mount, ipc, pid, uts and user. the
On Thu, 2013-05-09 at 09:29 -0400, Steve Grubb wrote:
> On Tuesday, April 16, 2013 03:38:23 PM Richard Guy Briggs wrote:
> > On Tue, Apr 09, 2013 at 02:39:32AM -0700, Eric W. Biederman wrote:
> > > Andrew Morton writes:
> > > > On Wed, 20 Mar 2013 15:18:17 -0400 Richard Guy Briggs
> wrote:
> >
ired).
>
> BTW, commit b24a30a73054 from Linus' tree has Eric Paris as Author and
> Committer, but is only Signed-off-by Kees Cook. It is part of a long
> series that did not go anywhere near linus-next. I do have an audit
> tree in linux-next
> (git://git.kernel.org/pub/scm/lin
-Original Message-
From: Kees Cook [keesc...@chromium.org]
Received: Monday, 13 May 2013, 12:49am
To: Eric Paris [epa...@redhat.com]
CC: Stephen Rothwell [s...@canb.auug.org.au]; Andrew Morton
[a...@linux-foundation.org]; Linus [torva...@linux-foundation.org]; Linux-Next
[linux-n
-Original Message-
From: Kees Cook [keesc...@chromium.org]
Received: Monday, 13 May 2013, 12:49am
To: Eric Paris [epa...@redhat.com]
CC: Stephen Rothwell [s...@canb.auug.org.au]; Andrew Morton
[a...@linux-foundation.org]; Linus [torva...@linux-foundation.org]; Linux-Next
[linux-n
Fine Fine, I'll get off my lazy butt and look at this.
On Wed, 2013-02-27 at 10:14 -0800, Kees Cook wrote:
> On Wed, Feb 27, 2013 at 10:01 AM, Josh Boyer wrote:
> > On Wed, Feb 27, 2013 at 09:54:27AM -0800, Kees Cook wrote:
> >> On Fri, Feb 22, 2013 at 01:18:57PM -0500, Josh Boyer wrote:
> >> >
On Thu, Feb 28, 2013 at 4:35 PM, Vivek Goyal wrote:
> On Thu, Feb 28, 2013 at 02:23:39PM -0500, Mimi Zohar wrote:
I think just a second for both of you to step back and see a slightly
larger picture/problem might help.
This is a weird case where Vivek does not trust root to make the
policy
SELinux has no maximum :-(
Realistically there are a couple of interfaces that limit things to
4k, but labels on files on disk could be even larger than that!
255 will fit most every label, but not necessarily all of them.
I know ext4 on Fedora allocates inodes which left about 255 bytes for
I think that is what he was suggesting. It reuses the integrity code
but it loses the integrity flexibility. I don't think it is a good
solution :-(
On Mon, Mar 4, 2013 at 1:59 PM, Mimi Zohar wrote:
> On Mon, 2013-03-04 at 10:29 -0500, Vivek Goyal wrote:
> [...]
>
>> Hi Mimi,
>>
>> If we
- Original Message -
> On 2013年04月11日 05:19, Eric Paris wrote:
> > - Original Message -
> >
> >> > b. has an new issue for AUDIT_DIR:
> >> >after AUDIT_DIR succeed, it will set rule->tree.
> >> >nex
#include
> #include ***
> #include
> #ifdef CONFIG_SECURITY
> #include
> #endif
> #include ***
> #include
> #include
> #include
>
> net/netlink.h is included twice, and linux/netlink.h is not included by this
> file.
>
> -Original Message--
On Wed, Mar 27, 2013 at 12:49 PM, Hong Zhiguo wrote:
> Signed-off-by: Hong Zhiguo
> ---
> kernel/audit.c | 10 +-
> 1 file changed, 5 insertions(+), 5 deletions(-)
>
> diff --git a/kernel/audit.c b/kernel/audit.c
> index d596e53..4dbb047 100644
> --- a/kernel/audit.c
> +++
On Mon, 2014-02-10 at 11:01 -0800, Andy Lutomirski wrote:
> On Mon, Feb 10, 2014 at 9:29 AM, Andy Lutomirski wrote:
> > On Mon, Feb 10, 2014 at 8:57 AM, Oleg Nesterov wrote:
> >> On 02/08, Andy Lutomirski wrote:
> >>>
> >>> +void audit_inc_n_rules()
> >>> +{
> >>> + struct task_struct *p,
On Mon, 2014-02-10 at 12:04 -0800, Andy Lutomirski wrote:
> On Mon, Feb 10, 2014 at 11:12 AM, Steve Grubb wrote:
> 2. Do AVC denial messages still get logged if audit_enable == 0? If
> not, then audit_enable is a non-starter.
