Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp74851imm;
        Tue, 5 Jun 2018 15:20:19 -0700 (PDT)
X-Google-Smtp-Source: ADUXVKL6p36NCfFPjzvS+GpRjzizG/8jtqk0zBMEn6Cl4UMykxWuk3gWtwq7kdr8POGqdnJ1VPhH
X-Received: by 2002:a62:4bc8:: with SMTP id d69-v6mr422119pfj.244.1528237219101;
        Tue, 05 Jun 2018 15:20:19 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1528237219; cv=none;
        d=google.com; s=arc-20160816;
        b=gc4graaS66u1lNoM7H+ZlcyDtE1tF+VukGoKZp+/B3+4sLRFlcjpOyI0SuTUE6bIYF
         cyaaTBCLeqiEKtXeQvr28qgZQGT3TM282kQdKn6fbnW/vjYUb/IZBTain2enbaevqUcn
         zw98fosarPWavAQB2ggo6wvKcDv+JwTUpr4zLEPdR47+1DRo1xpKuCHYrpKmDsKpEom/
         uY5gs0/WNAvKtX275Bk6JD6AaFnBFXAXMkWySjYyBdOLvTorE+FcCGKY/Eh2MWBwHzk8
         gBRhl/dTeyZ7ADWnRoCSabnOVLbxnFeXjFEKuIt9iDYqi/HsP7SJvxao1BEpGDDjbayU
         WtiA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :references:in-reply-to:mime-version:dkim-signature
         :arc-authentication-results;
        bh=/jj3YXEw05MxzHWKyZllx5Fa2lvZcCIWpp7T6tyvqm0=;
        b=eQ/eOZveOffLShdjJ4tAGGN/F5/CqXdYf56jBXS+ioxFi6Q2lIho9AxFZBTznv4BxB
         F89fPejSswIZ9wFo/iVmEdYKPiAjMH1U7OsTkPMQhyXeA222idwxxIQtS8nly8uM0fB4
         IZLU/RZHML9XXzhTayGeA8eZrQxP64UgJpiQaMi0sAlKidCJGzEBR5s6UDeWADsO+O/t
         HT9dj6Xyns//jCTO6wrc8CH4wPdiztX2jxYr76LoaZRYctsfhcYBaIqHNqy5t9lWB5r5
         MU5ftIX68fwZPY25TFnm88W/KZDlnOn5/zaspnoyxOnDNqv3SJN6oM12wJ2A8WLIR4ZP
         hTig==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=GmOy2W5X;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id g3-v6si48247662pld.309.2018.06.05.15.20.04;
        Tue, 05 Jun 2018 15:20:19 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=GmOy2W5X;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752574AbeFEWSk (ORCPT <rfc822;zoe.song.ucas@gmail.com>
        + 99 others); Tue, 5 Jun 2018 18:18:40 -0400
Received: from mail-lf0-f65.google.com ([209.85.215.65]:41597 "EHLO
        mail-lf0-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1752396AbeFEWSh (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 5 Jun 2018 18:18:37 -0400
Received: by mail-lf0-f65.google.com with SMTP id d24-v6so5996467lfa.8
        for <linux-kernel@vger.kernel.org>; Tue, 05 Jun 2018 15:18:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=paul-moore-com.20150623.gappssmtp.com; s=20150623;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :cc;
        bh=/jj3YXEw05MxzHWKyZllx5Fa2lvZcCIWpp7T6tyvqm0=;
        b=GmOy2W5XNqeeF4ecjmaVFieMt7sXOTw3HREpmzsVmCOMMX/fL47fEMYyTC/Ky/jEh6
         FmTy4TApZ+EoxohrIVjnuZFM8DDwl1+AK8jTREd1/Utrx9RTxC9egb7aBrI68vfFrpTY
         +Z0Bcwi5ZWRHtN7OExVMRE90L+oPgUp0QBMjUYzjZFRY9e+X1WThGUDKy8J6NENsS5JR
         dTTFRrLXwYsp3ZpyKRnCPw4L1OnXI1tIvqR1n2WhL43EkYwDX8XP+vfNriOpqsbzZ5qp
         GK92JGjSe0xOYS1t3sHjHyObQmwMsk67pFxLBEWv+PpaV9wW3m4gzMMlxGTfSL+m7g/h
         a4pA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to:cc;
        bh=/jj3YXEw05MxzHWKyZllx5Fa2lvZcCIWpp7T6tyvqm0=;
        b=mco91uyPilFah8kaNCMu8/7KGe/hHupngVDgmUi0SNKdadDEjuwFmxXk5OeqlwngF7
         iChef/3XCbIf6MLXZCLlDc/nbDwoyhvdj2W4hZosWaUFh4PVsMrthMeBFbN6lOAlsExG
