From: Paul Moore <paul@paul-moore.com>
To: Richard Guy Briggs <rgb@redhat.com>
Cc: cgroups@vger.kernel.org, containers@lists.linux-foundation.org,
linux-api@vger.kernel.org,
Linux-Audit Mailing List <linux-audit@redhat.com>,
linux-fsdevel@vger.kernel.org,
LKML <linux-kernel@vger.kernel.org>,
netdev@vger.kernel.org, ebiederm@xmission.com, luto@kernel.org,
jlayton@redhat.com, carlos@redhat.com, dhowells@redhat.com,
viro@zeniv.linux.org.uk, simo@redhat.com,
Eric Paris <eparis@parisplace.org>,
serge@hallyn.com
Subject: Re: [RFC PATCH ghak32 V2 06/13] audit: add support for non-syscall auxiliary records
Date: Fri, 20 Apr 2018 12:21:33 -0400 [thread overview]
Message-ID: <CAHC9VhRe2UMmwcdPfDs5wLdg8JjL7U+711LAR=URS=7rBGjw2A@mail.gmail.com> (raw)
In-Reply-To: <20180420012346.udnga5pfdjoazcfc@madcap2.tricolour.ca>
On Thu, Apr 19, 2018 at 9:23 PM, Richard Guy Briggs <rgb@redhat.com> wrote:
> On 2018-04-18 20:39, Paul Moore wrote:
>> On Fri, Mar 16, 2018 at 5:00 AM, Richard Guy Briggs <rgb@redhat.com> wrote:
>> > Standalone audit records have the timestamp and serial number generated
>> > on the fly and as such are unique, making them standalone. This new
>> > function audit_alloc_local() generates a local audit context that will
>> > be used only for a standalone record and its auxiliary record(s). The
>> > context is discarded immediately after the local associated records are
>> > produced.
>> >
>> > Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
>> > ---
>> > include/linux/audit.h | 8 ++++++++
>> > kernel/auditsc.c | 20 +++++++++++++++++++-
>> > 2 files changed, 27 insertions(+), 1 deletion(-)
>> >
>> > diff --git a/include/linux/audit.h b/include/linux/audit.h
>> > index ed16bb6..c0b83cb 100644
>> > --- a/include/linux/audit.h
>> > +++ b/include/linux/audit.h
>> > @@ -227,7 +227,9 @@ static inline int audit_log_container_info(struct audit_context *context,
>> > /* These are defined in auditsc.c */
>> > /* Public API */
>> > extern int audit_alloc(struct task_struct *task);
>> > +extern struct audit_context *audit_alloc_local(void);
>> > extern void __audit_free(struct task_struct *task);
>> > +extern void audit_free_context(struct audit_context *context);
>> > extern void __audit_syscall_entry(int major, unsigned long a0, unsigned long a1,
>> > unsigned long a2, unsigned long a3);
>> > extern void __audit_syscall_exit(int ret_success, long ret_value);
>> > @@ -472,6 +474,12 @@ static inline int audit_alloc(struct task_struct *task)
>> > {
>> > return 0;
>> > }
>> > +static inline struct audit_context *audit_alloc_local(void)
>> > +{
>> > + return NULL;
>> > +}
>> > +static inline void audit_free_context(struct audit_context *context)
>> > +{ }
>> > static inline void audit_free(struct task_struct *task)
>> > { }
>> > static inline void audit_syscall_entry(int major, unsigned long a0,
>> > diff --git a/kernel/auditsc.c b/kernel/auditsc.c
>> > index 2932ef1..7103d23 100644
>> > --- a/kernel/auditsc.c
>> > +++ b/kernel/auditsc.c
>> > @@ -959,8 +959,26 @@ int audit_alloc(struct task_struct *tsk)
>> > return 0;
>> > }
>> >
>> > -static inline void audit_free_context(struct audit_context *context)
>> > +struct audit_context *audit_alloc_local(void)
>> > {
>> > + struct audit_context *context;
>> > +
>> > + if (!audit_ever_enabled)
>> > + return NULL; /* Return if not auditing. */
>> > +
>> > + context = audit_alloc_context(AUDIT_RECORD_CONTEXT);
>> > + if (!context)
>> > + return NULL;
>> > + context->serial = audit_serial();
>> > + context->ctime = current_kernel_time64();
>> > + context->in_syscall = 1;
>> > + return context;
>> > +}
>> > +
>> > +inline void audit_free_context(struct audit_context *context)
>> > +{
>> > + if (!context)
>> > + return;
>> > audit_free_names(context);
>> > unroll_tree_refs(context, NULL, 0);
>> > free_tree_refs(context);
>>
>> I'm reserving the option to comment on this idea further as I make my
>> way through the patchset, but audit_free_context() definitely
>> shouldn't be declared as an inline function.
