Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp3777046imm; Tue, 29 May 2018 13:30:49 -0700 (PDT) X-Google-Smtp-Source: AB8JxZqezCDz+JveehEscdUnAI542Gr52MRqaJJRrnqj4RASIEcR5WoM4/9hoKQ3QNYfwtd/NCsz X-Received: by 2002:a63:9402:: with SMTP id m2-v6mr14892681pge.8.1527625849926; Tue, 29 May 2018 13:30:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1527625849; cv=none; d=google.com; s=arc-20160816; b=Kk+buEgL9JTp5UamVSdlRuZTe6+eybcV8/HV87TaiquJqNgq8zxS5szE4/pwQ0RKfu 7QJLKwx5O7Srd58ecc8m8/RL4fPsmA8fbMDCo3sBmB40XyYeg+Nf0osJg5SgT4tsG6/4 D9gMcGAhI7nyEPPgtDyJHqgcr+G518uei882gAlfK2PThQTx4RfsJYyC1V9UAhwdZ3jh +P45mCDYeiAakjAtwceL8z4YlbANu0kwPgrYd1THKD8PhUtTJP7lPz9od8FRJKAnupLh CGiQHbOSbrLIa6Vzh78S8OVaCsFjPNOJVre2YdosIj56UaSAPGjimDhGFbpghu4zY1VQ AodA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=Isih2XYz18XYwBXt8Tte507beQIp8aYzhkJfFJH9Xto=; b=xx5J/Osqic3kU5mHiaYXEloX7CWhaQY+J08Yrxql6CQoTjCp9ll9W4quEnWcV1u5mz rdykEh6iiNpUmzJ1PkwpiTljtSzzGyBSDqkkKo0TCApow5LESPOP+rPf+c53E3JNUNGn B+7+0n5c7kKhQ9RFvmTZ3o6MacBjdn5Nnm3I1I6CRLRje9tHy5MAU2+s1zdEHw8ubG/n S4kDYAXN+45OLE/kZXw5axpBiYx8pB7M4lCW+cxq7Dex45UNKuNdKXkKDq5SotNabAS8 /AtHvp240Nv1oVxxsMcdMCtOc8fEeMk0aUPq7nu9GiXp2fC4/I532McNKeT0jz+dqD4H HeoQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=iaMuF56q; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 1-v6si32613254plo.20.2018.05.29.13.30.35; Tue, 29 May 2018 13:30:49 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=iaMuF56q; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S966686AbeE2UaC (ORCPT + 99 others); Tue, 29 May 2018 16:30:02 -0400 Received: from mail-lf0-f54.google.com ([209.85.215.54]:33730 "EHLO mail-lf0-f54.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S966480AbeE2U37 (ORCPT ); Tue, 29 May 2018 16:29:59 -0400 Received: by mail-lf0-f54.google.com with SMTP id y20-v6so771071lfy.0 for ; Tue, 29 May 2018 13:29:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=Isih2XYz18XYwBXt8Tte507beQIp8aYzhkJfFJH9Xto=; b=iaMuF56qu+9YK9+UIyweQoUeqymgG7xwplA92vS15Py7wd9EWyIc0Q32eTrEn+T1hQ Nw3zJs33fRX4dPDhuwjfYpYsWk3iTujUmZ1LEpVdzMUT/XUWkGuHFzMmbVnvlnlBmsfw XTnornLKMECrtSccy2+xSZXLRBvYhX91nd87dvLZIi7ZjiVwT9mlo1c7lPlB6yeB7pbz 9runOqIbfG8lJMEmDuE0L7zRgwHujZ6cjUAxqbb8feW3sd1VvpyXR2XeXf+FNEjaoPuH k0NapFjMctI3TGPfoDER2AtaYrizIkgBT4kVYxJEIjiirEW8dVilcCcViia8IUhHeyUc hJhQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=Isih2XYz18XYwBXt8Tte507beQIp8aYzhkJfFJH9Xto=; b=CDgFjVnjNlM0hVp0IMbM04pR4EHSeILco4TLzS9+LFtT13Yh5mTBBKVemqEmS5FFj8 GV0s9icablDF7e8OIDiQ/VEJmfxhHV5ui9PBrCyDZWas3DM1k/vSenyq1z/PGl3P0SB4 tuD75PIUD4P7pxwzLgliiN85n3IVhdySnbI6MBw1okucon6/0NUUC9ATIaYLlFO9QEub sE1Lj2XL7wnvLDmYMgkLy3kyvUWgMApZVI1LKEhwTiaqquIwc59VXX+bzD8zn73cKBRm ryxcZGjjxS3DUwq1snjcOn6myueXT5dumMWeQWEPySd7cGS+0Gr+OhkRCQx/bAbY7UiW 5+Pw== X-Gm-Message-State: ALKqPwf9duPxOvvF007BMOrwi1YaJm3rhrdy8LjKOEDVBS3TmbEjPIrA jyoTyPAUQjgF9KONgfIhWGQiDmurArYADE8J7tO+ X-Received: by 2002:a2e:8246:: with SMTP id j6-v6mr1399763ljh.72.1527625797252; Tue, 29 May 2018 13:29:57 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a19:a911:0:0:0:0:0 with HTTP; Tue, 29 May 2018 13:29:56 -0700 (PDT) X-Originating-IP: [108.20.156.165] In-Reply-To: <20180524201105.3179904-2-stefanb@linux.vnet.ibm.com> References: <20180524201105.3179904-1-stefanb@linux.vnet.ibm.com> <20180524201105.3179904-2-stefanb@linux.vnet.ibm.com> From: Paul Moore Date: Tue, 29 May 2018 16:29:56 -0400 Message-ID: Subject: Re: [PATCH 1/8] ima: Call audit_log_string() rather than logging it untrusted To: Stefan Berger Cc: zohar@linux.vnet.ibm.com, sgrubb@redhat.com, linux-integrity@vger.kernel.org, linux-audit@redhat.com, linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, May 24, 2018 at 4:10 PM, Stefan Berger wrote: > The parameters passed to this logging function are all provided by > a privileged user and therefore we can call audit_log_string() > rather than audit_log_untrustedstring(). > > Signed-off-by: Stefan Berger > Suggested-by: Steve Grubb > --- > security/integrity/ima/ima_policy.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) Acked-by: Paul Moore > diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c > index d89bebf85421..a823f11a3e6b 100644 > --- a/security/integrity/ima/ima_policy.c > +++ b/security/integrity/ima/ima_policy.c > @@ -615,7 +615,7 @@ static void ima_log_string_op(struct audit_buffer *ab, char *key, char *value, > audit_log_format(ab, "%s<", key); > else > audit_log_format(ab, "%s=", key); > - audit_log_untrustedstring(ab, value); > + audit_log_string(ab, value); > audit_log_format(ab, " "); > } > static void ima_log_string(struct audit_buffer *ab, char *key, char *value) > -- > 2.13.6 > > -- > Linux-audit mailing list > Linux-audit@redhat.com > https://www.redhat.com/mailman/listinfo/linux-audit -- paul moore www.paul-moore.com