They go out printk/dmesg/syslog
--
To unsubscribe from this list:
On Fri, 2014-02-07 at 08:40 -0800, Andy Lutomirski wrote:
> On Fri, Feb 7, 2014 at 4:58 AM, Jonas Bonn wrote:
> > Hi Andy,
> >
> > On 5 February 2014 00:50, Andy Lutomirski wrote:
> >>
> >> I can't even find the system call entry point on mips.
> >>
> >>
> >> Is there a semi-official answer
On Sat, 2014-02-08 at 13:06 -0800, Andy Lutomirski wrote:
> This toggles TIF_SYSCALL_AUDIT as needed when rules change instead
> of leaving it set whenever rules might be set in the future. This
> reduces syscall latency from >60ns to closer to 40ns on my laptop.
Al also politely reminded me it
On Tue, 2014-02-18 at 15:50 -0500, Richard Guy Briggs wrote:
> On 14/02/14, Eric Paris wrote:
> > On Fri, 2014-02-14 at 15:52 -0500, Richard Guy Briggs wrote:
> > > On 14/02/14, Richard Guy Briggs wrote:
> > > > On 14/02/14, Eric Paris wrote:
> > > > &g
On Thu, 2014-02-27 at 12:40 -0800, Andy Lutomirski wrote:
> Currently, dealing with Linux syscalls in an architecture-independent
> way is a mess. Here are some issues:
>
> 1. There's no clean way to map between syscall names and numbers on
> different architectures. The kernel contains a
Didn't Al find this/something very similar. I really hate this
solution. Why should every LSM try to understand the intimate
lifetime rules of the parent subsystems? The real problem is that
inode_free_security() is being called while the inode is still in use.
While I agree with the
On Thu, 2014-01-09 at 10:51 -0500, Steven Rostedt wrote:
> On Thu, 9 Jan 2014 10:31:55 -0500
> Eric Paris wrote:
>
> > Didn't Al find this/something very similar. I really hate this
>
> I'm not involved with the vfs, so I'm unaware of other solutions
> presen
[adding lsm and selinux]
Am I just crazy, or was this bug discussed (and obviously not fixed)
some time ago?
VFS can still use inodes after security_inode_free_security() was
called...
On Thu, 2014-01-09 at 10:57 -0500, Eric Paris wrote:
> On Thu, 2014-01-09 at 10:51 -0500, Steven Rostedt wr
https://bugzilla.redhat.com/show_bug.cgi?id=829715
at least has some discussion...
On Thu, Jan 9, 2014 at 11:22 AM, Steven Rostedt wrote:
> On Thu, 09 Jan 2014 11:10:05 -0500
> Stephen Smalley wrote:
>
>> I didn't know that was the case; originally when we added the hook it
>> was not
On Thu, Jan 9, 2014 at 3:20 PM, Mimi Zohar wrote:
> For those of us that don't have access to the RH bugzilla, can someone
> please summarize the problem?
The upstream discussion (nothing really useful in the bug other than a
link to it) is here.
