From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.5 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_PASS,USER_AGENT_MUTT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 929D5C43381 for ; Mon, 18 Mar 2019 11:10:53 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 689C42084F for ; Mon, 18 Mar 2019 11:10:53 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727113AbfCRLKw (ORCPT ); Mon, 18 Mar 2019 07:10:52 -0400 Received: from charlotte.tuxdriver.com ([70.61.120.58]:52658 "EHLO smtp.tuxdriver.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725973AbfCRLKv (ORCPT ); Mon, 18 Mar 2019 07:10:51 -0400 Received: from cpe-2606-a000-111b-405a-9816-2c85-c514-8f7a.dyn6.twc.com ([2606:a000:111b:405a:9816:2c85:c514:8f7a] helo=localhost) by smtp.tuxdriver.com with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.63) (envelope-from ) id 1h5qA9-0004ZV-St; Mon, 18 Mar 2019 07:10:44 -0400 Date: Mon, 18 Mar 2019 07:10:03 -0400 From: Neil Horman To: Richard Guy Briggs Cc: containers@lists.linux-foundation.org, linux-api@vger.kernel.org, Linux-Audit Mailing List , linux-fsdevel@vger.kernel.org, LKML , netdev@vger.kernel.org, netfilter-devel@vger.kernel.org, Paul Moore , sgrubb@redhat.com, omosnace@redhat.com, dhowells@redhat.com, simo@redhat.com, eparis@parisplace.org, serge@hallyn.com, ebiederm@xmission.com Subject: Re: [PATCH ghak90 V5 03/10] audit: read container ID of a process Message-ID: <20190318111003.GA7364@hmswarspite.think-freely.org> References: <25543e3db4d8f3853119f92c09a60664555249a2.1552665316.git.rgb@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <25543e3db4d8f3853119f92c09a60664555249a2.1552665316.git.rgb@redhat.com> User-Agent: Mutt/1.11.3 (2019-02-01) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Mar 15, 2019 at 02:29:51PM -0400, Richard Guy Briggs wrote: > Add support for reading the audit container identifier from the proc > filesystem. > > This is a read from the proc entry of the form > /proc/PID/audit_containerid where PID is the process ID of the task > whose audit container identifier is sought. > > The read expects up to a u64 value (unset: 18446744073709551615). > > This read requires CAP_AUDIT_CONTROL. > > Signed-off-by: Richard Guy Briggs > Acked-by: Serge Hallyn > --- > fs/proc/base.c | 23 +++++++++++++++++++++-- > 1 file changed, 21 insertions(+), 2 deletions(-) > > diff --git a/fs/proc/base.c b/fs/proc/base.c > index 2505c46c8701..0b833cbdf5b6 100644 > --- a/fs/proc/base.c > +++ b/fs/proc/base.c > @@ -1295,6 +1295,24 @@ static ssize_t proc_sessionid_read(struct file * file, char __user * buf, > .llseek = generic_file_llseek, > }; > > +static ssize_t proc_contid_read(struct file *file, char __user *buf, > + size_t count, loff_t *ppos) > +{ > + struct inode *inode = file_inode(file); > + struct task_struct *task = get_proc_task(inode); > + ssize_t length; > + char tmpbuf[TMPBUFLEN*2]; > + Sorry, didn't notice this previously, but.. Why *2 here? Its not wrong per-se, but would it be better to just change TMPBUFLEN to be 22 bytes unilaterally? Its only ever used on stack calls that arent that deep, and then you won't have to think about adjusting this call site if you ever change the value of TMPBUFLEN in the future. I'm fine with doing this in another patch later, but it seems like a worthwhile cleanup functionality looks good beyond that nit. > + if (!task) > + return -ESRCH; > + /* if we don't have caps, reject */ > + if (!capable(CAP_AUDIT_CONTROL)) > + return -EPERM; > + length = scnprintf(tmpbuf, TMPBUFLEN*2, "%llu", audit_get_contid(task)); > + put_task_struct(task); > + return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); > +} > + > static ssize_t proc_contid_write(struct file *file, const char __user *buf, > size_t count, loff_t *ppos) > { > @@ -1325,6 +1343,7 @@ static ssize_t proc_contid_write(struct file *file, const char __user *buf, > } > > static const struct file_operations proc_contid_operations = { > + .read = proc_contid_read, > .write = proc_contid_write, > .llseek = generic_file_llseek, > }; > @@ -3039,7 +3058,7 @@ static int proc_stack_depth(struct seq_file *m, struct pid_namespace *ns, > #ifdef CONFIG_AUDIT > REG("loginuid", S_IWUSR|S_IRUGO, proc_loginuid_operations), > REG("sessionid", S_IRUGO, proc_sessionid_operations), > - REG("audit_containerid", S_IWUSR, proc_contid_operations), > + REG("audit_containerid", S_IWUSR|S_IRUSR, proc_contid_operations), > #endif > #ifdef CONFIG_FAULT_INJECTION > REG("make-it-fail", S_IRUGO|S_IWUSR, proc_fault_inject_operations), > @@ -3428,7 +3447,7 @@ static int proc_tid_comm_permission(struct inode *inode, int mask) > #ifdef CONFIG_AUDIT > REG("loginuid", S_IWUSR|S_IRUGO, proc_loginuid_operations), > REG("sessionid", S_IRUGO, proc_sessionid_operations), > - REG("audit_containerid", S_IWUSR, proc_contid_operations), > + REG("audit_containerid", S_IWUSR|S_IRUSR, proc_contid_operations), > #endif > #ifdef CONFIG_FAULT_INJECTION > REG("make-it-fail", S_IRUGO|S_IWUSR, proc_fault_inject_operations), > -- > 1.8.3.1 > > Acked-by: Neil Horman