Re: [PATCH] eCryptfs: Avoid unnecessary disk read and data decryption during writing

-by: Yunchuan Wen wenyunch...@kylinos.com.cn Reviewed-by: Tyler Hicks tyhi...@canonical.com Thanks again, Li. I've pushed this to my next branch. I lost track of it last time. Sorry about that! Tyler --- fs/ecryptfs/mmap.c | 12 ++-- 1 files changed, 10 insertions(+), 2 deletions

Re: [PATCH 146/193] fs/ecryptfs: remove CONFIG_EXPERIMENTAL

On 2012-10-23 13:03:39, Kees Cook wrote: This config item has not carried much meaning for a while now and is almost always enabled by default. As agreed during the Linux kernel summit, remove it. CC: Tyler Hicks tyhi...@canonical.com Kees - Please push this through your tree. Thanks

Re: [PATCH 1/1] eCryptfs: check for eCryptfs cipher support at mount

Launchpad issue #338914, reported by Tyler Hicks in 03/2009. https://bugs.launchpad.net/ecryptfs/+bug/338914 Signed-off-by: Tim Sally tsa...@atomicpeace.com Looks good! I've pushed it to the eCryptfs -next branch and it will go in during the 3.6 merge window. I'm looking forward to more eCryptfs

Re: [PATCH v2] eCryptfs: allow userspace messaging to be disabled

node. Signed-off-by: Kees Cook keesc...@chromium.org Cc: Tyler Hicks tyhi...@canonical.com --- v2: - update version mask to reflect messaging feature presence. Thanks for v2. I've pushed it to my next branch. Tyler --- fs/ecryptfs/Kconfig |8 fs/ecryptfs

[GIT PULL] eCryptfs fixes for 3.9-rc2

): eCryptfs: decrypt_pki_encrypted_session_key(): remove kfree() redundant null check ecryptfs: ecryptfs_msg_ctx_alloc_to_free(): remove kfree() redundant null check Tyler Hicks (3): eCryptfs: Fix -Wunused-but-set-variable warnings eCryptfs: Fix -Wmissing-prototypes warnings

Re: [PATCH linux-next] eCryptfs: decrypt_pki_encrypted_session_key(): remove kfree() redundant null check

On 2013-02-12 10:56:54, Tim Gardner wrote: smatch analysis: fs/ecryptfs/keystore.c:1206 decrypt_pki_encrypted_session_key() info: redundant null check on msg calling kfree() Cc: Tyler Hicks tyhi...@canonical.com Cc: Dustin Kirkland dustin.kirkl...@gazzang.com Cc: ecryp

Re: [PATCH linux-next] ecryptfs: ecryptfs_msg_ctx_alloc_to_free(): remove kfree() redundant null check

On 2013-02-12 11:03:49, Tim Gardner wrote: smatch analysis: fs/ecryptfs/messaging.c:101 ecryptfs_msg_ctx_alloc_to_free() info: redundant null check on msg_ctx-msg calling kfree() Cc: Tyler Hicks tyhi...@canonical.com Cc: Dustin Kirkland dustin.kirkl...@gazzang.com Cc: ecryp

Re: [PATCH] eCryptfs: allow userspace messaging to be disabled

node. Signed-off-by: Kees Cook keesc...@chromium.org Cc: Tyler Hicks tyhi...@canonical.com Thanks for the patch, Kees! I took a glance over the code and noticed that ECRYPTFS_VERSIONING_MASK needs some adjusting. Its value is what is used to populate the /sys/fs/ecryptfs/version mask

[GIT PULL] eCryptfs fixes for 3.6-rc6

a regression, introduced in 2.6.39, when a file is renamed on top of another file. The target file's inode was not being evicted and the space taken by the file was not reclaimed until eCryptfs was unmounted. Tyler Hicks (3

[GIT PULL] eCryptfs fixes for 3.6-rc1

support at mount Tyler Hicks (6): eCryptfs: Copy up POSIX ACL and read-only flags from lower mount eCryptfs: Remove unused messaging declarations and function eCryptfs: Make all miscdev functions use daemon ptr in file private_data eCryptfs: Unlink lower inode when

[GIT PULL] eCryptfs fixes for 3.5-rc6

that use the miscdev interface. I was able to keep the changes minimal and I have some cleaner, more complete changes queued up for the next merge window that will build on these patches. Tyler Hicks (3): eCryptfs: Properly check

Re: [PATCH 1/1] eCryptfs: check for eCryptfs cipher support at mount

Launchpad issue #338914, reported by Tyler Hicks in 03/2009. https://bugs.launchpad.net/ecryptfs/+bug/338914 Hey Tim - Thanks for digging this one out of the bug tracker. :) Signed-off-by: Tim Sally tsa...@atomicpeace.com --- fs/ecryptfs/main.c | 24 1 file changed, 24

