Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp3805603imm;
        Tue, 29 May 2018 14:08:40 -0700 (PDT)
X-Google-Smtp-Source: ADUXVKLDZIqG2yIxvkpgSEe+u0wBDpHI/WLGXiTStxiHxNGcJDQrDgY45hxkREV9xYf2vRGldv6W
X-Received: by 2002:a17:902:bc44:: with SMTP id t4-v6mr33922plz.139.1527628120730;
        Tue, 29 May 2018 14:08:40 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1527628120; cv=none;
        d=google.com; s=arc-20160816;
        b=HAzQDJO4qAyqq2P81VNDnvS2Ms217LPHkticVqRnHfx0UxgTaVfSG+hRgUbBqz5ckX
         ODixhjUcSX4swN6o5CTZF5FrSphz3jd7qFFLW3MYJ5+8r/uTPGHEvKzzZNziru3NtjWb
         reqB7Xbn8zk6hSVNiqvEsuXBrZblo599dPfgK6E+aMpZ2/hCUHfmSYGQd84iHJEg37if
         2qnofOz9xsxH7Gn4ojJ4ejEanqBrZae0H+oWSOj3/p+5D8d3i+OdxLXMcmyWPgKqKouL
         O1ZIKKO7wzW/7fF4Xvn1D1upP7/44kh0c3nqz9NGiSqYwZd7wPlQHipG68a6DIyn7r7C
         Gfew==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :references:in-reply-to:mime-version:dkim-signature
         :arc-authentication-results;
        bh=MTfn6NPebmBo0WsA7WzvOOOtJpn1yni/DjaqAZJxq68=;
        b=AQr9NdaZzPxs31bfcsE38VFWllJ57ttCdlqE5he0JRwMmgueXNxzjGq/jFEm0N0bmH
         42DQo+E0dmF2JL/FW26cyJazan6x+Uk3V+L2AS8IabdHC5gLsgxs9igJu8oQa5Qm9ZJQ
         JlTxBaMi5hF4zm2cEv1IBgwuKdbFEfUucsUWaZ1wY22FwXMF5vVlIvk/gJ5r5wNiVyUy
         ObeFf8EGkweemXEDyX1Kk6RW8k/PFIcR8CoG6Dty77b0wzaobqEzwaOkAiScSZMgLPmy
         MX8z16tHb+S+vulE670tee38o4kk37OpFUONQwaszR8uBKAYsLiwMij8b3cSdKZ6NE5J
         L8dA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=1gOiDfFJ;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id d77-v6si3692728pfb.262.2018.05.29.14.08.26;
        Tue, 29 May 2018 14:08:40 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=1gOiDfFJ;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S937242AbeE2VH1 (ORCPT <rfc822;lxz1983@gmail.com> + 99 others);
        Tue, 29 May 2018 17:07:27 -0400
Received: from mail-lf0-f65.google.com ([209.85.215.65]:43892 "EHLO
        mail-lf0-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S937149AbeE2VHW (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 29 May 2018 17:07:22 -0400
Received: by mail-lf0-f65.google.com with SMTP id n18-v6so913830lfh.10
        for <linux-kernel@vger.kernel.org>; Tue, 29 May 2018 14:07:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=paul-moore-com.20150623.gappssmtp.com; s=20150623;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :cc;
        bh=MTfn6NPebmBo0WsA7WzvOOOtJpn1yni/DjaqAZJxq68=;
        b=1gOiDfFJs14q9q54TzfgvGxEBWYtaW6grCx7JGr3WPxQD0DjnT+BYZFkTnA9mT1q6R
         ybh7nxDkR8jPkmXO6xd8wxkQ/5RtU/nL8TbSyrywOm+7NJAB/oLj6HXoXTrLshZ2kqvN
         lftOwPBXxk1Sfr79jGUGCkiepv+ZK+a3llxwvuwPlkdLFZAThZi2o+hqnYhMaibP3X9G
         CbcvYAnGg1e5TzmP/fjjxlDAYkIkr8uLpRj/n2H7WbZFHpXlV/2FOyWZn0nuySmcQabU
         MGB4cRWTV5Iolt3jKlnfFx1fl6I3MzkpBL2g7bpvPV4ob9gDfBTnTqMkBoc20PMjEADg
         GJig==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to:cc;
        bh=MTfn6NPebmBo0WsA7WzvOOOtJpn1yni/DjaqAZJxq68=;
        b=Jbd1HLNQ3KmtoiT0VBaRYQw1OnQPrBH4yy9y9qF1myREuoLK/VetrzczTsDAfMFiW1
         OXCJm3fQ9DVK6iZadefx3uYNAvlJC/ZKZlZRpkowhUbpQHVg7d8C8icR4eGn4hwNimQz
         ZZ0dt8oBFgGYMW8AhkvMuG32y9ZSR6CRCW5wATTZMudrGS+PHjj9nGGI8QxmFuMXNvzm
         5o5NlB2TvuZyN1mDvjR9ydQc2KHKJtjuKGsObwqX6WHm5G4bwQGaQkIw57pOEOgWnNiv
