Received: by 10.213.65.68 with SMTP id h4csp109115imn; Mon, 12 Mar 2018 08:13:55 -0700 (PDT) X-Google-Smtp-Source: AG47ELviU2bxy1ZfLzEgx5y2y6FwnXOqqAsLOvg9wMAx8I0pYvF1sdIlPK2OBx1RfDFn+zYXfHI3 X-Received: by 2002:a17:902:2862:: with SMTP id e89-v6mr8079287plb.348.1520867635823; Mon, 12 Mar 2018 08:13:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1520867635; cv=none; d=google.com; s=arc-20160816; b=xclOxe9ENIobKDLz7K6Ypty6ARCRwLpaw05YQnZcKr56+0fWzwXgChKKz9RcIfCgv7 qDsLopg43cgH+PzgrKHf/DX3XCsEdhUn9LvL7WptRGru30138g6uNvsQHRNnfI25sCSU C5liMbWztZHK2qYvnoVspPm562ze777hkNWuIdsCNBptN9ZXbueaS7TkAyl76pR1eZol 4nRVyGZLCat4JNPuJDW5hIcuQSghKCEXZxt7lIHhFBXdN/lyuP2UMB7Gz0KQbUVd3YoV C9yNXM0JRe6Rs6jipAJwaQs9tbFSWkO1dAg02hiIYQAFDGb0aYiKUoXi0VFORrewxRpV /yrQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=gTkSSO5eiDUnzWITv6E8Y7qHEqrU5y28ohu4EH4U5Ho=; b=eLnLtYL/6woq1/+ooYYzfov/NsQ2A8tyyMEqfqFbxMf/8vfRnJ9TubOUtGbu6VAehi MqHrOYAD6Isk53IeXO2lZykw6SlFy3oYFALRakV3DccPTwJ29FpRV+/apM5/lJn9Xvot nhFDAHtIhXsIyErUC5f8Bnz3DgHzo62We2vyi374tJ2rHhc3bMGAQsapjxEr4AAxmCiQ rkb3jNcUHO/ui0/jqPrtWEv+DFVyatsK1iZ4t+xDd9Tel3X+YbAbag7+tLefUexycuOO AUNnv+EDnMa412OsN2dpoCjpTtu9Zw83tj72t3C/LP1YLeGoZaUYkJJMXCUnRA1cwIi7 VErQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=FY6G73TW; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id o129si5820317pfo.209.2018.03.12.08.13.41; Mon, 12 Mar 2018 08:13:55 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=FY6G73TW; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932231AbeCLPMm (ORCPT + 99 others); Mon, 12 Mar 2018 11:12:42 -0400 Received: from mail-lf0-f68.google.com ([209.85.215.68]:36387 "EHLO mail-lf0-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751248AbeCLPMl (ORCPT ); Mon, 12 Mar 2018 11:12:41 -0400 Received: by mail-lf0-f68.google.com with SMTP id e28-v6so14875222lfc.3 for ; Mon, 12 Mar 2018 08:12:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=gTkSSO5eiDUnzWITv6E8Y7qHEqrU5y28ohu4EH4U5Ho=; b=FY6G73TWvbWSMCN1tYvZ90SMWzt7w1tGSCkddo73K1e64SrFgZMz9XLkQIInoHsgPc Kh44ql1PnJ8XnxL0m0eyQOib7AoJWMHWr5U1hvmCWugRvvBI1ZnqMCArqM6hlAp1X9eg sDl//l0lBDSFRjxq2/TV1luJyktYV2i5Su0rx2gYpfWSbaJWbMKa4brkXCqpwcTfu74y Y1yqCs2Icr4Lhtdum2qGwd74j2TJt0sVeqICufQ0l9I6eH0w3x5sY3EHvrI+v0ORLcb+ hcSPhHnRIFNnQ418doJMSrd+S1ZD/Gw/Hg0cyzj7HFCN7hNJyzW8hWHkacNEvxlZo+h7 4PTA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=gTkSSO5eiDUnzWITv6E8Y7qHEqrU5y28ohu4EH4U5Ho=; b=a8/wOAQdWrgFlgVSicj4jCHqeEaCD3ZgWiVf6ktcSJo1JGwHoScYRdVqoMgRi4j/7X XU9kAT/WF6PdmlI8RiX+sHN9yjEVxyZIZU0MIYZD4M/Zxx3p2DGzl0poI+UpNIgNpn8C qkgOWw2YdTEJA+McGzxNI6uT3/endTrdvCEGNQkZKWQBrVV1IHdxXzqYUi185Nm04cMv /e/bxGlo/HfHCKrUicLEBvMQXOmuXo6sulTP2UT/PWoSwQCUOiqb5he/LeSFLhnrK1E7 L6yFwGRSCUnmwYDcTxquGBDKeL3sqAwySwso0L7ObAKaofoCk4gRop7a1UkekZWiktxB qqEA== X-Gm-Message-State: AElRT7FuPmxvZTW4RM8YAkPlJdWfbb1SngIbhgLaUENLDExtOVwEA0IW 6yr3mig8KYMreCBzdff+6xWIL5xN5DWWNY3DqOg6 X-Received: by 2002:a19:1508:: with SMTP id l8-v6mr5656313lfi.139.1520867560218; Mon, 12 Mar 2018 08:12:40 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a19:d8a7:0:0:0:0:0 with HTTP; Mon, 12 Mar 2018 08:12:39 -0700 (PDT) X-Originating-IP: [108.20.156.165] In-Reply-To: References: From: Paul Moore Date: Mon, 12 Mar 2018 11:12:39 -0400 Message-ID: Subject: Re: [PATCH ghak21 V2 3/4] audit: add refused symlink to audit_names To: Richard Guy Briggs Cc: Linux-Audit Mailing List , LKML , Eric Paris , Steve Grubb , Kees Cook Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Mar 12, 2018 at 2:31 AM, Richard Guy Briggs wrote: > Audit link denied events for symlinks had duplicate PATH records rather > than just updating the existing PATH record. Update the symlink's PATH > record with the current dentry and inode information. > > See: https://github.com/linux-audit/audit-kernel/issues/21 > Signed-off-by: Richard Guy Briggs > --- > fs/namei.c | 1 + > 1 file changed, 1 insertion(+) Why didn't you include this in patch 4/4 like I asked during the previous review? > diff --git a/fs/namei.c b/fs/namei.c > index 50d2533..00f5041 100644 > --- a/fs/namei.c > +++ b/fs/namei.c > @@ -945,6 +945,7 @@ static inline int may_follow_link(struct nameidata *nd) > if (nd->flags & LOOKUP_RCU) > return -ECHILD; > > + audit_inode(nd->name, nd->stack[0].link.dentry, 0); > audit_log_link_denied("follow_link", &nd->stack[0].link); > return -EACCES; > } > -- > 1.8.3.1 -- paul moore www.paul-moore.com