[GIT PULL] eCryptfs fixes for 3.8-rc2

Hi Linus, The following changes since commit 0e4a43ed08e2f44aa7b96aa95d0a540d675483e1: Merge git://git.kernel.org/pub/scm/linux/kernel/git/steve/gfs2-3.0-fixes (2012-11-07 13:38:56 +0100) are available in the git repository at:

Re: [ 026/180] eCryptfs: Improve statfs reporting

to stable@v.k.o. Thanks! Tyler -- From: Tyler Hicks tyhi...@canonical.com commit 4a26620df451ad46151ad21d711ed43e963c004e upstream. BugLink: http://bugs.launchpad.net/bugs/885744 statfs() calls on eCryptfs files returned the wrong filesystem type and, when using

[GIT PULL] eCryptfs updates for 3.11-rc1

cleanups Matthew Wilcox (1): Use ecryptfs_dentry_to_lower_path in a couple of places Thomas Meyer (1): eCryptfs: Cocci spatch memdup.spatch Tyler Hicks (10): eCryptfs: Use entire helper page during page crypto

[GIT PULL] eCryptfs fixes for 3.12-rc1

Hi Linus, The following changes since commit 4de9ad9bc08b4953fc03336ad38908496e2f8826: Merge git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile (2013-09-06 11:14:33 -0700) are available in the git repository at:

Re: [PATCH] ecryptfs: Fix memory leakage in keystore.c

On 2013-10-11 16:49:16, Geyslan G. Bem wrote: In 'decrypt_pki_encrypted_session_key' function: Initializes 'payload' pointer and releases it on exit. Signed-off-by: Geyslan G. Bem geys...@gmail.com --- Thanks! This one was easy to verify by auditing the code, but I was also able to verify

[GIT PULL] Minor eCryptfs fix for 3.13-rc1

conditionals Tyler Hicks (1): eCryptfs: file-private_data is always valid fs/ecryptfs/file.c | 8 ++-- 1 file changed, 2 insertions(+), 6 deletions(-) signature.asc Description: Digital signature

Re: [PATCH] ecryptfs: Fix explicit null dereference

On 2013-11-14 15:42:14, Geyslan G. Bem wrote: If the condition 'ecryptfs_file_to_private(file)' takes false branch lower_file is dereferenced when NULL. Caught by Coverity: CIDs 1128834 and 1128833. Signed-off-by: Geyslan G. Bem geys...@gmail.com --- Hello - Smatch picked up on this

Re: [PATCH] ecryptfs: Fix explicit null dereference

On 2013-11-14 17:58:40, Geyslan Gregório Bem wrote: 2013/11/14 Tyler Hicks tyhi...@canonical.com: On 2013-11-14 15:42:14, Geyslan G. Bem wrote: If the condition 'ecryptfs_file_to_private(file)' takes false branch lower_file is dereferenced when NULL. Caught by Coverity: CIDs 1128834

Re: ecryptfs log spew from EINTR

On 2014-03-05 09:15:28, Dave Hansen wrote: I have a little program that uses mmap() to copy files. Essentially: addr1 = mmap(fd1); addr2 = mmap(fd2); memcpy(addr1, addr2, len); If these files are on ecryptfs and I interrupt the memcpy() with ^C, I consistently get this

[PATCH] eCryptfs: Check return of filemap_write_and_wait during fsync

Error out of ecryptfs_fsync() if filemap_write_and_wait() fails. Signed-off-by: Tyler Hicks tyhi...@canonical.com Cc: Paul Taysom tay...@chromium.org Cc: Olof Johansson ol...@chromium.org --- After giving Paul's patch one more look, I noticed that we were ignoring filemap_write_and_wait()'s

[GIT PULL] eCryptfs fixes for 3.10-rc5

* A couple of MAINTAINERS updates Dustin Kirkland (1): Update eCryptFS maintainers Paul Taysom (1): ecryptfs: fixed msync to flush data Tyler Hicks (1): eCryptfs: Check return of filemap_write_and_wait during fsync

Re: [PATCH] eCryptfs: Cocci spatch memdup.spatch

On 2013-06-01 11:39:36, Thomas Meyer wrote: Signed-off-by: Thomas Meyer tho...@m3y3r.de --- Thanks Thomas - I've pushed this to my next branch. Tyler diff -u -p a/fs/ecryptfs/messaging.c b/fs/ecryptfs/messaging.c --- a/fs/ecryptfs/messaging.c +++ b/fs/ecryptfs/messaging.c @@ -247,14

Re: [PATCH] fs: ecryptfs: fixed msync to flush data

On 2013-05-23 14:31:43, Paul Taysom wrote: When msync is called on a memory mapped file, that data is not flushed to the disk. In Linux, msync calls fsync for the file. For ecryptfs, fsync just calls the lower level file system's fsync. Changed the ecryptfs fsync code to call

