Re: [RFC PATCH 0/5] Overhaul the audit filename handling

From: Paul Moore
Date: Mon Jan 12 2015 - 16:03:25 EST

Next message: Borislav Petkov: "Re: [PATCH] x86: introduce push/pop macros which generate CFI_REL_OFFSET and CFI_RESTORE"
Previous message: Andrew Morton: "Re: [PATCHv2 0/2] mm: infrastructure for correctly handling foreign pages on Xen"
In reply to: Paul Moore: "Re: [RFC PATCH 5/5] audit: replace getname()/putname() hacks with reference counters"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thursday, January 08, 2015 11:50:23 AM Paul Moore wrote:
> There have been some patches added to v3.19-rcX to fix various
> problems in the way audit handles filenames but they have been hacks
> on top of hacks, not really something we want long term. This
> patchset reworks the way audit handles filenames, removing a lot of
> nasty hacks added recently, and fixing a few bugs that still remain.
>
> Most significant to folks outside of audit, patch 5/5 does away with
> the nasty getname()/putname() kludge in favor of a less ugly reference
> count approach.
>
> Comments and feedback are welcome. If nothing ugly pops up on review
> I'll see if Linus is interested in taking this for the next v3.19-rcX
> release, otherwise I'll toss it into linux-next for v3.20.
>
> -Paul
>
> ---
>
> Paul Moore (5):
> fs: rework getname_kernel to handle up to PATH_MAX sized filenames
> fs: create proper filename objects using getname_kernel()
> audit: enable filename recording via getname_kernel()
> audit: fix filename matching in __audit_inode() and
> __audit_inode_child()
> audit: replace getname()/putname() hacks with reference counters
>
>
> fs/exec.c | 11 +++
> fs/namei.c | 98 ++++++++++++++++++-----------
> fs/open.c | 11 +++
> include/linux/audit.h | 3 -
> include/linux/fs.h | 9 +--
> kernel/audit.h | 17 +----
> kernel/auditsc.c | 167 ++++++++-------------------------------------
> 7 files changed, 115 insertions(+), 201 deletions(-)

Al/fs dev: any chance you guys can take a quick look at the fs relevant
portions of this patchset and give it a ACK/NACK? I'll carry the patchset in
the audit tree, but I'd like to see a thumbs up from someone in fs land before
I merge these patches.

Thanks,
-Paul

--
paul moore
security @ redhat

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Borislav Petkov: "Re: [PATCH] x86: introduce push/pop macros which generate CFI_REL_OFFSET and CFI_RESTORE"
Previous message: Andrew Morton: "Re: [PATCHv2 0/2] mm: infrastructure for correctly handling foreign pages on Xen"
In reply to: Paul Moore: "Re: [RFC PATCH 5/5] audit: replace getname()/putname() hacks with reference counters"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]