>
> Ok, I think I follow. When it wasn't exported, inline was fine, but now
> that it has been exported, it should no longer be inlined ...
Pretty much. Based on a few comments I've seen by compiler folks over
the years, my current thinking is that we shouldn't worry about
explicit inlining static functions in C files (header files are a
different story). The basic idea being that the compiler almost
always does a better job than us stupid developers.
> ... or should use
> an intermediate function name to export so that local uses of it can
> remain inline.
Possibly, but my guess is that the compiler could (will?) do that by
itself for code that lives in the same file.
--
paul moore
www.paul-moore.com
next prev parent reply other threads:[~2018-04-20 16:21 UTC|newest]
Thread overview: 69+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-16 9:00 [RFC PATCH ghak32 V2 00/13] audit: implement container id Richard Guy Briggs
2018-03-16 9:00 ` [RFC PATCH ghak32 V2 01/13] audit: add " Richard Guy Briggs
2018-03-28 18:39 ` Jonathan Corbet
[not found] ` <20180328123912.49b11c98-T1hC0tSOHrs@public.gmane.org>
2018-03-29 9:01 ` Richard Guy Briggs
2018-03-29 13:03 ` Jonathan Corbet
2018-03-30 5:06 ` Richard Guy Briggs
2018-04-18 23:47 ` Paul Moore
2018-04-19 0:41 ` Casey Schaufler
[not found] ` <32d3e7a6-36f0-571a-bb91-67f746c7eafa-iSGtlc1asvQWG2LlvL+J4A@public.gmane.org>
2018-04-19 0:46 ` Paul Moore
2018-04-19 1:15 ` Casey Schaufler
2018-04-21 14:34 ` Richard Guy Briggs
2018-04-23 23:15 ` Paul Moore
2018-04-24 2:02 ` Richard Guy Briggs
2018-04-24 19:01 ` Paul Moore
2018-04-25 0:40 ` Richard Guy Briggs
2018-04-26 22:47 ` Paul Moore
2018-05-06 16:51 ` Richard Guy Briggs
[not found] ` <e284617ad667ad8f17958dd8babb87fe1b4d7205.1521179281.git.rgb-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2018-05-17 21:00 ` Steve Grubb
2018-05-17 21:56 ` Richard Guy Briggs
[not found] ` <20180517215600.dyswlkvqdtgjwr5y-bcJWsdo4jJjeVoXN4CMphl7TgLCtbB0G@public.gmane.org>
2018-05-18 13:56 ` Steve Grubb
2018-05-18 15:21 ` Richard Guy Briggs
2018-05-18 15:38 ` Steve Grubb
2018-03-16 9:00 ` [RFC PATCH ghak32 V2 03/13] audit: log container info of syscalls Richard Guy Briggs
2018-05-17 21:09 ` Steve Grubb
2018-05-17 21:41 ` Richard Guy Briggs
2018-05-21 19:19 ` Steve Grubb
2018-03-16 9:00 ` [RFC PATCH ghak32 V2 04/13] audit: add containerid filtering Richard Guy Briggs
2018-04-19 0:24 ` Paul Moore
2018-04-19 12:17 ` Richard Guy Briggs
2018-03-16 9:00 ` [RFC PATCH ghak32 V2 06/13] audit: add support for non-syscall auxiliary records Richard Guy Briggs
2018-04-19 0:39 ` Paul Moore
[not found] ` <CAHC9VhQbPbnrbxCD1fyTSxWgrXXXYnZw_=nbOhfMCO5Q5eSsWQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2018-04-20 1:23 ` Richard Guy Briggs
2018-04-20 16:21 ` Paul Moore [this message]
2018-03-16 9:00 ` [RFC PATCH ghak32 V2 08/13] audit: add containerid support for tty_audit Richard Guy Briggs
2018-03-16 9:00 ` [RFC PATCH ghak32 V2 09/13] audit: add containerid support for config/feature/user records Richard Guy Briggs