On Thu, 2014-01-09 at 22:13 +, Al Viro wrote:
> On Thu, Jan 09, 2014 at 10:31:55AM -0500, Eric Paris wrote:
> > Didn't Al find this/something very similar. I really hate this
> > solution. Why should every LSM try to understand the intimate
> > lifetime rules of
On Thu, 2014-01-09 at 22:13 +, Al Viro wrote:
> On Thu, Jan 09, 2014 at 10:31:55AM -0500, Eric Paris wrote:
> > Didn't Al find this/something very similar. I really hate this
> > solution. Why should every LSM try to understand the intimate
> > lifetime rules of
On Thu, 2014-01-09 at 18:27 -0500, Steven Rostedt wrote:
> On Thu, 9 Jan 2014 18:25:23 -0500
> Steven Rostedt wrote:
>
> > On Fri, 10 Jan 2014 06:41:03 +0800
> > Linus Torvalds wrote:
> >
> > > I think the sane short term fix is to make the kfree() of the i_security
> > > member be a rcu free,
On Mon, 2014-03-17 at 13:14 -0700, Tony Luck wrote:
> On Thu, Jan 23, 2014 at 11:32 AM, Richard Guy Briggs wrote:
> > Added the functions task_ppid_nr_ns() and task_ppid_nr() to abstract the
> > lookup
> > of the PPID (real_parent's pid_t) of a process, including rcu locking, in
> > the
> >
As usual Eric, your commentary is anything but useful. However your
technical thoughts are not off the mark. Can we stick to those?
On Wed, 2014-03-05 at 10:06 -0800, Eric W. Biederman wrote:
> Steve Grubb writes:
>
> > On Tuesday, March 04, 2014 07:21:52 PM David Miller wrote:
> >> From:
On Fri, 2014-03-07 at 19:48 -0500, David Miller wrote:
> From: Eric Paris
> Date: Fri, 07 Mar 2014 17:52:02 -0500
>
> > Audit is non-tolerant to failure and loss.
>
> Netlink is not a loss-less transport.
I'm happy to accept that (and know it to be true). How can I be
On Sun, 2014-03-09 at 20:06 -0700, Eric W. Biederman wrote:
> Linus,
>
> Please pull the for-linus branch from the git tree:
>
>git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git
> for-linus
>
>HEAD: d211f177b28ec070c25b3d0b960aa55f352f731f audit: Update kdoc for
On Wed, 2014-02-19 at 13:08 -0500, Richard Guy Briggs wrote:
> Register a netlink per-protocol bind fuction for audit to check userspace
> process capabilities before allowing a multicast group connection.
>
> Signed-off-by: Richard Guy Briggs
> ---
> kernel/audit.c | 10 ++
> 1 files
On Tue, 2014-02-18 at 19:09 -0800, Andy Lutomirski wrote:
> On Tue, Feb 18, 2014 at 11:39 AM, Eric Paris wrote:
> > Al just indicated to me that on at least ia64, syscall_get_arguments()
> > is really expensive. So maybe not a deal breaker, but sounds like we'd
> > lose
On Fri, 2014-02-14 at 15:23 -0500, Richard Guy Briggs wrote:
> The AUDIT_SECCOMP record looks something like this:
>
> type=SECCOMP msg=audit(1373478171.953:32775): auid=4325 uid=4325 gid=4325
> ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0 pid=12381 comm="test"
> sig=31 syscall=231
On Fri, 2014-02-14 at 15:52 -0500, Richard Guy Briggs wrote:
> On 14/02/14, Richard Guy Briggs wrote:
> > On 14/02/14, Eric Paris wrote:
> > > On Fri, 2014-02-14 at 15:23 -0500, Richard Guy Briggs wrote:
> > > > The AUDIT_SECCOMP record looks something like this:
>
On Wed, 2013-09-18 at 15:06 -0400, Richard Guy Briggs wrote:
> reaahead-collector abuses the audit logging facility to discover which files
> are accessed at boot time to make a pre-load list
>
> Add a tuning option to audit_backlog_wait_time so that if auditd can't keep
> up,
> or gets blocked,
On Wed, 2013-09-18 at 16:49 -0400, Richard Guy Briggs wrote:
> On Wed, Sep 18, 2013 at 04:33:25PM -0400, Eric Paris wrote:
> > On Wed, 2013-09-18 at 15:06 -0400, Richard Guy Briggs wrote:
> > > reaahead-collector abuses the audit logging facility to discover which
> > &g
On Thu, 2013-09-19 at 17:18 -0400, Steve Grubb wrote:
> On Wednesday, September 18, 2013 03:06:52 PM Richard Guy Briggs wrote:
> > Re-named confusing local variable names (status_set and status_get didn't
> > agree with their command type name) and reduced their scope.
> >
> > Future-proof API
"slow" audit paths in entry.S to ensure the task can not
> miss audit_syscall_*() calls, this is pointless if the task
> has no ->audit_context.
