From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753037AbcKQXeu (ORCPT ); Thu, 17 Nov 2016 18:34:50 -0500 Received: from mail-vk0-f67.google.com ([209.85.213.67]:35409 "EHLO mail-vk0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752641AbcKQXes (ORCPT ); Thu, 17 Nov 2016 18:34:48 -0500 MIME-Version: 1.0 X-Originating-IP: [96.230.190.88] In-Reply-To: <20161115084915.GI27818@madcap2.tricolour.ca> References: <2e99896c655ae31ea481240692a720e9701b0a76.1478758980.git.rgb@redhat.com> <20161115084915.GI27818@madcap2.tricolour.ca> From: Paul Moore Date: Thu, 17 Nov 2016 18:34:47 -0500 Message-ID: Subject: Re: [PATCH] audit: skip sessionid sentinel value when auto-incrementing To: Richard Guy Briggs Cc: linux-audit@redhat.com, linux-kernel@vger.kernel.org Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Nov 15, 2016 at 3:49 AM, Richard Guy Briggs wrote: > On 2016-11-14 15:17, Paul Moore wrote: >> On Thu, Nov 10, 2016 at 1:41 AM, Richard Guy Briggs wrote: >> > The value (unsigned int)-1 is used as a sentinel to indicate the >> > sessionID is unset. Skip this value when the session_id value wraps. >> > >> > Signed-off-by: Richard Guy Briggs >> > --- >> > kernel/auditsc.c | 5 ++++- >> > 1 files changed, 4 insertions(+), 1 deletions(-) >> >> Since we haven't merged the session ID kernel patches into audit#next >> yet, why don't you just squash this patch in with the session ID patch >> and resubmit upstream in one nice neat patch. > > This was an existing bug regardless of new functionality added, so the > fix should not be buried in a new feature patch. No, it's not an existing bug. The existing code simply reports/logs the session ID, it doesn't filter on it, so there are no magic values to worry about. >> > diff --git a/kernel/auditsc.c b/kernel/auditsc.c >> > index 5abf1dc..e414dfa 100644 >> > --- a/kernel/auditsc.c >> > +++ b/kernel/auditsc.c >> > @@ -2025,8 +2025,11 @@ int audit_set_loginuid(kuid_t loginuid) >> > goto out; >> > >> > /* are we setting or clearing? */ >> > - if (uid_valid(loginuid)) >> > + if (uid_valid(loginuid)) { >> > sessionid = (unsigned int)atomic_inc_return(&session_id); >> > + if (unlikely(sessionid == (unsigned int)-1)) >> > + sessionid = (unsigned int)atomic_inc_return(&session_id); >> > + } >> > >> > task->sessionid = sessionid; >> > task->loginuid = loginuid; >> >> paul moore > > - RGB > > -- > Richard Guy Briggs > Kernel Security Engineering, Base Operating Systems, Red Hat > Remote, Ottawa, Canada > Voice: +1.647.777.2635, Internal: (81) 32635 -- paul moore www.paul-moore.com