         8N1kSaXUaV0y68WoZ6ioOsFIyO+nLSri0thU2h+W4+gOrQz2X6N74a987xrYx3G9K/51
         o+iA==
X-Gm-Message-State: ALKqPweelu5lf/IolyXiXG34L71U0+Q+S2noSN5PSHycvYZgx6KxYuNH
        NdQOVCWdWoaGNeA05rOiME7jlVtAui/x8bEIlhCC
X-Received: by 2002:a19:d245:: with SMTP id j66-v6mr3888lfg.139.1527628040806;
 Tue, 29 May 2018 14:07:20 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a19:a911:0:0:0:0:0 with HTTP; Tue, 29 May 2018 14:07:19
 -0700 (PDT)
X-Originating-IP: [108.20.156.165]
In-Reply-To: <20180524201105.3179904-4-stefanb@linux.vnet.ibm.com>
References: <20180524201105.3179904-1-stefanb@linux.vnet.ibm.com> <20180524201105.3179904-4-stefanb@linux.vnet.ibm.com>
From:   Paul Moore <paul@paul-moore.com>
Date:   Tue, 29 May 2018 17:07:19 -0400
Message-ID: <CAHC9VhRjYhSgd_YCmgaOU_MEKuNKbHvPCVotmxyZRzSc2E6-Wg@mail.gmail.com>
Subject: Re: [PATCH 3/8] audit: Implement audit_log_tty()
To:     Stefan Berger <stefanb@linux.vnet.ibm.com>
Cc:     zohar@linux.vnet.ibm.com, sgrubb@redhat.com,
        linux-integrity@vger.kernel.org, linux-audit@redhat.com,
        linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, May 24, 2018 at 4:11 PM, Stefan Berger
<stefanb@linux.vnet.ibm.com> wrote:
> Implement audit_log_tty() so that IMA can add tty= to its audit records.
>
> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
> ---
>  include/linux/audit.h | 5 +++++
>  kernel/audit.c        | 8 ++++++++
>  2 files changed, 13 insertions(+)
>
> diff --git a/include/linux/audit.h b/include/linux/audit.h
> index 90aa63ddc9be..2deb76c74d10 100644
> --- a/include/linux/audit.h
> +++ b/include/linux/audit.h
> @@ -154,6 +154,7 @@ extern void audit_log_task_info(struct audit_buffer *ab,
>                                 struct task_struct *tsk);
>
>  extern int                 audit_update_lsm_rules(void);
> +extern void audit_log_tty(struct audit_buffer *ab, struct task_struct *tsk);
>
>                                 /* Private API (for audit.c only) */
>  extern int audit_rule_change(int type, int seq, void *data, size_t datasz);
> @@ -202,6 +203,10 @@ static inline int audit_log_task_context(struct audit_buffer *ab)
>  static inline void audit_log_task_info(struct audit_buffer *ab,
>                                        struct task_struct *tsk)
>  { }
> +
> +static inline void audit_log_tty(struct audit_buffer *ab,
> +                                struct task_struct *tsk)
> +{ }
>  #define audit_enabled 0
>  #endif /* CONFIG_AUDIT */
>
> diff --git a/kernel/audit.c b/kernel/audit.c
> index 670665c6e2a6..fa54695962b4 100644
> --- a/kernel/audit.c
> +++ b/kernel/audit.c
> @@ -2305,6 +2305,14 @@ void audit_log_task_info(struct audit_buffer *ab, struct task_struct *tsk)
>  }
>  EXPORT_SYMBOL(audit_log_task_info);
>
> +void audit_log_tty(struct audit_buffer *ab, struct task_struct *tsk)
> +{
> +       struct tty_struct *tty = audit_get_tty(tsk);
> +
> +       audit_log_format(ab, " tty=%s", tty ? tty_name(tty) : "(none)");
> +       audit_put_tty(tty);
> +}

Perhaps I missed it, but your IMA patches only ever call this to log
current's tty, yes?  If so, I would prefer if we dropped the
task_struct argument and always had audit_log_tty() use current.

-- 
paul moore
www.paul-moore.com