         0UvQuPNo6BsssXGmkpVWP8Bn+d6uB+8frHXsmssnuN144/rlW+clauDpZjOPcaxExw8s
         3I+8qQgAHQqo+126yHuHrq6sxOmUwwF8UHG+iMiEt75BvWtg3eKoct3JLmYO4rJGTell
         iF9gqhn4F/YPGJf/vF+47+Rq77MD/QS05fnD7EmJG/d97Lq8kBJQJVATMeS+BTrfup8p
         Z+kQ==
X-Gm-Message-State: APt69E1gtMiakR/kzDg3ayKJE4ro7fzJHmgRAzy1naGT6OW1cDk3ltXi
        UWWKT+zdsF0zhR69zsUMaDAV13fJn4DqZQG5HEr2
X-Received: by 2002:a2e:4d0e:: with SMTP id a14-v6mr291936ljb.106.1528237115651;
 Tue, 05 Jun 2018 15:18:35 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a19:a911:0:0:0:0:0 with HTTP; Tue, 5 Jun 2018 15:18:34 -0700 (PDT)
X-Originating-IP: [108.20.156.165]
In-Reply-To: <1528208105.3237.155.camel@linux.vnet.ibm.com>
References: <20180604205455.2325754-1-stefanb@linux.vnet.ibm.com>
 <20180604205455.2325754-5-stefanb@linux.vnet.ibm.com> <CAHC9VhRkkQ74tvqGrSuNX2RdeHz5N7eU03-yHmVsZg47TxFD0g@mail.gmail.com>
 <1528208105.3237.155.camel@linux.vnet.ibm.com>
From:   Paul Moore <paul@paul-moore.com>
Date:   Tue, 5 Jun 2018 18:18:34 -0400
Message-ID: <CAHC9VhSbdYOkcszy+emgPNWWtUc0LoWy8pPvov+qjubV7b_EjQ@mail.gmail.com>
Subject: Re: [PATCH v3 4/4] ima: Differentiate auditing policy rules from
 "audit" actions
To:     Mimi Zohar <zohar@linux.vnet.ibm.com>
Cc:     Stefan Berger <stefanb@linux.vnet.ibm.com>,
        linux-integrity@vger.kernel.org, linux-audit@redhat.com,
        sgrubb@redhat.com, linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, Jun 5, 2018 at 10:15 AM, Mimi Zohar <zohar@linux.vnet.ibm.com> wrote:
> Hi Paul,
>
> On Mon, 2018-06-04 at 20:21 -0400, Paul Moore wrote:
>> On Mon, Jun 4, 2018 at 4:54 PM, Stefan Berger
>> <stefanb@linux.vnet.ibm.com> wrote:
>> > The AUDIT_INTEGRITY_RULE is used for auditing IMA policy rules and
>> > the IMA "audit" policy action.  This patch defines
>> > AUDIT_INTEGRITY_POLICY_RULE to reflect the IMA policy rules.
>> >
>> > Since we defined a new message type we can now also pass the
>> > audit_context and get an associated SYSCALL record. This now produces
>> > the following records when parsing IMA policy's rules:
>>
>> Aaand now I see you included the current->audit_context pointer I
>> mentioned in my comments for 3/4 ;)
>>
>> So basically this should be fine, although I should point out that you
>> do not need to define a new message type to associate records
>> together.  The fact that we don't associate all connected records is
>> basically a bug.
>>
>> Anyway, patches 3/4 and 4/4 look good to me.  Considering this is
>> likely going in during the *next* merge window, I would ask that you
>> convert from "current->audit_context" to "audit_context()" as soon as
>> this merge window closes.
>>
>> Thanks!
>
> Thanks, Paul.  I'd like to start queueing patches for the next open
> window now, instead of scrambling later.  Can I add your Ack now, and
> remember to make this change when rebasing?

Sure, go ahead and add my ACK to both 3/4 and 4/4 as long as you
double pinky swear you'll do the audit_context() fix-up during the
merge :)

Acked-by: Paul Moore <paul@paul-moore.com>

-- 
paul moore
www.paul-moore.com