On Thu, Jun 13, 2019 at 2:43 PM Richard Guy Briggs <rgb@xxxxxxxxxx> wrote: > > All instances of one field type should be encoded in the same way. > Since some invalid_context fields can contain untrusted strings, encode > all instances of this field the same way. > > Please see github issue > https://github.com/linux-audit/audit-kernel/issues/57 It would be good to see a list of all the places we are using the "invalid_context" field and some discussion about if those labels are really "trusted" or "untrusted". In both the compute_sid_handle_invalid_context() and security_sid_mls_copy() cases below it would appear that the labels can be considered "trusted", even if they are invalid. I understand your concern about logging consistency with the "invalid_context" field, but without some further discussion it is hard to accept this patch as-is. -- paul moore www.paul-moore.com
