From: Richard Guy Briggs <rgb@redhat.com>
To: Florian Westphal <fw@strlen.de>
Cc: Thomas Woerner <twoerner@redhat.com>,
linux-audit@redhat.com,
Netfilter Developer Mailing List
<netfilter-devel@vger.kernel.org>,
Thomas Graf <tgraf@infradead.org>
Subject: Re: [PATCH V3] audit: normalize NETFILTER_PKT
Date: Fri, 3 Mar 2017 12:03:15 -0500 [thread overview]
Message-ID: <20170303170315.GI18258@madcap2.tricolour.ca> (raw)
In-Reply-To: <20170303132201.GF29213@breakpoint.cc>
On 2017-03-03 14:22, Florian Westphal wrote:
> Paul Moore <paul@paul-moore.com> wrote:
> > On Fri, Mar 3, 2017 at 7:45 AM, Florian Westphal <fw@strlen.de> wrote:
> > > Richard Guy Briggs <rgb@redhat.com> wrote:
> > >> > Perhaps I'm missing something here, but let me ask again, how does
> > >> > userspace distinguish between an unset nfmark and a nfmark of
> > >> > 0xffffffff?
> > >>
> > >> It can't.
> > >
> > > It can if you log it as 0, as I asked in patch 1 review.
> > >
> > > (You wouldn't log sk uid of 0 as -1 either, would you?)
> >
> > I want to see the code able to handle the full range of nfmark values
> > as well as the unset case; if that means we need to tweak userspace a
> > bit, please work with Steve on that.
>
> There is no 'unset nfmark'. Its just a 32bit integer.
I was going to say, we'd need an out of band indicator.
- RGB
--
Richard Guy Briggs <rgb@redhat.com>
Kernel Security Engineering, Base Operating Systems, Red Hat
Remote, Ottawa, Canada
Voice: +1.647.777.2635, Internal: (81) 32635
next prev parent reply other threads:[~2017-03-03 17:03 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-26 20:49 [PATCH V3] audit: normalize NETFILTER_PKT Richard Guy Briggs
2017-02-28 22:22 ` Paul Moore
2017-03-01 16:28 ` Richard Guy Briggs
2017-03-01 16:45 ` Pablo Neira Ayuso
2017-03-01 22:19 ` Paul Moore
2017-03-01 22:34 ` Richard Guy Briggs
2017-03-03 0:16 ` Paul Moore
2017-03-03 2:00 ` Richard Guy Briggs
2017-03-03 2:54 ` Paul Moore
2017-03-03 11:54 ` Richard Guy Briggs
2017-03-03 12:45 ` Florian Westphal
2017-03-03 13:12 ` Paul Moore
2017-03-03 13:22 ` Florian Westphal
2017-03-03 13:56 ` Paul Moore
2017-03-03 17:11 ` Richard Guy Briggs
2017-03-03 17:03 ` Richard Guy Briggs [this message]
2017-03-03 17:08 ` Richard Guy Briggs
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170303170315.GI18258@madcap2.tricolour.ca \
--to=rgb@redhat.com \
--cc=fw@strlen.de \
--cc=linux-audit@redhat.com \
--cc=netfilter-devel@vger.kernel.org \
--cc=tgraf@infradead.org \
--cc=twoerner@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.