[GIT PULL] eCryptfs fixes for 3.12-rc7

Hi Linus, The following changes since commit d6099aeb4a9aad5e7ab1c72eb119ebd52dee0d52: Merge branch 'fixes' of git://git.linaro.org/people/rmk/linux-arm (2013-10-14 10:02:23 -0700) are available in the git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/tyhicks/ecryptfs.git

[GIT PULL] eCryptfs update for 3.10-rc1

to the ablkcipher crypto API. The improvement is more apparent on faster storage devices. There's no noticeable change when hardware crypto is not available. Tyler Hicks (1): eCryptfs: Use the ablkcipher crypto API fs/ecryptfs/crypto.c

Re: [PATCH] ecryptfs: avoid ctx initialization race

On 2013-08-13 15:02:27, Kees Cook wrote: It might be possible for two callers to race the mutex lock after the NULL ctx check. Instead, move the lock above the check so there isn't the possibility of leaking a crypto ctx. Additionally, report the full algo name when failing. Signed-off-by:

Re: [PATCH v2] ecryptfs: Drop cast

On 2014-06-27 01:11:59, Himangi Saraogi wrote: This patch does away with cast on void * and the if as it is unnecessary. The following Coccinelle semantic patch was used for making the change: @r@ expression x; void* e; type T; identifier f; @@ ( *((T *)e) | ((T *)x)[...] |

Re: [PATCH 1/1] ecryptfs: remove unnecessary break after goto

On 2014-07-08 18:30:07, Fabian Frederick wrote: Cc: Tyler Hicks tyhi...@canonical.com Cc: ecryp...@vger.kernel.org Signed-off-by: Fabian Frederick f...@skynet.be --- Thanks. I'll get this pushed to the eCryptfs -next branch. Tyler fs/ecryptfs/keystore.c | 1 - 1 file changed, 1 deletion

Re: [PATCH 1/1] fs/ecryptfs/messaging.c: remove null test before kfree

On 2014-06-16 20:06:12, Fabian Frederick wrote: Fix checkpatch warning: WARNING: kfree(NULL) is safe this check is probably not required Cc: Tyler Hicks tyhi...@canonical.com Cc: ecryp...@vger.kernel.org Signed-off-by: Fabian Frederick f...@skynet.be --- Hi Fabian - Sorry for being slow

Re: [trace:ftrace/core 1/3] include/trace/syscall.h:39:6: error: 'TIF_SYSCALL_TRACEPOINT' undeclared

On 2014-06-18 21:15:59, Steven Rostedt wrote: On Thu, 19 Jun 2014 03:25:46 +0800 kbuild test robot fengguang...@intel.com wrote: tree: git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace.git ftrace/core head: 72fa1a896d8ef355e81270667803ceb16a3dd13f commit:

Re: [PATCH] ecryptfs: avoid to access NULL pointer when write metadata in xattr

Hello and thanks for the patch! On 2014-07-24 17:25:42, Chao Yu wrote: https://bugzilla.kernel.org/show_bug.cgi?id=41692 This actually isn't the bug that this patch fixes. It is a different bug (that I don't think exists anymore) and someone happened to test for the bug on a newer kernel and

Re: [PATCH] NULL pointer dereference in ecryptfs (ecryptfs_setxattr)

Hi Priya - Thanks for the report and patch. I have some inline comments. On 2014-09-24 06:58:01, Priya Bansal wrote: This patch fixes the issue which was found in ecryptfs_setxattr(). Previously, while trying to create a file when ecryptfs is mounted over ext4 filesystem with encrypted

[PATCH] eCryptfs: Force RO mount when encrypted view is enabled

that do not operate on a file descriptor. Signed-off-by: Tyler Hicks tyhi...@canonical.com Reported-by: Priya Bansal p.ban...@samsung.com --- fs/ecryptfs/file.c | 12 fs/ecryptfs/main.c | 16 +--- 2 files changed, 13 insertions(+), 15 deletions(-) diff --git a/fs/ecryptfs

[GIT PULL] eCryptfs fixes for 3.19-rc1

instead of letting the VFS enforce it Michael Halcrow (1): eCryptfs: Remove buggy and unnecessary write in file name decode routine Tyler Hicks (2): eCryptfs: Force RO mount when encrypted view is enabled eCryptfs: Remove

[GIT PULL] eCryptfs fixes for 3.18

Hi Linus, The following changes since commit 319e2e3f63c348a9b66db4667efa73178e18b17d: Linux 3.13-rc4 (2013-12-15 12:31:33 -0800) are available in the git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/tyhicks/ecryptfs.git tags/ecryptfs-3.18-fixes for you to fetch changes

Re: [PATCH] ecryptfs: remove unneeded buggy code in ecryptfs_do_create()

