Received: by 10.192.165.148 with SMTP id m20csp499771imm; Fri, 4 May 2018 13:58:03 -0700 (PDT) X-Google-Smtp-Source: AB8JxZqgTW9G5CdfLL5hpJfsBxyB+jrO8PGHm1r1g1hJWCOA99JUzajTfvBi9fNxlImIEhULzGwz X-Received: by 2002:a63:7e58:: with SMTP id o24-v6mr24040971pgn.325.1525467483138; Fri, 04 May 2018 13:58:03 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1525467483; cv=none; d=google.com; s=arc-20160816; b=KHsgRZrX1X7KSFvOHdxL3pUnx0Gd9PiVKIggO6+itH/jPyOMIH6oOdmrqnsun505Qn jonGj7MybMUkgcV8OLjRjqIi6eutlmjc6xEwHPT0gzY4d4TjYwWQva5aOioY9gqwmKYL 787IlXHR6BPcbePNNG1iL/KkkMlNvxvX+efwnuhctCUpt0SPVKzbJhLIgpFy4qKSmvFm Th6FiKJ6vMEJj42qRfBjiicOFzHd8DlkQCw+rcNJU7ywyrFxvrME1ZeXENx2P1XE81b5 nzMEYqSZP+fhk68pWjVqfPqFAxIjQToZjTBNj5i758qN3hqNIz48TqfBI+JBPDKl7Ty9 EJdw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from :arc-authentication-results; bh=DfkLs11XtNSSrEmDuLmxhrBiw1E6B/gjHnKaf8/uHDA=; b=wa63o/fw/v13W9oYgJX1FOIOmmNlimokgWoGpWfoIGdX2QLbGlh7esIdPhMpwPskYK eGuxC+i54+IFy4/SBxChWWqB0Wxl0c7lPRCOp7YQ4cVrQA1LmbqJCbRhVJx93UCKC3iU QncYOg2CLLNyHTK91+yVTaox1DEZDnpb34DYei1lhXyghxj1JHlqx5ZYsdcAu06hMuI7 M2163CaKvFCS9Od5C417X5uxijUW0wAaL04iusVqt99BGlefqf3KLSd+iMFFVimpadWk 0NBhaNAsnpPoqCqZKfYktaZ2+CTu//S1HnMFd+j5qog/yj4BQK9q1fJBfI8LQNhU7iWQ zdwQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x10-v6si7629500plv.1.2018.05.04.13.57.49; Fri, 04 May 2018 13:58:03 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751795AbeEDUzT (ORCPT + 99 others); Fri, 4 May 2018 16:55:19 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:36370 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751735AbeEDUzR (ORCPT ); Fri, 4 May 2018 16:55:17 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 90FA1A27C4; Fri, 4 May 2018 20:55:16 +0000 (UTC) Received: from madcap2.tricolour.ca (ovpn-112-12.rdu2.redhat.com [10.10.112.12]) by smtp.corp.redhat.com (Postfix) with ESMTP id 05C09215CDA7; Fri, 4 May 2018 20:55:13 +0000 (UTC) From: Richard Guy Briggs To: Linux-Audit Mailing List , LKML , Linux NetDev Upstream Mailing List , Netfilter Devel List , Linux Security Module list , Integrity Measurement Architecture , SElinux list Cc: Eric Paris , Paul Moore , Steve Grubb , Ingo Molnar , David Howells , Richard Guy Briggs Subject: [PATCH ghak81 RFC V1 0/5] audit: group task params Date: Fri, 4 May 2018 16:54:33 -0400 Message-Id: X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.2]); Fri, 04 May 2018 20:55:16 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.2]); Fri, 04 May 2018 20:55:16 +0000 (UTC) for IP:'10.11.54.6' DOMAIN:'int-mx06.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'rgb@redhat.com' RCPT:'' Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Group the audit parameters for each task into one structure. In particular, remove the loginuid and sessionid values and the audit context pointer from the task structure, replacing them with an audit task information structure to contain them. Use access functions to access audit values. Note: Use static allocation of the audit task information structure initially. Dynamic allocation was considered and attempted, but isn't ready yet. Static allocation has the limitation that future audit task information structure changes would cause a visible change to the rest of the kernel, whereas dynamic allocation would mostly hide any future changes. The first four access normalization patches could stand alone. Passes audit-testsuite. Richard Guy Briggs (5): audit: normalize loginuid read access audit: convert sessionid unset to a macro audit: use inline function to get audit context audit: use inline function to set audit context audit: collect audit task parameters MAINTAINERS | 2 +- include/linux/audit.h | 30 ++++++++++--- include/linux/audit_task.h | 31 ++++++++++++++ include/linux/sched.h | 6 +-- include/net/xfrm.h | 4 +- include/uapi/linux/audit.h | 1 + init/init_task.c | 8 +++- kernel/audit.c | 4 +- kernel/audit_watch.c | 2 +- kernel/auditsc.c | 82 ++++++++++++++++++------------------ kernel/fork.c | 2 +- net/bridge/netfilter/ebtables.c | 2 +- net/core/dev.c | 2 +- net/netfilter/x_tables.c | 2 +- net/netlabel/netlabel_user.c | 2 +- security/integrity/ima/ima_api.c | 2 +- security/integrity/integrity_audit.c | 2 +- security/lsm_audit.c | 2 +- security/selinux/hooks.c | 4 +- security/selinux/selinuxfs.c | 6 +-- security/selinux/ss/services.c | 12 +++--- 21 files changed, 129 insertions(+), 79 deletions(-) create mode 100644 include/linux/audit_task.h -- 1.8.3.1