From mboxrd@z Thu Jan  1 00:00:00 1970
From: William Roberts <bill.c.roberts@gmail.com>
Subject: Re: [PATCH 1/7] audit: implement generic feature setting and
	retrieving
Date: Fri, 24 May 2013 13:41:53 -0700
Message-ID: <CAFftDdpTcSROyCLODP2ukKFrCGL4qrELdbDoohSuK3Pk2Q_fXw@mail.gmail.com>
References: <1369411910-13777-1-git-send-email-eparis@redhat.com>
	<1369412920.2514.12.camel@dhcp137-228.rdu.redhat.com>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="===============1764833092329642567=="
Return-path: <linux-audit-bounces@redhat.com>
In-Reply-To: <1369412920.2514.12.camel@dhcp137-228.rdu.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/linux-audit>
List-Post: <mailto:linux-audit@redhat.com>
List-Help: <mailto:linux-audit-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=subscribe>
Sender: linux-audit-bounces@redhat.com
Errors-To: linux-audit-bounces@redhat.com
To: Eric Paris <eparis@redhat.com>
Cc: linux-audit@redhat.com
List-Id: linux-audit@redhat.com

--===============1764833092329642567==
Content-Type: multipart/alternative; boundary=001a11c3421a41804804dd7cd4a9

--001a11c3421a41804804dd7cd4a9
Content-Type: text/plain; charset=ISO-8859-1

Looking through the patch, these are my thoughts:

I like that my "splitlog" patch shrunk a lot, way easier. I like that. It
also proves something like this is the correct direction.

Shouldn't audit_set_feature() check the version number, granted it doesn't
mater now, but shouldn't their be a:

 if(uaf->version <= AUDIT_FEATURE_SUPPORTED_VERSION)


This branchy code could be:
if (new_feature)
af.features |= feature;
else
af.features &= ~feature;

changed to:
af.features = (af.features & ~feature) | feature

Ie just do a clear bit than or in what you want.

Otherwise LGTM

Bill





On Fri, May 24, 2013 at 9:28 AM, Eric Paris <eparis@redhat.com> wrote:

> On Fri, 2013-05-24 at 12:11 -0400, Eric Paris wrote:
> > The audit_status structure was not designed with extensibility in mind.
> > Define a new AUDIT_SET_FEATURE message type which takes a new structure
> > of bits where things can be enabled/disabled/locked one at a time.  This
> > structure should be able to grow in the future while maintaining forward
> > and backward compatibility (based loosly on the ideas from capabilities
> > and prctl)
> >
> > This does not actually add any features, but is just infrastructure to
> > allow new on/off types of audit system features.
> >
> > Signed-off-by: Eric Paris <eparis@redhat.com>
>
> Attached you will find the test program I used to check that things were
> working correctly.  It should give an idea to Steve how we can program
> the features support in userspace.  I believe it fits very nicely to
> have a new syntax in audit.rules to set (and lock if needed/wanted)
> these features.
>
> netlink.c is just some helper code I stole from the audit tree to get
> some functions which weren't exposed externally.  The only part really
> interesting is test.c.
>
> You will also need the include/uapi/linux/audit.h file from this patch
> to build test.c
>
> -Eric
>
> --
> Linux-audit mailing list
> Linux-audit@redhat.com
> https://www.redhat.com/mailman/listinfo/linux-audit
>



-- 
Respectfully,

William C Roberts

--001a11c3421a41804804dd7cd4a9
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">Looking through the patch, these are my thoughts:<div><br>=
</div><div>I like that my &quot;splitlog&quot; patch shrunk a lot, way easi=
er. I like that. It also proves something like this is the correct directio=
n.</div>