>
> Signed-off-by: Oleg Nesterov
> Acked-by: Steve Grubb
Acked-by: Eric Paris
Richard, please pick this up into your tree.
&g
t;
> Signed-off-by: Richard Guy Briggs
Acked-by: Eric Paris
> ---
> kernel/audit.c |2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/kernel/audit.c b/kernel/audit.c
> index 3d17670..ac16540 100644
> --- a/kernel/audit.c
> +++ b/kern
On Thu, 2013-09-19 at 14:22 -0700, Davidlohr Bueso wrote:
> On Sun, 2013-09-15 at 20:04 -0700, Davidlohr Bueso wrote:
> > This patchset deals with the selinux and rmid races Manfred found on
> > the ipc scaling work that has been going on. It specifically addresses
> > shared mem and msg queues.
>From 4675ca3470e3c2e325c5be6d9a11f47ac0917537 Mon Sep 17 00:00:00 2001
From: Eric Paris
Date: Tue, 10 Sep 2013 09:51:50 -0400
Subject: [PATCH] security: remove erroneous comment about capabilities.o link
ordering
Back when we had half ass LSM stacking we had to link capabilities.o
after big
On Mon, 2013-09-09 at 18:32 +0400, Konstantin Khlebnikov wrote:
> Luiz Capitulino wrote:
> > I'm getting the following soft lockup:
> >
> > CPU: 6 PID: 2278 Comm: killall5 Tainted: GF3.11.0-rc7+ #1
> > Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
> > 0099
On Fri, 2013-10-25 at 10:36 +0900, Toshiyuki Okajima wrote:
> systemd|auditd
> ---+---
> ...|
> -> audit_receive |...
>
On Wed, 2013-06-19 at 16:49 -0400, Aristeu Rozanski wrote:
> On Wed, Jun 19, 2013 at 09:53:32AM +0800, Gao feng wrote:
> > This patchset is first part of namespace support for audit.
> > in this patchset, the mainly resources of audit system have
> > been isolated. the audit filter, rules havn't
On Sat, May 25, 2013 at 10:19 PM, Linus Torvalds
wrote:
> On Sat, May 25, 2013 at 10:04 PM, James Morris wrote:
>> On Sat, 25 May 2013, Linus Torvalds wrote:
>>
>>> But I haven't even looked at what non-selinux setups do to
>>> performance. Last time I tried Ubuntu (they still use apparmor,
selinux_inode_permission had some heavy lifting done to make it more
performance polite. But it still does largely the same thing as
inode_has_perm. So move that work into inode_has_perm and call
inode_has_perm from selinux_inode_permission.
Signed-off-by: Eric Paris
---
security/selinux
n calling inode_has_perm().
Signed-off-by: Eric Paris
---
include/linux/fs.h | 5 +++
security/selinux/hooks.c| 62 ++---
security/selinux/include/security.h | 1 +
security/selinux/ss/services.c | 5 +++
4 files changed, 69 in
On Mon, 2013-06-03 at 14:59 -0400, Eric Paris wrote:
> selinux_inode_permission had some heavy lifting done to make it more
> performance polite. But it still does largely the same thing as
> inode_has_perm. So move that work into inode_has_perm and call
> inode_h
On Tue, 2013-06-04 at 06:31 +0900, Linus Torvalds wrote:
>
>
> On Mon, 3 Jun 2013, Eric Paris wrote:
> >
> > #ifdef CONFIG_SECURITY
> > + seqcount_t i_security_seqcount;
> > + u32 i_last_task_sid;
> > +
On Tue, 2014-01-14 at 10:33 -0800, Joe Perches wrote:
> The equivalent uapi struct uses __u32 so make the kernel
> uses u32 too.
>
> This can prevent some oddities where the limit is
> logged/emitted as a negative value.
>
> Convert kstrtol to kstrtouint to disallow negative values.
> diff
val (2):
audit: efficiency fix 1: only wake up if queue shorter than backlog limit
audit: efficiency fix 2: request exclusive wait since all need same
resource
Eric Paris (8):
audit: convert all sessionid declaration to unsigned int
audit: wait_for_auditd rework for rea
On Tue, 2013-12-17 at 11:10 +0800, Gao feng wrote:
> print the error message and then return -ENOMEM.
