Received: by 2002:ac0:98c7:0:0:0:0:0 with SMTP id g7-v6csp3220155imd; Mon, 29 Oct 2018 03:49:55 -0700 (PDT) X-Google-Smtp-Source: AJdET5eJxtYrRWs+0jq1zqjzooVJAzWcXFLga92ZS3SWzDGfBwSDVMthadj0EKHcR6wpIRKH2L7n X-Received: by 2002:a17:902:64c1:: with SMTP id y1-v6mr13865726pli.210.1540810195357; Mon, 29 Oct 2018 03:49:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1540810195; cv=none; d=google.com; s=arc-20160816; b=c/qiC8T9wb0vDcSSML6bcQDn08PkesyBS6iUpd03yP6QjcZnU4ZnHyEjqifYPlPL+r oOcMua/we8bFaKqPmVaQ4W2q+gzQ+Nko5YjWxeyG5V/GJ1E8Kk9bF3a1TdpqkDfIeP1O 68hichHHGNWR9EWchXExytvLpn56Afx1uhemznclpQcVD2mJv4NwH1G5ZJ+Rw7uk8xGN FqDya8CJvrr21cDWRKHTlv6/AMl5Km7SLVyX2tI7InGplNHIiL7uxpfzrqmkSrphW5BU xIMDrsWraQQeVaq5/WtCV7vFsRGRZEKmMnhOSw18qy4vpEkeSlpZpYwXGF/AQDU21ojw PD3w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from :dkim-signature; bh=VxaIDmDKvxD8zCA2Wo/jH/VQ0KsaOQA2tHEfNNJ/B98=; b=e1N/z7HV5V5zqkjNx6EHBvvaB2WEwOsvZ+mxCI2UTljAYWHK++lrbPpcif9DCJsDRa q+G2CnaOiyOBGh/DDukXKkCHQiWlvfkZyg/iTMzGCdByblOQm2/ZwC+wW6bMchIKBS9H XSz2mBcRcOJD2XjgsPqf6g/43Y086u10YColJLDj+DZ+PQctT61hbyZIPeT9K1KebacY FFVVWPuYjoOHXSD1EZEAaqhS1GEcuv7pRlpOar5u7qjDTfoGECMM8yMoW5RvIG4laYK1 hAwPTJfONgJnbMYe4E/zDxmRxfghfGaMF5l5ufgLKjUBAAggYeCoGcxYeEorgs4CywZh iG0w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=ab7KCGrX; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id p9-v6si21114210pgn.522.2018.10.29.03.49.38; Mon, 29 Oct 2018 03:49:55 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=ab7KCGrX; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729723AbeJ2ThZ (ORCPT + 99 others); Mon, 29 Oct 2018 15:37:25 -0400 Received: from mail-wm1-f68.google.com ([209.85.128.68]:53064 "EHLO mail-wm1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729194AbeJ2ThY (ORCPT ); Mon, 29 Oct 2018 15:37:24 -0400 Received: by mail-wm1-f68.google.com with SMTP id 189-v6so7693117wmw.2 for ; Mon, 29 Oct 2018 03:49:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=VxaIDmDKvxD8zCA2Wo/jH/VQ0KsaOQA2tHEfNNJ/B98=; b=ab7KCGrXY0SNzGLsTBF5QA6SsWR7BsSAeq8Q2qgfilrIpG6kG8LXidEmQCYkp6eqKv ZSlcqn8bDU4YSr4eP7sx0a/E/YEf4xjGQd4oEuHtkxpDnnHk2FDp+fUDn7yWnqpQ/nPY mJ1/WjlAsh32F0aBJjRa/tfUGkdJ+UWkzV3njgUcLEosuGQff8Qsmhfb7vK74gO3OsZl SYoBdidjXjzDBjCXl6BDrkzn1q60gLhjX+oIt9ohDskLTaZWDi28bp3Gfx/WN9FRD99H rH6jnzVL5Gvdr3M4djCnBqP5JskMccvkWMy0HwfaiZIQi3VH1G5vfN623/sydmhdxCpW CBwA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=VxaIDmDKvxD8zCA2Wo/jH/VQ0KsaOQA2tHEfNNJ/B98=; b=VMeY2ZsFiQVa8GBMOY+odnxXZhAOPAJaN0/DTEdc/K6EeLSAWlHDyXsb5G559PeGfk bPe/a7w2BKqteyT8gVI+lpEaoH717ku77Lcue4kCjuPdLEOENoXC1/dsZa3wfKnSElpy Bm97+trHhKGvioQ+amP6KJRClql7ghdldv7SUhjv5C1oYSYr+/8qNJoSzZjjkFR0LJ60 