<div><br></div><div>Shouldn&#39;t=A0audit_set_feature() check the version n=
umber, granted it doesn&#39;t mater now, but shouldn&#39;t their be a:</div=
><div><br></div><div>=A0if(uaf-&gt;version &lt;=3D AUDIT_FEATURE_SUPPORTED_=
VERSION)</div>
<div>
<br></div><div><br></div><div style>This branchy code could be:</div><div><=
div><span class=3D"" style=3D"white-space:pre">		</span>if (new_feature)</d=
iv><div><span class=3D"" style=3D"white-space:pre">			</span>af.features |=
=3D feature;</div>
<div><span class=3D"" style=3D"white-space:pre">		</span>else</div><div><sp=
an class=3D"" style=3D"white-space:pre">			</span>af.features &amp;=3D ~fea=
ture;</div></div><div><span class=3D"" style=3D"color:rgb(51,51,51);font-fa=
mily:&#39;Bitstream Vera Sans Mono&#39;,&#39;DejaVu Sans Mono&#39;,Monaco,m=
onospace;font-size:12px;line-height:1.4"><br>
</span></div><div style><span class=3D"" style=3D"color:rgb(51,51,51);font-=
family:&#39;Bitstream Vera Sans Mono&#39;,&#39;DejaVu Sans Mono&#39;,Monaco=
,monospace;font-size:12px;line-height:1.4">changed to:</span></div><div><sp=
an style=3D"color:rgb(51,51,51);font-family:&#39;Bitstream Vera Sans Mono&#=
39;,&#39;DejaVu Sans Mono&#39;,Monaco,monospace;font-size:12px;line-height:=
1.4">af.features=A0</span><span class=3D"" style=3D"color:rgb(51,51,51);fon=
t-family:&#39;Bitstream Vera Sans Mono&#39;,&#39;DejaVu Sans Mono&#39;,Mona=
co,monospace;font-size:12px;line-height:1.4">=3D</span><span style=3D"color=
:rgb(51,51,51);font-family:&#39;Bitstream Vera Sans Mono&#39;,&#39;DejaVu S=
ans Mono&#39;,Monaco,monospace;font-size:12px;line-height:1.4">=A0</span><s=
pan class=3D"" style=3D"color:rgb(51,51,51);font-family:&#39;Bitstream Vera=
 Sans Mono&#39;,&#39;DejaVu Sans Mono&#39;,Monaco,monospace;font-size:12px;=
line-height:1.4">(af.features</span><span style=3D"color:rgb(51,51,51);font=
-family:&#39;Bitstream Vera Sans Mono&#39;,&#39;DejaVu Sans Mono&#39;,Monac=
o,monospace;font-size:12px;line-height:1.4">=A0</span><span class=3D"" styl=
e=3D"color:rgb(51,51,51);font-family:&#39;Bitstream Vera Sans Mono&#39;,&#3=
9;DejaVu Sans Mono&#39;,Monaco,monospace;font-size:12px;line-height:1.4">&a=
mp;</span><span style=3D"color:rgb(51,51,51);font-family:&#39;Bitstream Ver=
a Sans Mono&#39;,&#39;DejaVu Sans Mono&#39;,Monaco,monospace;font-size:12px=
;line-height:1.4"> </span><span class=3D"" style=3D"color:rgb(51,51,51);fon=
t-family:&#39;Bitstream Vera Sans Mono&#39;,&#39;DejaVu Sans Mono&#39;,Mona=
co,monospace;font-size:12px;line-height:1.4">~</span><span class=3D"" style=
=3D"font-family:&#39;Bitstream Vera Sans Mono&#39;,&#39;DejaVu Sans Mono&#3=
9;,Monaco,monospace;font-size:12px;line-height:1.4"><font color=3D"#009999"=
>feature</font></span><span class=3D"" style=3D"color:rgb(51,51,51);font-fa=
mily:&#39;Bitstream Vera Sans Mono&#39;,&#39;DejaVu Sans Mono&#39;,Monaco,m=
onospace;font-size:12px;line-height:1.4">)</span><span style=3D"color:rgb(5=
1,51,51);font-family:&#39;Bitstream Vera Sans Mono&#39;,&#39;DejaVu Sans Mo=
no&#39;,Monaco,monospace;font-size:12px;line-height:1.4"> </span><span clas=
s=3D"" style=3D"color:rgb(51,51,51);font-family:&#39;Bitstream Vera Sans Mo=
no&#39;,&#39;DejaVu Sans Mono&#39;,Monaco,monospace;font-size:12px;line-hei=
ght:1.4">|</span><span style=3D"color:rgb(51,51,51);font-family:&#39;Bitstr=
eam Vera Sans Mono&#39;,&#39;DejaVu Sans Mono&#39;,Monaco,monospace;font-si=
ze:12px;line-height:1.4">=A0feature</span><br>
</div><div><br></div><div style>Ie just do a clear bit than or in what you =
want.</div><div><br></div><div style>Otherwise LGTM</div><div><br></div><di=
v>
Bill</div><div><br></div><div><br></div><div><br></div></div><div class=3D"=
gmail_extra"><br><br><div class=3D"gmail_quote">On Fri, May 24, 2013 at 9:2=
8 AM, Eric Paris <span dir=3D"ltr">&lt;<a href=3D"mailto:eparis@redhat.com"=
 target=3D"_blank">eparis@redhat.com</a>&gt;</span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><div class=3D"im">On Fri, 2013-05-24 at 12:1=
1 -0400, Eric Paris wrote:<br>
&gt; The audit_status structure was not designed with extensibility in mind=
.<br>
&gt; Define a new AUDIT_SET_FEATURE message type which takes a new structur=
e<br>
&gt; of bits where things can be enabled/disabled/locked one at a time. =A0=
This<br>
&gt; structure should be able to grow in the future while maintaining forwa=
rd<br>
&gt; and backward compatibility (based loosly on the ideas from capabilitie=
s<br>
&gt; and prctl)<br>
&gt;<br>
&gt; This does not actually add any features, but is just infrastructure to=
<br>
&gt; allow new on/off types of audit system features.<br>
&gt;<br>
&gt; Signed-off-by: Eric Paris &lt;<a href=3D"mailto:eparis@redhat.com">epa=
ris@redhat.com</a>&gt;<br>
<br>
</div>Attached you will find the test program I used to check that things w=
ere<br>
working correctly. =A0It should give an idea to Steve how we can program<br=
>
the features support in userspace. =A0I believe it fits very nicely to<br>
have a new syntax in audit.rules to set (and lock if needed/wanted)<br>
these features.<br>
<br>
netlink.c is just some helper code I stole from the audit tree to get<br>
some functions which weren&#39;t exposed externally. =A0The only part reall=
y<br>
interesting is test.c.<br>
<br>
You will also need the include/uapi/linux/audit.h file from this patch<br>
to build test.c<br>
<span class=3D"HOEnZb"><font color=3D"#888888"><br>
-Eric<br>
</font></span><br>--<br>
Linux-audit mailing list<br>
<a href=3D"mailto:Linux-audit@redhat.com">Linux-audit@redhat.com</a><br>
<a href=3D"https://www.redhat.com/mailman/listinfo/linux-audit" target=3D"_=
blank">https://www.redhat.com/mailman/listinfo/linux-audit</a><br></blockqu=
ote></div><br><br clear=3D"all"><div><br></div>-- <br>Respectfully,<br><br>=
William C Roberts<br>
<br>
</div>

--001a11c3421a41804804dd7cd4a9--


--===============1764833092329642567==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline


--===============1764833092329642567==--