Received: by 10.192.165.156 with SMTP id m28csp695067imm; Thu, 19 Apr 2018 06:08:17 -0700 (PDT) X-Google-Smtp-Source: AIpwx4+0qfsY3ea7CKPpL+YsWjETwZuPUAWvgsX+hgO5R4lOh3pohkhZsF7AWs6V5oCphWlJo/r0 X-Received: by 2002:a17:902:3001:: with SMTP id u1-v6mr6098811plb.164.1524143297390; Thu, 19 Apr 2018 06:08:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1524143297; cv=none; d=google.com; s=arc-20160816; b=uhRLFOnQTedykWk3xMFl2HBlklKMyr2Qt90j495CMD+jHcPp4ARPjMA67ZyhHUr416 3MYWh5Qd4urb5CcGoz/eVpwZobEIyoztlfC3NQyLJxqaH32aM+9CCNDvC31cBon8pr3u XoKPzI5t57mnaUJVfuF/jU2oHxSeWbV+lKcEqrvZNd+s1BgCi9ZdxOsvt1P8ObD8nOab YUvTDamnnztSa1Rdx5F3An1SbGVml/a0sNWzVEGK+5KyQKuYTkOi5kSDnCvsIyQI9FBm 4E0NbjHI+y42V+k+HgkX2NmSbZXwizYzaTyTsmmywndNAEiKrHNTDiyHx1uddgzzleBi cbOQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=00OntI2t+V3HbEgxQBGWxHL1hDOrdaz7HPoc44jq2FY=; b=DWtYp7bje5NiF0HdGHhzEZ1LMZI425F6kRtY0Rxaoiqp2Uu/WNov6zWdxGsHDWIT8j 1azlmMpbZX7rZ+iMe+R1ZdjOiuJpHtjT8H7Rmu956pv/X3Bkxye16H44MoR7NInft80C Zv3384axQYjMmHBaqjnHKoepNodCgqO51jYUAobTGnK/rmkewI2kHO8qIqbjq80iTuKY ynAvB5L7NJ2xK7q0Kv9hLJbSsBGzJ8Gcj4bD7IJKFO6o5vlw+3EeTksQXneV+5Rh/kMn fJZ6lS7TdwzaeGey5zCKXs20zU6aPjLJrva1K2lT5Sxo6h8m72Wvpa98OE1B1yma/mOm 3lWA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=KhiS4Naw; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g10-v6si3523081plb.272.2018.04.19.06.08.03; Thu, 19 Apr 2018 06:08:17 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=KhiS4Naw; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752775AbeDSNGt (ORCPT + 99 others); Thu, 19 Apr 2018 09:06:49 -0400 Received: from mail-lf0-f67.google.com ([209.85.215.67]:44477 "EHLO mail-lf0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751228AbeDSNGq (ORCPT ); Thu, 19 Apr 2018 09:06:46 -0400 Received: by mail-lf0-f67.google.com with SMTP id g203-v6so31032lfg.11 for ; Thu, 19 Apr 2018 06:06:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=00OntI2t+V3HbEgxQBGWxHL1hDOrdaz7HPoc44jq2FY=; b=KhiS4Naw+HqgXmT34aJ0NCaeAUv3+Q9H5jcDpUxgCnbbUnLkYVOok4LRTk1BkKYrk+ /j4bbj95CNJnkMvdfiyMlWOnprVMwyJRWycCTA6QjPEfl7C1p6K8MxSF55gdX/u8FZM7 FzMjwVcHoXxmiqOuREuCCB2uUCzj6pF0rkA+0esJiJyHziGgG9J6pZQrPUJrXXDienEG Wz9mRKa0S3QoNJUeLReA49xg2eyBvMAKtX3RbxWSRshOKi/ZcafHsF+23KgAG+qB/wD4 InC3WTlaKMNAPHicoblmZEyPsVqDcpvVo7ribcrKjVgR+N8peixOrSbFFdiUl/L95g5D djMA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=00OntI2t+V3HbEgxQBGWxHL1hDOrdaz7HPoc44jq2FY=; b=RFoHO+B2X4iXu7NC5nGkioCkMXR9z12TeaKalSDsmijhNiobl1GBiSLz++9P0pmROh wWyGNHVcMHDX5T03r8Z7Ussyk+YX2jJhaQ2rXZmAz1WZw4MlrHJbEVJmNTVQ3lkCcmWb Nc/zzfiv9G+C0DEJmT+9OlDoVBwlVxdpOI0JWGTnsmiJZ75RcV5i922Zyz9rkR13HuUN N7sGMbqsyCAtRQB5GE6xZpvYh48sdt1abadC7VX8uKZxWv7w4PW/ckq6hVQqikAlnXUm VKANxSqpzn4di7XIHB7mkj0fNhlRtkappuLCi3P/9U14puGOeUbttQ2eKPnVcQ1jcGMz IA+A== X-Gm-Message-State: ALQs6tDJA9VT4bhcT6cCFVBJZjv5SfIqvk1+UrW3+i11MZ7RxcwY4sdA