>
> Signed-off-by: Gao feng
Haha. If it's NULL return. No no, if it's REALLY null audit_panic().
Acked-by: Eric Paris
> ---
> kernel/audit.c | 9 -
> 1 file cha
doesn't return -ECONNREFUSED.
>
> And the socket of userspace process can be released anytime,
> so the audit_sock may point to invalid socket.
>
> this patch sets the audit_sock to the kernel side audit
> netlink socket.
>
> Signed-off-by: Gao feng
Acked-by: Eric Pari
at 11:11 -0800, Andy Lutomirski wrote:
> This toggles TIF_SYSCALL_AUDIT as needed when rules change instead of
> leaving it set whenever rules might be set in the future. This reduces
> syscall latency from >60ns to closer to 40ns on my laptop.
>
> Cc: Oleg Nesterov
> Cc: St
Acked-by: Eric Paris
On Tue, Feb 4, 2014 at 4:38 AM, Will Deacon wrote:
> On Tue, Feb 04, 2014 at 02:15:32AM +, Colin Cross wrote:
>> Binaries compiled for arm may run on arm64 if CONFIG_COMPAT is
>> selected. Set LSM_MMAP_MIN_ADDR to 32768 if ARM64 && COMPAT to
>
On Mon, 2014-02-03 at 11:11 -0800, Andy Lutomirski wrote:
> +void audit_inc_n_rules()
> +{
> + struct task_struct *p, *g;
> + unsigned long flags;
> +
> + read_lock_irqsave(_lock, flags);
> + if (audit_n_rules++ == 0) {
I know it's right, but it's too clever for me :) If we do
On Wed, 2014-01-15 at 12:17 -0800, David Miller wrote:
> From: Jan Kaluza
> Date: Mon, 13 Jan 2014 09:01:46 +0100
>
> > Changes introduced in this patchset can also increase performance
> > of such server-like processes, because current way of opening and
> > parsing /proc/$PID/* files is much
On Thu, 2013-12-19 at 11:59 +0800, Gao feng wrote:
> On 07/17/2013 04:32 AM, Richard Guy Briggs wrote:
> > Convert audit from only listening in init_net to use
> > register_pernet_subsys()
> > to dynamically manage the netlink socket list.
> >
> > Signed-off-by: Richard Guy Briggs
> > ---
>
>
On Fri, 2013-12-20 at 10:46 +0800, Gao feng wrote:
> On 12/20/2013 02:40 AM, Eric Paris wrote:
> > On Thu, 2013-12-19 at 11:59 +0800, Gao feng wrote:
> >> On 07/17/2013 04:32 AM, Richard Guy Briggs wrote:
> >> we have to store audit_sock
> >>
On Tue, 2013-12-10 at 10:51 -0600, Serge Hallyn wrote:
> Quoting Gao feng (gaof...@cn.fujitsu.com):
> > On 12/10/2013 02:26 AM, Serge Hallyn wrote:
> > > Quoting Gao feng (gaof...@cn.fujitsu.com):
> > >> On 12/07/2013 06:12 AM, Serge E. Hallyn wrote:
> > >>> Quoting Gao feng
On Tue, 2013-12-10 at 15:06 -0500, Josh Boyer wrote:
> We've had a report[1] in Fedora of sync(1) hanging after logging into
> GNOME and running the command in a terminal. I was able to recreate
> this on my local system and did a git bisect. The bisect blames:
>
> commit
I still believe (assuming Josh says it tests ok) that a revert is a
reasonable fix until next window. But I might know the actual problem:
Lets assume policy says:
fuse.gluster == use_xattr
Lets assume this function is called with
sb->s_type->name == fuse
sb->s_subtype == NULL
int
On Tue, 2013-12-10 at 15:25 -0500, Eric Paris wrote:
> I'll try to write a patch to fix that logic...
Anand,
How about something like (untested but it compiles):
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index ee470a0..2b437fc8 100644
--- a/security/seli
On Tue, 2013-12-10 at 13:58 -0800, Anand Avati wrote:
> On 12/10/13, 12:35 PM, Eric Paris wrote:
> > On Tue, 2013-12-10 at 15:25 -0500, Eric Paris wrote:
> >
> >> I'll try to write a patch to fix that logic...