Hi Alexey - thanks for the patch. On 2014-09-23 00:39:31, Alexey Khoroshilov wrote: There is a bug in error handling of lock_parent() in ecryptfs_do_create(): lock_parent() acquries mutex even if dget_parent() fails, so mutex should be unlocked anyway. But dget_parent() does not fail, so

[GIT PULL] eCryptfs fixes for 4.0-rc3

. Colin Ian King (1): eCryptfs: ensure copy to crypt_stat-cipher does not overrun Tyler Hicks (1): eCryptfs: don't pass fs-specific ioctl commands through fs/ecryptfs/ecryptfs_kernel.h | 4 ++-- fs/ecryptfs/file.c| 34 ++ fs/ecryptfs

Re: [PATCH] eCryptfs: ensure copy to crypt_stat-cipher does not overrun

On 2015-02-23 11:34:10, Colin King wrote: From: Colin Ian King colin.k...@canonical.com The patch 237fead61998: [PATCH] ecryptfs: fs/Makefile and fs/Kconfig from Oct 4, 2006, leads to the following static checker warning: fs/ecryptfs/crypto.c:846 ecryptfs_new_file_context() error:

[PATCH] eCryptfs: don't pass fs-specific ioctl commands through

commands are mostly common across all filesystems but the whitelist may need to be further pruned in the future. https://bugzilla.kernel.org/show_bug.cgi?id=93691 https://launchpad.net/bugs/1305335 Signed-off-by: Tyler Hicks tyhi...@canonical.com Cc: Rocko rockoreq...@hotmail.com Cc: Colin Ian King

Re: [RFC][PATCH] ecryptfs: Allow only one instance per lower path

Thanks for the report and for the patch, Richard! On 2015-07-31 12:23:10, Richard Weinberger wrote: Mounting the same lower path multiple times should not result into multiple ecryptfs instances, otherwise ecryptfs gets confused. A command sequence of: An important detail that took me a

Re: [RFC][PATCH] ecryptfs: Allow only one instance per lower path

On 2015-08-03 20:31:57, Richard Weinberger wrote: Tyler, Am 03.08.2015 um 07:27 schrieb Tyler Hicks: So ecryptfs definitely supports mounting the same lower path multiple times? What is the benefit of that behavior? No, it doesn't support that in a way that provides consistency

Re: [RFC][PATCH] ecryptfs: Allow only one instance per lower path

On 2015-08-04 07:46:50, Richard Weinberger wrote: Tyler, Am 04.08.2015 um 01:07 schrieb Tyler Hicks: Okay, then I'd argument to give my patch a try although it is not the solution to the problem I've reported. :-) If you don't mind I'll resend with a proper changelog. That patch

[PATCH] eCryptfs: Invalidate dcache entries when lower i_nlink is zero

not being cleared. Signed-off-by: Tyler Hicks tyhi...@canonical.com Reported-by: Richard Weinberger rich...@nod.at --- fs/ecryptfs/dentry.c | 16 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/fs/ecryptfs/dentry.c b/fs/ecryptfs/dentry.c index 8db0b46..63cd2c1 100644

Re: [RFC][PATCH] ecryptfs: Allow only one instance per lower path

On 2015-08-02 09:51:16, Richard Weinberger wrote: Am 02.08.2015 um 03:03 schrieb Tyler Hicks: Thanks for the report and for the patch, Richard! On 2015-07-31 12:23:10, Richard Weinberger wrote: Mounting the same lower path multiple times should not result into multiple ecryptfs

Re: [PATCH] eCryptfs: Delete a check before the function call key_put

On 2015-06-26 18:25:09, SF Markus Elfring wrote: From: Markus Elfring elfr...@users.sourceforge.net Date: Fri, 26 Jun 2015 18:18:54 +0200 The key_put() function tests whether its argument is NULL and then returns immediately. Thus the test around this call might not be needed. This issue

Re: [PATCH v1] eCryptfs: enhancing eCryptfs to be used with external crypto engine

On 2015-11-10 15:20:59, andr...@codeaurora.org wrote: > This is a hardware inline accelerator, meaning that it operates on much > lower layer, block layer and device driver layer. The HW encrypts plain > requests sent from block layer directly, thus doing it much more > efficiently rather than

Re: [PATCH v1] eCryptfs: enhancing eCryptfs to be used with external crypto engine

On 2015-11-09 20:56:02, andr...@codeaurora.org wrote: > Hello, Tyler > > I'll try to provide more detailed explanation, should it be satisfactory > enough I will update the patch description. > > The problem with current eCryptfs is that it has total control on how and > when the encryption is

Re: [PATCH v1] eCryptfs: enhancing eCryptfs to be used with external crypto engine

Hello Andrey! On 2015-11-08 10:10:00, Andrey Markovytch wrote: > From: Andrey Markovytch > > Currently eCryptfs is responsible for page encryption/decryption. > This approach will not work when there is HW inline encryption. > The proposed change allows external module

