Re: [PATCH ghak59 V3 0/4] audit: config_change normalizations and event record gathering

From: Paul Moore
Date: Wed Dec 12 2018 - 07:57:57 EST

Next message: Yong Wu: "[PATCH] iommu/io-pgtable-arm-v7s: Don't check PHYS_OFFSET if RAMDOMIZE_BASE is enabled"
Previous message: Geert Uytterhoeven: "Re: [PATCH v5 13/25] m68k: add asm/syscall.h"
In reply to: Richard Guy Briggs: "Re: [PATCH ghak59 V3 0/4] audit: config_change normalizations and event record gathering"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Dec 11, 2018 at 9:45 PM Richard Guy Briggs <rgb@xxxxxxxxxx> wrote:
> On 2018-12-11 18:26, Paul Moore wrote:
> > On Tue, Dec 11, 2018 at 5:41 PM Richard Guy Briggs <rgb@xxxxxxxxxx> wrote:
> > > On 2018-12-11 17:31, Paul Moore wrote:
> > > > On Mon, Dec 10, 2018 at 5:18 PM Richard Guy Briggs <rgb@xxxxxxxxxx> wrote:
> >
> > ...
> >
> > > > > Richard Guy Briggs (4):
> > > > > audit: give a clue what CONFIG_CHANGE op was involved
> > > > > audit: add syscall information to CONFIG_CHANGE records
> > > > > audit: hand taken context to audit_kill_trees for syscall logging
> > > > > audit: extend config_change mark/watch/tree rule changes
> > > > >
> > > > > kernel/audit.c | 33 +++++++++++++++++++++++----------
> > > > > kernel/audit.h | 4 ++--
> > > > > kernel/audit_fsnotify.c | 4 ++--
> > > > > kernel/audit_tree.c | 28 +++++++++++++++-------------
> > > > > kernel/audit_watch.c | 8 +++++---
> > > > > kernel/auditfilter.c | 2 +-
> > > > > kernel/auditsc.c | 12 ++++++------
> > > > > 7 files changed, 54 insertions(+), 37 deletions(-)
> > > >
> > > > In order to make sure expectations are set appropriately, as we are at
> > > > -rc6 right now this is not something that would go into audit/next now
> > > > (assuming everything looks okay on review), it would go into
> > > > audit/next *after* the upcoming merge window.
> > >
> > > I agree it is a bit late for this. I wasn't expecting it to go in this
> > > one. I'm filling the queue since I'm blocked on other review for
> > > ghak81(5.5wks), ghak90(5.5wks), ghak100(3.5wks). ghak90 missed another
> > > merge window.
> >
> > As discussed previously, GHAK81
> > (https://github.com/linux-audit/audit-kernel/issues/81) is something
> > that I consider part of the audit container ID work (GHAK90). I
> > believe it's time to stop treating it as a separate issue.
>
> Fine by me. It was included in the ghak90 patchset this time and still
> is in v5, waiting to get the questions replied to that arose out of the
> review of v4 around Hallowe'en.

If you knew ([1]) I didn't want GHAK81 treated as a separate issue,
but instead included as part of GHAK90, why did you bother separating
it out in your latest nag emails?

[1]I didn't feel like digging through my sent mail to find out when we
discussed this last so I could include a passive aggressive date, that
exercise is left to the reader. I'm sure you'll understand.

--
paul moore
www.paul-moore.com

Next message: Yong Wu: "[PATCH] iommu/io-pgtable-arm-v7s: Don't check PHYS_OFFSET if RAMDOMIZE_BASE is enabled"
Previous message: Geert Uytterhoeven: "Re: [PATCH v5 13/25] m68k: add asm/syscall.h"
In reply to: Richard Guy Briggs: "Re: [PATCH ghak59 V3 0/4] audit: config_change normalizations and event record gathering"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]