> >
> > Anand,
> >
> > Ho
On Mon, 2014-06-09 at 16:36 -0700, Linus Torvalds wrote:
> On Mon, Jun 9, 2014 at 3:56 PM, Andy Lutomirski wrote:
> >
> > In this particular case, it's my patch, and I've never sent you a pull
> > request. I sort of assumed that secur...@kernel.org magically caused
> > acknowledged fixes to end
This 'bug' feels very theoretical to me. There were about 3 kernel
releases back when inotify was rewriten onto fsnotify where it was
intentionally reusing wd's. So instead of a MAX_INT wrap all you have
to do was a single create/destroy/create to get reuse. Almost every
utility survived...
On Wed, 2014-04-02 at 14:12 -0400, Mimi Zohar wrote:
> On Wed, 2014-04-02 at 14:00 -0400, Steve Grubb wrote:
> > Hello Mimi,
> >
> > On Wednesday, April 02, 2014 01:39:47 PM Mimi Zohar wrote:
> > > This change is already being upstreamed as commit 73a6b44 "Integrity:
> > > Pass commname via
On Fri, 2014-04-04 at 15:00 +0200, David Herrmann wrote:
> 1)
> IN_IGNORED is async and _immediate_ in case a file got deleted. So if
> you use watch-descriptors as keys for your objects, an _already_ used
> key might be returned by inotify_add_watch() if an IN_IGNORED is
> queued for the old
I don't know tilegx, but I have replaced 223b24d807610 with
4b58841149dcaa5. I believe adding AUDIT_ARCH_COMPAT_GENERIC was
akashi-san's fix for this problem on mips. Is this a better fix?
Thanks
-Eric
On Thu, 2014-03-20 at 11:31 -0400, Chris Metcalf wrote:
> For architectures that use the
On Tue, 2014-03-25 at 21:36 +0100, Andre Tomt wrote:
> *testing hat on*
>
> PAM within namespaces (say, LXC) does not work anymore with 3.14-rc8,
> making login, ssh etc fail in containers unless you boot with audit=0.
>
> This is due to a change in return value to user space; and is
>
> > I reworked the patch to be applicable again (the signature of fanotify_mark
> > has changed since Tvrtko's work).
> >
> > Signed-off-by: Heinrich Schuchardt
> The patch looks good to me. You can add:
> Reviewed-by: Jan Kara
Reported-by: Adam Richter
Signed-off-by: Eric Paris
---
kernel/audit.c | 12 +++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/kernel/audit.c b/kernel/audit.c
index 3392d3e..95a20f3 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -608,9 +608,19 @@ static int
On Tue, 2014-04-22 at 16:22 +1000, Stephen Rothwell wrote:
> Hi Eric,
>
> After merging the audit tree, today's linux-next build (sparc defconfig)
> failed like this:
>
> In file included from include/linux/audit.h:29:0,
> from mm/mmap.c:33:
> arch/sparc/include/asm/syscall.h:
NAK
On Wed, 2014-05-28 at 18:44 -0700, Andy Lutomirski wrote:
> Here are some issues with the code:
> - It thinks that syscalls have four arguments.
Not true at all. It records the registers that would hold the first 4
entries on syscall entry, for use later if needed, as getting those
later
On Wed, 2014-05-28 at 18:44 -0700, Andy Lutomirski wrote:
> Fixes an easy DoS and possible information disclosure.
>
> This does nothing about the broken state of x32 auditing.
>
> Cc: sta...@vger.kernel.org
> Signed-off-by: Andy Lutomirski
> ---
> kernel/auditsc.c | 27
On Wed, 2014-05-28 at 19:27 -0700, Andy Lutomirski wrote:
> On Wed, May 28, 2014 at 7:23 PM, Eric Paris wrote:
> > On Wed, 2014-05-28 at 18:44 -0700, Andy Lutomirski wrote:
> >> Fixes an easy DoS and possible information disclosure.
> >>
> >> This does n
On Wed, 2014-05-28 at 19:40 -0700, Andy Lutomirski wrote:
> On Wed, May 28, 2014 at 7:09 PM, Eric Paris wrote:
> > NAK
> >
> > On Wed, 2014-05-28 at 18:44 -0700, Andy Lutomirski wrote:
> >> Here are some issues with the code:
> >> - It thinks that syscall
stop selecting it.