[GIT PULL] eCryptfs fixes for 4.3-rc1

tfs dcache entries caused by unlinked lower inodes Markus Elfring (1): eCryptfs: Delete a check before the function call "key_put" Tyler Hicks (1): eCryptfs: Invalidate dcache entries when lower i_nlink i

Re: [PATCH 28/39] ecryptfs: drop null test before destroy functions

roy\)(x); > // > > Signed-off-by: Julia Lawall <julia.law...@lip6.fr> Acked-by: Tyler Hicks <tyhi...@canonical.com> I assume that you'll be landing this patch set into Linus' tree all together. Let me know if that's incorrect and I should take this single patch into the eC

Re: [PATCH 28/39] ecryptfs: drop null test before destroy functions

On 2015-09-15 06:36:30, Julia Lawall wrote: > > > On Mon, 14 Sep 2015, Tyler Hicks wrote: > > > On 2015-09-13 14:15:21, Julia Lawall wrote: > > > Remove unneeded NULL test. > > > > > > The semantic patch that makes this change is

[PATCH RESEND 2/2] net: Use ns_capable_noaudit() when determining net sysctl permissions

application authors because root-running Go applications always triggered the denial. To prevent this confusion, the capability check in net_ctl_permissions() is switched to the noaudit variant. BugLink: https://launchpad.net/bugs/1465724 Signed-off-by: Tyler Hicks <tyhi...@canonical.com>

[PATCH RESEND 0/2] Quiet noisy LSM denial when accessing net sysctl

I'm resending this patch set at the request of James Morris. This pair of patches does away with what I believe is a useless denial audit message when a privileged process initially accesses a net sysctl. The bug was first discovered when running Go applications under AppArmor confinement. It can

[PATCH RESEND 1/2] kernel: Add noaudit variant of ns_capable()

() is moved into a single, shared function to keep duplicated code to a minimum and ease maintainability. Signed-off-by: Tyler Hicks <tyhi...@canonical.com> Acked-by: Serge E. Hallyn <serge.hal...@ubuntu.com> --- include/linux/capability.h | 5 + kernel/capability.c

Re: [PATCH 0/2] Quiet noisy LSM denial when accessing net sysctl

On 05/17/2016 09:13 AM, Tyler Hicks wrote: > On 05/08/2016 10:56 PM, David Miller wrote: >> From: Tyler Hicks <tyhi...@canonical.com> >> Date: Fri, 6 May 2016 18:04:12 -0500 >> >>> This pair of patches does away with what I believe is a useless denial >>

Re: [PATCH] ecryptfs: fix spelling mistakes

On 06/09/2016 03:31 PM, Chris J Arges wrote: > Noticed some minor spelling errors when looking through the code. > > Signed-off-by: Chris J Arges Hey Chris - thanks for these fixups. The first two hunks (respresentation -> representation) were already fixed by an

Re: [v2 PATCH 9/26] eCryptfs: Use skcipher and shash

th skcipher, > and the long obsolete hash interface with shash. > > Signed-off-by: Herbert Xu <herb...@gondor.apana.org.au> Acked-by: Tyler Hicks <tyhi...@canonical.com> I have no problem with you taking this through the cryptodev tree. Thanks! Tyler > > diff --git

Re: [PATCH] eCryptfs: fix typos in comment

Thanks for the patch. It'll probably hang around in my tree until I have a more pressing fix to send up. Tyler On 2016-02-17 14:50:10, Wei Yuan wrote: > Signed-off-by: Weiyuan > --- > fs/ecryptfs/crypto.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > >

Re: [PATCH v2] ecryptfs: open lower files using kernel creds

On 2016-04-12 03:15:44, Ricky Zhou wrote: > In LSMs such as SELinux, files can be associated with state from the > credentials of the task that opens it. Since ecryptfs shares a single > handle to lower files across tasks that access it, others tasks can > later be denied access to the lower file

Re: [PATCH 0/2] Quiet noisy LSM denial when accessing net sysctl

On 05/08/2016 10:56 PM, David Miller wrote: > From: Tyler Hicks <tyhi...@canonical.com> > Date: Fri, 6 May 2016 18:04:12 -0500 > >> This pair of patches does away with what I believe is a useless denial >> audit message when a privileged process initially accesses

[PATCH 0/2] Quiet noisy LSM denial when accessing net sysctl

This pair of patches does away with what I believe is a useless denial audit message when a privileged process initially accesses a net sysctl. The bug was first discovered when running Go applications under AppArmor confinement. It can be triggered like so: $ echo "profile test { file, }" |

