Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp3777046imm;
        Tue, 29 May 2018 13:30:49 -0700 (PDT)
X-Google-Smtp-Source: AB8JxZqezCDz+JveehEscdUnAI542Gr52MRqaJJRrnqj4RASIEcR5WoM4/9hoKQ3QNYfwtd/NCsz
X-Received: by 2002:a63:9402:: with SMTP id m2-v6mr14892681pge.8.1527625849926;
        Tue, 29 May 2018 13:30:49 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1527625849; cv=none;
        d=google.com; s=arc-20160816;
        b=Kk+buEgL9JTp5UamVSdlRuZTe6+eybcV8/HV87TaiquJqNgq8zxS5szE4/pwQ0RKfu
         7QJLKwx5O7Srd58ecc8m8/RL4fPsmA8fbMDCo3sBmB40XyYeg+Nf0osJg5SgT4tsG6/4
         D9gMcGAhI7nyEPPgtDyJHqgcr+G518uei882gAlfK2PThQTx4RfsJYyC1V9UAhwdZ3jh
         +P45mCDYeiAakjAtwceL8z4YlbANu0kwPgrYd1THKD8PhUtTJP7lPz9od8FRJKAnupLh
         CGiQHbOSbrLIa6Vzh78S8OVaCsFjPNOJVre2YdosIj56UaSAPGjimDhGFbpghu4zY1VQ
         AodA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :references:in-reply-to:mime-version:dkim-signature
         :arc-authentication-results;
        bh=Isih2XYz18XYwBXt8Tte507beQIp8aYzhkJfFJH9Xto=;
        b=xx5J/Osqic3kU5mHiaYXEloX7CWhaQY+J08Yrxql6CQoTjCp9ll9W4quEnWcV1u5mz
         rdykEh6iiNpUmzJ1PkwpiTljtSzzGyBSDqkkKo0TCApow5LESPOP+rPf+c53E3JNUNGn
         B+7+0n5c7kKhQ9RFvmTZ3o6MacBjdn5Nnm3I1I6CRLRje9tHy5MAU2+s1zdEHw8ubG/n
         S4kDYAXN+45OLE/kZXw5axpBiYx8pB7M4lCW+cxq7Dex45UNKuNdKXkKDq5SotNabAS8
         /AtHvp240Nv1oVxxsMcdMCtOc8fEeMk0aUPq7nu9GiXp2fC4/I532McNKeT0jz+dqD4H
         HeoQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=iaMuF56q;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 1-v6si32613254plo.20.2018.05.29.13.30.35;
        Tue, 29 May 2018 13:30:49 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=iaMuF56q;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S966686AbeE2UaC (ORCPT <rfc822;lxz1983@gmail.com> + 99 others);
        Tue, 29 May 2018 16:30:02 -0400
Received: from mail-lf0-f54.google.com ([209.85.215.54]:33730 "EHLO
        mail-lf0-f54.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S966480AbeE2U37 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 29 May 2018 16:29:59 -0400
Received: by mail-lf0-f54.google.com with SMTP id y20-v6so771071lfy.0
        for <linux-kernel@vger.kernel.org>; Tue, 29 May 2018 13:29:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=paul-moore-com.20150623.gappssmtp.com; s=20150623;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :cc;
        bh=Isih2XYz18XYwBXt8Tte507beQIp8aYzhkJfFJH9Xto=;
        b=iaMuF56qu+9YK9+UIyweQoUeqymgG7xwplA92vS15Py7wd9EWyIc0Q32eTrEn+T1hQ
         Nw3zJs33fRX4dPDhuwjfYpYsWk3iTujUmZ1LEpVdzMUT/XUWkGuHFzMmbVnvlnlBmsfw
         XTnornLKMECrtSccy2+xSZXLRBvYhX91nd87dvLZIi7ZjiVwT9mlo1c7lPlB6yeB7pbz
         9runOqIbfG8lJMEmDuE0L7zRgwHujZ6cjUAxqbb8feW3sd1VvpyXR2XeXf+FNEjaoPuH
         k0NapFjMctI3TGPfoDER2AtaYrizIkgBT4kVYxJEIjiirEW8dVilcCcViia8IUhHeyUc
         hJhQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to:cc;
        bh=Isih2XYz18XYwBXt8Tte507beQIp8aYzhkJfFJH9Xto=;
        b=CDgFjVnjNlM0hVp0IMbM04pR4EHSeILco4TLzS9+LFtT13Yh5mTBBKVemqEmS5FFj8
         GV0s9icablDF7e8OIDiQ/VEJmfxhHV5ui9PBrCyDZWas3DM1k/vSenyq1z/PGl3P0SB4
         tuD75PIUD4P7pxwzLgliiN85n3IVhdySnbI6MBw1okucon6/0NUUC9ATIaYLlFO9QEub
         sE1Lj2XL7wnvLDmYMgkLy3kyvUWgMApZVI1LKEhwTiaqquIwc59VXX+bzD8zn73cKBRm
         ryxcZGjjxS3DUwq1snjcOn6myueXT5dumMWeQWEPySd7cGS+0Gr+OhkRCQx/bAbY7UiW
         5+Pw==
X-Gm-Message-State: ALKqPwf9duPxOvvF007BMOrwi1YaJm3rhrdy8LjKOEDVBS3TmbEjPIrA
        jyoTyPAUQjgF9KONgfIhWGQiDmurArYADE8J7tO+
X-Received: by 2002:a2e:8246:: with SMTP id j6-v6mr1399763ljh.72.1527625797252;
 Tue, 29 May 2018 13:29:57 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a19:a911:0:0:0:0:0 with HTTP; Tue, 29 May 2018 13:29:56
 -0700 (PDT)
X-Originating-IP: [108.20.156.165]
In-Reply-To: <20180524201105.3179904-2-stefanb@linux.vnet.ibm.com>
References: <20180524201105.3179904-1-stefanb@linux.vnet.ibm.com> <20180524201105.3179904-2-stefanb@linux.vnet.ibm.com>
From:   Paul Moore <paul@paul-moore.com>
Date:   Tue, 29 May 2018 16:29:56 -0400
Message-ID: <CAHC9VhTpfjKd2bTx9Q9TVo9hqPFRB-VNHYhzZb+DjXJUE1txcg@mail.gmail.com>
Subject: Re: [PATCH 1/8] ima: Call audit_log_string() rather than logging it untrusted
To:     Stefan Berger <stefanb@linux.vnet.ibm.com>
Cc:     zohar@linux.vnet.ibm.com, sgrubb@redhat.com,
        linux-integrity@vger.kernel.org, linux-audit@redhat.com,
        linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, May 24, 2018 at 4:10 PM, Stefan Berger
<stefanb@linux.vnet.ibm.com> wrote:
> The parameters passed to this logging function are all provided by
> a privileged user and therefore we can call audit_log_string()
> rather than audit_log_untrustedstring().
>
> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
> Suggested-by: Steve Grubb <sgrubb@redhat.com>
> ---
>  security/integrity/ima/ima_policy.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)

Acked-by: Paul Moore <paul@paul-moore.com>

> diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
> index d89bebf85421..a823f11a3e6b 100644
> --- a/security/integrity/ima/ima_policy.c
> +++ b/security/integrity/ima/ima_policy.c
> @@ -615,7 +615,7 @@ static void ima_log_string_op(struct audit_buffer *ab, char *key, char *value,
>                 audit_log_format(ab, "%s<", key);
>         else
>                 audit_log_format(ab, "%s=", key);
> -       audit_log_untrustedstring(ab, value);
> +       audit_log_string(ab, value);
>         audit_log_format(ab, " ");
>  }
>  static void ima_log_string(struct audit_buffer *ab, char *key, char *value)
> --
> 2.13.6
>
> --
> Linux-audit mailing list
> Linux-audit@redhat.com
> https://www.redhat.com/mailman/listinfo/linux-audit

-- 
paul moore
www.paul-moore.com