Signed-off-by: Eric Paris
Cc: Andy Lutomirski
---
arch/x86/Kconfig | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 56f47ca..e11c4da 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -125,7 +125,7 @@ config X86
...@vger.kernel.org
Signed-off-by: Andy Lutomirski
Signed-off-by: Eric Paris
---
kernel/auditsc.c | 27 ++-
1 file changed, 18 insertions(+), 9 deletions(-)
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 254ce20..842f58a 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
On Fri, 2014-07-11 at 12:11 -0400, Paul Moore wrote:
> On Thursday, July 10, 2014 09:06:02 PM H. Peter Anvin wrote:
> > Incidentally: do seccomp users know that on an x86-64 system you can
> > recevie system calls from any of the x86 architectures, regardless of
> > how the program is invoked?
On Fri, 2014-07-11 at 12:21 -0400, Paul Moore wrote:
> On Friday, July 11, 2014 12:16:47 PM Eric Paris wrote:
> > On Fri, 2014-07-11 at 12:11 -0400, Paul Moore wrote:
> > > On Thursday, July 10, 2014 09:06:02 PM H. Peter Anvin wrote:
> > > > Incidentally: do seccom
On Fri, 2014-07-11 at 12:32 -0400, Paul Moore wrote:
> On Friday, July 11, 2014 12:23:33 PM Eric Paris wrote:
> > On Fri, 2014-07-11 at 12:21 -0400, Paul Moore wrote:
> > > On Friday, July 11, 2014 12:16:47 PM Eric Paris wrote:
> > > > On Fri, 2014-07-11 at
On Fri, 2014-05-09 at 20:27 -0400, Richard Guy Briggs wrote:
> Generate and assign a serial number per namespace instance since boot.
>
> Use a serial number per namespace (unique across one boot of one kernel)
> instead of the inode number (which is claimed to have had the right to change
>
On Fri, 2014-05-09 at 20:27 -0400, Richard Guy Briggs wrote:
> Log the namespace serial numbers of a task in audit_log_task_info() which
> is used by syscall audits, among others..
>
> Idea first presented:
> https://www.redhat.com/archives/linux-audit/2013-March/msg00020.html
>
> Typical
On Fri, 2014-05-09 at 20:27 -0400, Richard Guy Briggs wrote:
Not so relevant because you delete all of this code later... But
still...
> +#ifdef CONFIG_NAMESPACES
> +void audit_log_namespace_info(struct audit_buffer *ab, struct task_struct
> *tsk)
> +{
> + struct nsproxy *nsproxy;
> +
> +
by seccomp to explicitely set syscall filters for this ABI.
> >
> > Link: http://sourceforge.net/p/libseccomp/mailman/message/32239040/
> > Cc: Andy Lutomirski
> > Cc: Eric Paris
> > Cc: Paul Moore
> > Cc: Ralf Baechle
> > Signed-off-by: Markos Chandras
> &g
On Tue, 2014-05-13 at 11:13 -0400, Richard Guy Briggs wrote:
> On 14/05/13, Richard Guy Briggs wrote:
> > On 14/05/10, Eric Paris wrote:
> > > On Fri, 2014-05-09 at 20:27 -0400, Richard Guy Briggs wrote:
> > > > Generate and assign a serial number per
On Tue, 2014-05-13 at 11:30 -0400, Eric Paris wrote:
> On Tue, 2014-05-13 at 11:13 -0400, Richard Guy Briggs wrote:
> > On 14/05/13, Richard Guy Briggs wrote:
> > > On 14/05/10, Eric Paris wrote:
> > > > On Fri, 2014-05-09 at 20:27 -0400, Richard Guy Briggs wrote:
On Tue, 2014-05-20 at 09:12 -0400, Richard Guy Briggs wrote:
> The purpose is to track namespaces in use by logged processes from the
> perspective of init_*_ns.
>
> 1/6 defines a function to generate them and assigns them.
>
> Use a serial number per namespace (unique across one boot of one
301 - 400 of 532 matches
Mail list logo