[PATCH 2/2] net: Use ns_capable_noaudit() when determining net sysctl permissions

application authors because root-running Go applications always triggered the denial. To prevent this confusion, the capability check in net_ctl_permissions() is switched to the noaudit variant. BugLink: https://launchpad.net/bugs/1465724 Signed-off-by: Tyler Hicks <tyhi...@canonical.com> --

[PATCH 1/2] kernel: Add noaudit variant of ns_capable()

() is moved into a single, shared function to keep duplicated code to a minimum and ease maintainability. Signed-off-by: Tyler Hicks <tyhi...@canonical.com> --- include/linux/capability.h | 5 + kernel/capability.c| 46 -- 2 files chang

[GIT PULL] eCryptfs fixes for 4.7-rc7

Hi Linus, The following changes since commit 33688abb2802ff3a230bd2441f765477b94cc89e: Linux 4.7-rc4 (2016-06-19 21:30:02 -0700) are available in the git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/tyhicks/ecryptfs.git tags/ecryptfs-4.7-rc7-fixes for you to fetch changes

[PATCH v2 2/4] seccomp: Add sysctl to configure actions that should be logged

r of tasks with an allocated audit context. Signed-off-by: Tyler Hicks <tyhi...@canonical.com> --- include/linux/audit.h | 6 +-- kernel/seccomp.c | 114 -- 2 files changed, 112 insertions(+), 8 deletions(-) diff --git a/include/linux/a

[PATCH v2 4/4] seccomp: Add tests for SECCOMP_RET_LOG

Extend the kernel selftests for seccomp to test the newly added SECCOMP_RET_LOG action. The added tests follow the example of existing tests. Unfortunately, the tests are not capable of inspecting the audit log to verify that the syscall was logged. Signed-off-by: Tyler Hicks <t

[PATCH v2 0/4] Improved seccomp logging

This patch set is the second revision of the following two previously submitted patch sets: http://lkml.kernel.org/r/1483375990-14948-1-git-send-email-tyhi...@canonical.com http://lkml.kernel.org/r/1483377999-15019-2-git-send-email-tyhi...@canonical.com The patch set aims to address some known

Re: [PATCH v2 1/4] seccomp: Add sysctl to display available actions

On 02/07/2017 06:03 PM, Kees Cook wrote: > On Thu, Feb 2, 2017 at 9:37 PM, Tyler Hicks <tyhi...@canonical.com> wrote: >> This patch creates a read-only sysctl containing an ordered list of >> seccomp actions that the kernel supports. The ordering, from left to >> right,

[PATCH v2 3/4] seccomp: Create an action to log before allowing

be written to the max_action_to_log sysctl in order to get a list of logged actions without the, potentially larger, set of allowed actions. Signed-off-by: Tyler Hicks <tyhi...@canonical.com> --- Documentation/prctl/seccomp_filter.txt | 6 ++ include/uapi/linux/seccomp.h | 1 +

[PATCH v2 1/4] seccomp: Add sysctl to display available actions

re exactly what seccomp logs through the audit subsystem. Support for this level of logging configuration will come in a future patch. Signed-off-by: Tyler Hicks <tyhi...@canonical.com> --- kernel/seccomp.c | 50 ++ 1 file changed, 50 insertion

Re: [PATCH v4 2/4] seccomp: Add sysctl to configure actions that should be logged

On 02/16/2017 12:40 PM, Tyler Hicks wrote: > On 02/15/2017 07:10 PM, Kees Cook wrote: >> On Mon, Feb 13, 2017 at 7:55 PM, Tyler Hicks <tyhi...@canonical.com> wrote: >>> diff --git a/kernel/seccomp.c b/kernel/seccomp.c >>> index e36dfe9..270a227 100644 >>&g

[PATCH v4 4/4] seccomp: Add tests for SECCOMP_RET_LOG

Extend the kernel selftests for seccomp to test the newly added SECCOMP_RET_LOG action. The added tests follow the example of existing tests. Unfortunately, the tests are not capable of inspecting the audit log to verify that the syscall was logged. Signed-off-by: Tyler Hicks <t

[PATCH v4 2/4] seccomp: Add sysctl to configure actions that should be logged

r of tasks with an allocated audit context. Signed-off-by: Tyler Hicks <tyhi...@canonical.com> --- Documentation/prctl/seccomp_filter.txt | 21 ++ include/linux/audit.h | 6 +- kernel/seccomp.c | 123 - 3 files changed

[PATCH v4 1/4] seccomp: Add sysctl to display available actions

re exactly what seccomp logs through the audit subsystem. Support for this level of logging configuration will come in a future patch. Signed-off-by: Tyler Hicks <tyhi...@canonical.com> --- Documentation/prctl/seccomp_filter.txt | 16 ++ Documentation/sysctl/kernel.txt| 1 +

