From: Casey Schaufler <casey@schaufler-ca.com>
To: Dmitry Mastykin <dmastykin@astralinux.ru>,
linux-security-module@vger.kernel.org
Cc: akovalenko@astralinux.ru, Casey Schaufler <casey@schaufler-ca.com>
Subject: Re: lsm-stacking: fix broken lsm audit
Date: Mon, 25 Oct 2021 08:01:24 -0700 [thread overview]
Message-ID: <2f00ac71-487f-1b39-133b-5ab40cc9c3df@schaufler-ca.com> (raw)
In-Reply-To: <539ad779-3dc7-91d4-4f7d-398821207356@astralinux.ru>
On 10/25/2021 1:17 AM, Dmitry Mastykin wrote:
> Hello Casey,
>
> > On 8/6/21 11:01 PM, Casey Schaufler wrote:
>>> On 8/6/2021 12:02 AM, Dmitry Mastykin wrote:
>>> Hello,
>>> These patches address the problem of not processing LSM audit rules.
>>> Problem was introduced in lsm stacking series.
>>
>> Thank you. I will incorporate these changes in v29.
>>
> thank you for the v29.
> I think the following fix is still required:
>
> ---
> security/security.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/security/security.c b/security/security.c
> index e33c8ccc06a0..fd14064e9106 100644
> --- a/security/security.c
> +++ b/security/security.c
> @@ -2934,7 +2934,7 @@ int security_audit_rule_match(struct lsmblob *blob, u32 field, u32 op,
> continue;
> rc = hp->hook.audit_rule_match(blob->secid[hp->lsmid->slot],
> field, op,
> - &lsmrule[hp->lsmid->slot]);
> + lsmrule[hp->lsmid->slot]);
The code has the correct indirection as written. With your change
it dies horribly. The interface is not very attractive.
> if (rc)
> return rc;
> }
>
>
> Kind regards,
> Dmitry Mastykin
>
prev parent reply other threads:[~2021-10-25 15:01 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-06 7:02 lsm-stacking: fix broken lsm audit Dmitry Mastykin
2021-08-06 7:02 ` [PATCH 1/3] security/security: remove extra address-of in hook.audit_rule_match call Dmitry Mastykin
2021-08-06 7:02 ` [PATCH 2/3] security/security: get rid of a duplicated condition Dmitry Mastykin
2021-08-06 7:02 ` [PATCH 3/3] kernel/auditsc: use correct blob for files in security_audit_rule_match call Dmitry Mastykin
2021-08-06 20:01 ` lsm-stacking: fix broken lsm audit Casey Schaufler
2021-10-25 8:17 ` Dmitry Mastykin
2021-10-25 15:01 ` Casey Schaufler [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2f00ac71-487f-1b39-133b-5ab40cc9c3df@schaufler-ca.com \
--to=casey@schaufler-ca.com \
--cc=akovalenko@astralinux.ru \
--cc=dmastykin@astralinux.ru \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.