Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1753964AbdCIXCu (ORCPT <rfc822;w@1wt.eu>);
        Thu, 9 Mar 2017 18:02:50 -0500
Received: from mail-ua0-f193.google.com ([209.85.217.193]:34616 "EHLO
        mail-ua0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1752797AbdCIXCt (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 9 Mar 2017 18:02:49 -0500
MIME-Version: 1.0
X-Originating-IP: [108.49.102.27]
In-Reply-To: <alpine.LSU.2.20.1703091545020.24778@pobox.suse.cz>
References: <a6c97cf45849b9d132b1ed0b7415b04968302325.1489068452.git.rgb@redhat.com>
 <alpine.LSU.2.20.1703091545020.24778@pobox.suse.cz>
From: Paul Moore <paul@paul-moore.com>
Date: Thu, 9 Mar 2017 18:02:47 -0500
Message-ID: <CAHC9VhSVwJR42TWxcz+iUNKMMGbVrgHVJEoh6+h3_LaQ502gJQ@mail.gmail.com>
Subject: Re: [PATCH] audit: log module name on delete_module
To: Richard Guy Briggs <rgb@redhat.com>, Miroslav Benes <mbenes@suse.cz>
Cc: Jessica Yu <jeyu@redhat.com>, linux-kernel@vger.kernel.org,
        linux-audit@redhat.com
Content-Type: text/plain; charset=UTF-8
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1492
Lines: 48

On Thu, Mar 9, 2017 at 9:49 AM, Miroslav Benes <mbenes@suse.cz> wrote:
> On Thu, 9 Mar 2017, Richard Guy Briggs wrote:
>
>> Record the module name of a delete_module call.
>>
>> See: https://github.com/linux-audit/audit-kernel/issues/37
>>
>> Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
>
> Could you improve the changelog, please? I don't think that a link to
> a github issue can and should replace it. Proper description and reason of
> the change should be in git log.

Agreed.  While I think it is nice that Richard included the GitHub
issue tracker link, the commit message needs to stand on it's own
describing the change.  The GitHub issue is an optional piece of
information which links to the development history and extended
information not normally suitable for a commit message.

>> ---
>>  kernel/module.c |    2 ++
>>  1 files changed, 2 insertions(+), 0 deletions(-)
>>
>> diff --git a/kernel/module.c b/kernel/module.c
>> index 5432dbe..633f6da 100644
>> --- a/kernel/module.c
>> +++ b/kernel/module.c
>> @@ -943,6 +943,8 @@ SYSCALL_DEFINE2(delete_module, const char __user *, name_user,
>>               return -EFAULT;
>>       name[MODULE_NAME_LEN-1] = '\0';
>>
>> +     audit_log_kern_module(name);
>> +
>>       if (mutex_lock_interruptible(&module_mutex) != 0)
>>               return -EINTR;
>>
>> --
>> 1.7.1
>>
>
> --
> Linux-audit mailing list
> Linux-audit@redhat.com
> https://www.redhat.com/mailman/listinfo/linux-audit

-- 
paul moore
www.paul-moore.com