2018-04-19 1:27 ` Paul Moore
2018-04-19 12:31 ` Richard Guy Briggs
2018-04-19 12:59 ` Paul Moore
2018-03-16 9:00 ` [RFC PATCH ghak32 V2 11/13] audit: add support for containerid to network namespaces Richard Guy Briggs
2018-04-19 1:46 ` Paul Moore
2018-04-20 20:02 ` Richard Guy Briggs
2018-04-20 20:22 ` Paul Moore
2018-04-20 20:42 ` Richard Guy Briggs
[not found] ` <20180420204225.iik2lgtj6gx2ep4w-bcJWsdo4jJjeVoXN4CMphl7TgLCtbB0G@public.gmane.org>
2018-04-21 12:10 ` Paul Moore
2018-03-16 9:00 ` [RFC PATCH ghak32 V2 12/13] audit: NETFILTER_PKT: record each container ID associated with a netNS Richard Guy Briggs
2018-04-19 2:10 ` Paul Moore
2018-04-19 12:45 ` Richard Guy Briggs
[not found] ` <20180419124550.7uknp4oebvwoo67s-bcJWsdo4jJjeVoXN4CMphl7TgLCtbB0G@public.gmane.org>
2018-04-19 13:13 ` Paul Moore
2018-03-16 9:00 ` [RFC PATCH ghak32 V2 13/13] debug audit: read container ID of a process Richard Guy Briggs
2018-05-21 19:16 ` Steve Grubb
2018-05-21 19:19 ` Eric W. Biederman
2018-05-21 20:06 ` Paul Moore
[not found] ` <CAHC9VhQruN88t-R9Qo3e4hwCZ58RAyrmEmH1nY4RR6NZaiBzGQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2018-05-22 17:35 ` Richard Guy Briggs
[not found] ` <20180522173541.slcdszumi7q6c4id-bcJWsdo4jJjeVoXN4CMphl7TgLCtbB0G@public.gmane.org>
2018-05-22 18:59 ` Paul Moore
[not found] ` <cover.1521179281.git.rgb-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2018-03-16 9:00 ` [RFC PATCH ghak32 V2 02/13] audit: check children and threading before allowing containerid Richard Guy Briggs
[not found] ` <995b77557010b2f9aed0e10435f7b8536df7a5db.1521179281.git.rgb-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2018-04-19 0:11 ` Paul Moore
2018-03-16 9:00 ` [RFC PATCH ghak32 V2 05/13] audit: add containerid support for ptrace and signals Richard Guy Briggs
2018-04-19 0:32 ` Paul Moore
2018-04-20 1:03 ` Richard Guy Briggs
2018-04-20 16:13 ` Paul Moore
2018-03-16 9:00 ` [RFC PATCH ghak32 V2 07/13] audit: add container aux record to watch/tree/mark Richard Guy Briggs
2018-04-19 0:42 ` Paul Moore
2018-04-19 12:24 ` Richard Guy Briggs
2018-03-16 9:00 ` [RFC PATCH ghak32 V2 10/13] audit: add containerid support for seccomp and anom_abend records Richard Guy Briggs
2018-04-19 1:31 ` Paul Moore
2018-04-20 0:42 ` Richard Guy Briggs
2018-04-20 16:11 ` Paul Moore
2018-05-30 13:20 ` [RFC PATCH ghak32 V2 00/13] audit: implement container id Steve Grubb
2018-05-30 17:33 ` Richard Guy Briggs
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAHC9VhRe2UMmwcdPfDs5wLdg8JjL7U+711LAR=URS=7rBGjw2A@mail.gmail.com' \
--to=paul@paul-moore.com \
--cc=carlos@redhat.com \
--cc=cgroups@vger.kernel.org \
--cc=containers@lists.linux-foundation.org \
--cc=dhowells@redhat.com \
--cc=ebiederm@xmission.com \
--cc=eparis@parisplace.org \
--cc=jlayton@redhat.com \
--cc=linux-api@vger.kernel.org \
--cc=linux-audit@redhat.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=rgb@redhat.com \
--cc=serge@hallyn.com \
--cc=simo@redhat.com \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).