[PATCH v4 3/4] seccomp: Create an action to log before allowing

be written to the max_action_to_log sysctl in order to get a list of logged actions without the, potentially larger, set of allowed actions. Signed-off-by: Tyler Hicks <tyhi...@canonical.com> --- Documentation/prctl/seccomp_filter.txt | 6 ++ include/uapi/linux/seccomp.h | 1 +

[PATCH v3 0/4] Improved seccomp logging

max_action + Document the log_max_action sysctl - Patch 3 + Put some space between RET_LOG and RET_ALLOW for future actions + Separate the RET_ALLOW and RET_LOG cases in __seccomp_filter() - Patch 4 + Adjust the selftests for the updated RET_LOG value Tyler Tyler Hicks (4): seccomp:

[PATCH v3 1/4] seccomp: Add sysctl to display available actions

re exactly what seccomp logs through the audit subsystem. Support for this level of logging configuration will come in a future patch. Signed-off-by: Tyler Hicks <tyhi...@canonical.com> --- Documentation/prctl/seccomp_filter.txt | 16 ++ Documentation/sysctl/kernel.txt| 1 +

[PATCH v3 3/4] seccomp: Create an action to log before allowing

be written to the max_action_to_log sysctl in order to get a list of logged actions without the, potentially larger, set of allowed actions. Signed-off-by: Tyler Hicks <tyhi...@canonical.com> --- Documentation/prctl/seccomp_filter.txt | 6 ++ include/uapi/linux/seccomp.h | 1 +

[PATCH v4 0/4] Improved seccomp logging

tl - Patch 3 + Put some space between RET_LOG and RET_ALLOW for future actions + Separate the RET_ALLOW and RET_LOG cases in __seccomp_filter() - Patch 4 + Adjust the selftests for the updated RET_LOG value Tyler Tyler Hicks (4): seccomp: Add sysctl to display available actions se

Re: [PATCH v2 1/4] seccomp: Add sysctl to display available actions

On 02/07/2017 06:43 PM, Kees Cook wrote: > On Tue, Feb 7, 2017 at 4:25 PM, Tyler Hicks <tyhi...@canonical.com> wrote: >> On 02/07/2017 06:03 PM, Kees Cook wrote: >>> On Thu, Feb 2, 2017 at 9:37 PM, Tyler Hicks <tyhi...@canonical.com> wrote: >>>> This p

[PATCH v3 2/4] seccomp: Add sysctl to configure actions that should be logged

r of tasks with an allocated audit context. Signed-off-by: Tyler Hicks <tyhi...@canonical.com> --- Documentation/prctl/seccomp_filter.txt | 21 ++ include/linux/audit.h | 6 +- kernel/seccomp.c | 123 - 3 files changed

[PATCH v3 4/4] seccomp: Add tests for SECCOMP_RET_LOG

Extend the kernel selftests for seccomp to test the newly added SECCOMP_RET_LOG action. The added tests follow the example of existing tests. Unfortunately, the tests are not capable of inspecting the audit log to verify that the syscall was logged. Signed-off-by: Tyler Hicks <t

[PATCH] Documentation: Fix linux-api list typo

A Japanese translation file contained the incorrect email address for the linux-api list. Signed-off-by: Tyler Hicks <tyhi...@canonical.com> --- I was unlucky enough to copy and paste this invalid address from `git grep linux-api Documentation` output, resulting in a patch set that b

Re: [PATCH v2 2/4] seccomp: Add sysctl to configure actions that should be logged

On 02/07/2017 06:24 PM, Kees Cook wrote: > On Thu, Feb 2, 2017 at 9:37 PM, Tyler Hicks <tyhi...@canonical.com> wrote: >> Administrators can write to this sysctl to set the maximum seccomp >> action that should be logged. Any actions with values greater than >> w

Re: [PATCH v2 3/4] seccomp: Create an action to log before allowing

On 02/07/2017 06:33 PM, Kees Cook wrote: > On Thu, Feb 2, 2017 at 9:37 PM, Tyler Hicks <tyhi...@canonical.com> wrote: >> Add a new action, SECCOMP_RET_LOG, that logs a syscall before allowing >> the syscall. At the implementation level, this action is identical to >> the

Re: [PATCH v2 3/4] seccomp: Create an action to log before allowing

On 02/10/2017 06:08 PM, Kees Cook wrote: > On Fri, Feb 10, 2017 at 4:01 PM, Tyler Hicks <tyhi...@canonical.com> wrote: >> On 02/07/2017 06:33 PM, Kees Cook wrote: >>> This adds to UAPI, so it'd be good to think for a moment about how >>> this would work on old

Re: [PATCH v4 2/4] seccomp: Add sysctl to configure actions that should be logged

On 02/15/2017 07:10 PM, Kees Cook wrote: > On Mon, Feb 13, 2017 at 7:55 PM, Tyler Hicks <tyhi...@canonical.com> wrote: >> diff --git a/kernel/seccomp.c b/kernel/seccomp.c >> index e36dfe9..270a227 100644 >> --- a/kernel/seccomp.c >> +++ b/kernel/seccomp.c &g

