Re: [PATCH -v2] Audit: push audit success and retcode into arch ptrace.h
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: Eric Paris <eparis@xxxxxxxxxx>
- Subject: Re: [PATCH -v2] Audit: push audit success and retcode into arch ptrace.h
- From: Oleg Nesterov <oleg@xxxxxxxxxx>
- Date: Wed, 8 Jun 2011 21:19:10 +0200
- Cc: linux-kernel@xxxxxxxxxxxxxxx, tony.luck@xxxxxxxxx, fenghua.yu@xxxxxxxxx, monstr@xxxxxxxxx, ralf@xxxxxxxxxxxxxx, benh@xxxxxxxxxxxxxxxxxxx, paulus@xxxxxxxxx, schwidefsky@xxxxxxxxxx, heiko.carstens@xxxxxxxxxx, linux390@xxxxxxxxxx, lethal@xxxxxxxxxxxx, davem@xxxxxxxxxxxxx, jdike@xxxxxxxxxxx, richard@xxxxxx, tglx@xxxxxxxxxxxxx, mingo@xxxxxxxxxx, hpa@xxxxxxxxx, x86@xxxxxxxxxx, viro@xxxxxxxxxxxxxxxxxx, akpm@xxxxxxxxxxxxxxxxxxxx, linux-ia64@xxxxxxxxxxxxxxx, microblaze-uclinux@xxxxxxxxxxxxxx, linux-mips@xxxxxxxxxxxxxx, linuxppc-dev@xxxxxxxxxxxxxxxx, linux-s390@xxxxxxxxxxxxxxx, linux-sh@xxxxxxxxxxxxxxx, sparclinux@xxxxxxxxxxxxxxx, user-mode-linux-devel@xxxxxxxxxxxxxxxxxxxxx
- In-reply-to: <20110608183720.GA16883@xxxxxxxxxx>
- List-id: <linux-ia64.vger.kernel.org>
- References: <20110603220451.23134.47368.stgit@xxxxxxxxxxxxxxxxxxxx> <20110607171952.GA25729@xxxxxxxxxx> <1307472796.2052.12.camel@xxxxxxxxxxxxxxxxxxxxx> <20110608163653.GA9592@xxxxxxxxxx> <1307556823.2577.5.camel@xxxxxxxxxxxxxxxxxxxxx> <20110608183720.GA16883@xxxxxxxxxx>
- User-agent: Mutt/1.5.18 (2008-05-17)
On 06/08, Oleg Nesterov wrote:
>
> OK. Thanks a lot Eric for your explanations.
Yes. but may I ask another one?
Shouldn't copy_process()->audit_alloc(tsk) path do
clear_tsk_thread_flag(tsk, TIF_SYSCALL_AUDIT) if it doesn't
set tsk->audit_context?
I can be easily wrong, but afaics otherwise the child can run
with TIF_SYSCALL_AUDIT bit copied from parent's thread_info by
dup_task_struct()->setup_thread_stack() and without ->audit_context,
right? For what?
Any other reason why audit_syscall_entry() checks context != NULL?
IOW. Any reason the patch below is wrong?
I am just curious, thanks.
Oleg.
--- x/kernel/auditsc.c
+++ x/kernel/auditsc.c
@@ -885,6 +885,8 @@ int audit_alloc(struct task_struct *tsk)
if (likely(!audit_ever_enabled))
return 0; /* Return if not auditing. */
+ clear_tsk_thread_flag(tsk, TIF_SYSCALL_AUDIT);
+
state = audit_filter_task(tsk, &key);
if (likely(state == AUDIT_DISABLED))
return 0;
@@ -1591,9 +1593,7 @@ void audit_syscall_entry(int arch, int m
struct audit_context *context = tsk->audit_context;
enum audit_state state;
- if (unlikely(!context))
- return;
-
+ BUG_ON(!context);
/*
* This happens only on certain architectures that make system
* calls in kernel_thread via the entry.S interface, instead of
--
To unsubscribe from this list: send the line "unsubscribe linux-ia64" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
[Index of Archives]
[Linux Kernel]
[Sparc Linux]
[DCCP]
[Linux ARM]
[Yosemite News]
[Linux SCSI]
[Linux x86_64]
[Linux for Ham Radio]