DuHpwO9hMHPIDyk6KL47DYPVjlJAYXjUJEvRSRdt X-Received: by 2002:a19:d015:: with SMTP id h21-v6mr5825lfg.124.1524143204638; Thu, 19 Apr 2018 06:06:44 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a19:a5c3:0:0:0:0:0 with HTTP; Thu, 19 Apr 2018 05:59:29 -0700 (PDT) X-Originating-IP: [108.20.156.165] In-Reply-To: <20180419123109.ab7gsnwrbtog4tbf@madcap2.tricolour.ca> References: <20180419123109.ab7gsnwrbtog4tbf@madcap2.tricolour.ca> From: Paul Moore Date: Thu, 19 Apr 2018 08:59:29 -0400 Message-ID: Subject: Re: [RFC PATCH ghak32 V2 09/13] audit: add containerid support for config/feature/user records To: Richard Guy Briggs Cc: cgroups@vger.kernel.org, containers@lists.linux-foundation.org, linux-api@vger.kernel.org, Linux-Audit Mailing List , linux-fsdevel@vger.kernel.org, LKML , netdev@vger.kernel.org, ebiederm@xmission.com, luto@kernel.org, jlayton@redhat.com, carlos@redhat.com, dhowells@redhat.com, viro@zeniv.linux.org.uk, simo@redhat.com, Eric Paris , serge@hallyn.com Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Apr 19, 2018 at 8:31 AM, Richard Guy Briggs wrote: > On 2018-04-18 21:27, Paul Moore wrote: >> On Fri, Mar 16, 2018 at 5:00 AM, Richard Guy Briggs wrote: >> > Add container ID auxiliary records to configuration change, feature set change >> > and user generated standalone records. >> > >> > Signed-off-by: Richard Guy Briggs >> > --- >> > kernel/audit.c | 50 ++++++++++++++++++++++++++++++++++++++++---------- >> > kernel/auditfilter.c | 5 ++++- >> > 2 files changed, 44 insertions(+), 11 deletions(-) >> > >> > diff --git a/kernel/audit.c b/kernel/audit.c >> > index b238be5..08662b4 100644 >> > --- a/kernel/audit.c >> > +++ b/kernel/audit.c >> > @@ -400,8 +400,9 @@ static int audit_log_config_change(char *function_name, u32 new, u32 old, >> > { >> > struct audit_buffer *ab; >> > int rc = 0; >> > + struct audit_context *context = audit_alloc_local(); >> >> We should be able to use current->audit_context here right? If we >> can't for every caller, perhaps we pass an audit_context as an >> argument and only allocate a local context when the passed >> audit_context is NULL. >> >> Also, if you're not comfortable always using current, just pass the >> audit_context as you do with audit_log_common_recv_msg(). > > As mentioned in the tree/watch/mark patch, this is all obsoleted by > making the AUDIT_CONFIG_CHANGE record a SYSCALL auxiliary record. You've known about my desire to connect records for quite some time. > This review would have been more helpful a month and a half ago. If you really want to sink to that level of discussion, better quality patches from you would have been helpful too, that is the one of the main reasons why it takes so long to review your code. Let's keep the commentary focused on the code, discussions like this aren't likely to be helpful to anyone. -- paul moore www.paul-moore.com