Re: [PATCH v3 1/4] seccomp: Add sysctl to display available actions

On 02/15/2017 07:00 PM, Kees Cook wrote: > On Mon, Feb 13, 2017 at 7:45 PM, Tyler Hicks <tyhi...@canonical.com> wrote: >> This patch creates a read-only sysctl containing an ordered list of >> seccomp actions that the kernel supports. The ordering, from left to >> right,

Re: [PATCH v4 4/4] seccomp: Add tests for SECCOMP_RET_LOG

On 02/15/2017 07:13 PM, Kees Cook wrote: > On Mon, Feb 13, 2017 at 7:55 PM, Tyler Hicks <tyhi...@canonical.com> wrote: >> Extend the kernel selftests for seccomp to test the newly added >> SECCOMP_RET_LOG action. The added tests follow the example of existing >>

Re: [PATCH v3 1/4] seccomp: Add sysctl to display available actions

On 02/15/2017 09:14 PM, Andy Lutomirski wrote: > On Mon, Feb 13, 2017 at 7:45 PM, Tyler Hicks <tyhi...@canonical.com> wrote: >> This patch creates a read-only sysctl containing an ordered list of >> seccomp actions that the kernel supports. The ordering, from left to >>

Re: [PATCH v3 1/4] seccomp: Add sysctl to display available actions

On 02/16/2017 01:01 PM, Andy Lutomirski wrote: > On Thu, Feb 16, 2017 at 10:47 AM, Tyler Hicks <tyhi...@canonical.com> wrote: >> On 02/15/2017 09:14 PM, Andy Lutomirski wrote: >>> On Mon, Feb 13, 2017 at 7:45 PM, Tyler Hicks <tyhi...@canonical.com> wrote: >>>

Re: [PATCH v3 0/4] Improved seccomp logging

On 02/15/2017 09:24 PM, Andy Lutomirski wrote: > On Mon, Feb 13, 2017 at 7:45 PM, Tyler Hicks <tyhi...@canonical.com> wrote: >> This patch set is the third revision of the following two previously >> submitted patch sets: >> >> v1: >> http://lkml.kernel.

Re: [PATCH] ecryptfs: remove private bin2hex implementation

On 09/20/2016 06:17 PM, Rasmus Villemoes wrote: > Calling sprintf in a loop is not very efficient, and in any case, we > already have an implementation of bin-to-hex conversion in lib/ which > we might as well use. > > Note that ecryptfs_to_hex used to nul-terminate the destination (and > the

Re: Observed a ecryptFS crash

On 09/29/2016 07:29 AM, liushuoran wrote: > Hi Tyhicks, > > We observed a ecryptFS crash occasionally in Linux kernel 4.1.18. The call > trace is attached below. Is it a known issue？ Look forward to hearing from > you. Thanks in advance! It isn't known to me but I'm rarely testing eCryptfs

Re: [PATCH 0/2] Begin auditing SECCOMP_RET_ERRNO return actions

On 01/04/2017 02:42 AM, Paul Moore wrote: > On Tue, Jan 3, 2017 at 8:31 AM, Tyler Hicks <tyhi...@canonical.com> wrote: >> On 01/02/2017 04:47 PM, Paul Moore wrote: >>> On Mon, Jan 2, 2017 at 11:53 AM, Tyler Hicks <tyhi...@canonical.com> wrote: >>>> Thi

Re: [PATCH 0/2] Begin auditing SECCOMP_RET_ERRNO return actions

On 01/02/2017 04:47 PM, Paul Moore wrote: > On Mon, Jan 2, 2017 at 11:53 AM, Tyler Hicks <tyhi...@canonical.com> wrote: >> This patch set creates the basis for auditing information specific to a given >> seccomp return action and then starts auditing SECCOMP_RET_ERRNO return

Re: [PATCH 0/2] Begin auditing SECCOMP_RET_ERRNO return actions

On 01/02/2017 11:57 PM, Andy Lutomirski wrote: > On Mon, Jan 2, 2017 at 8:53 AM, Tyler Hicks <tyhi...@canonical.com> wrote: >> This patch set creates the basis for auditing information specific to a given >> seccomp return action and then starts auditing SECCOMP_RET_ER

Re: [PATCH 0/2] Begin auditing SECCOMP_RET_ERRNO return actions

On 01/04/2017 04:44 AM, Kees Cook wrote: > On Tue, Jan 3, 2017 at 1:31 PM, Paul Moore wrote: >> On Tue, Jan 3, 2017 at 4:21 PM, Kees Cook wrote: >>> On Tue, Jan 3, 2017 at 1:13 PM, Paul Moore wrote: On Tue, Jan 3, 2017 at

  1   2   3   4   5   6   >