V2BI9DFQ06QS1lJO/XSRgoADkTmE/gad3TFfY8OnSfQhXcMN7n/OtulNY5JqoPoVS4kl GjibQcrMjsjDkDZSacH5sfV2GcwJEHcmVz5KWMw6vdMyY4NjQbXSH3MXGDECyUg0QC3m a5CA== X-Gm-Message-State: AGRZ1gLVnrPkfPUxcVmWNQibe3nYO1hAlICbGaIS9l9o6PMD47g9e5Ir bm+fPY/Ji6+uvDoXkL2nanY= X-Received: by 2002:a1c:770a:: with SMTP id t10-v6mr1732171wmi.149.1540810155060; Mon, 29 Oct 2018 03:49:15 -0700 (PDT) Received: from localhost.localdomain (ip-76.net-89-3-178.rev.numericable.fr. [89.3.178.76]) by smtp.gmail.com with ESMTPSA id l70-v6sm36360609wma.0.2018.10.29.03.49.13 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Mon, 29 Oct 2018 03:49:14 -0700 (PDT) From: David Abdurachmanov To: palmer@sifive.com, aou@eecs.berkeley.edu, linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, linux-audit@redhat.com Cc: David Abdurachmanov Subject: [PATCH 0/2] riscv: add audit support Date: Mon, 29 Oct 2018 11:48:52 +0100 Message-Id: <20181029104854.17432-1-david.abdurachmanov@gmail.com> X-Mailer: git-send-email 2.17.2 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This patchset adds system call audit support on riscv (riscv32 & riscv64). The pachset was prepared on top of v4.19 tag. audit-userspace changes were submitted. See: https://github.com/linux-audit/audit-userspace/pull/73 Tested the following manually: - auditctl (checked several different example rules from internet) - aulast - aulastlog - ausearch - ausyscall - aureport - autrace (compared some syscalls to strace: order and return value/input arguments seem to be correct) - /proc/self/loginuid (required by DNF [package manager]) I looked into audit-testsuite and with some adjustments results are: Failed 4/14 test programs. 19/88 subtests failed. The failing tests were due to missing CONFIG_IP_NF_MANGLE, 'id -Z' not printing categories (don't know why), not having loadable kernel module support enablled and syscall_socketcall not being relevant for new arches. audit-testsuite with adjustments: https://github.com/davidlt/audit-testsuite/tree/riscv64 Depends on: [PATCH 1/2] Move EM_RISCV into elf-em.h http://lists.infradead.org/pipermail/linux-riscv/2018-October/001885.html This should solve DNF issues in Fedora 29/RISCV. David Abdurachmanov (2): riscv: add audit support riscv: audit: add audit hook in do_syscall_trace_enter/exit() arch/riscv/Kconfig | 1 + arch/riscv/include/asm/ptrace.h | 5 +++++ arch/riscv/include/asm/syscall.h | 10 ++++++++++ arch/riscv/include/asm/thread_info.h | 6 ++++++ arch/riscv/kernel/entry.S | 4 ++-- arch/riscv/kernel/ptrace.c | 5 +++++ include/uapi/linux/audit.h | 2 ++ 7 files changed, 31 insertions(+), 2 deletions(-) -- 2.17.2