Received: by 2002:ac0:98c7:0:0:0:0:0 with SMTP id g7-v6csp3991176imd; Mon, 29 Oct 2018 15:58:49 -0700 (PDT) X-Google-Smtp-Source: AJdET5fFvB67WWIPyLZVgvwD15fQ0Kbf7dXlQhaZsHihximeCD9xCgQljdrnYVJrD+yCVBmsaFjq X-Received: by 2002:a17:902:25ab:: with SMTP id y40-v6mr1029537pla.258.1540853929125; Mon, 29 Oct 2018 15:58:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1540853929; cv=none; d=google.com; s=arc-20160816; b=YZYXzMqmAfc7A3+O0jSG1Y8Ivavilt++fyr2mrGkZVDR2LH41FnN9TKBuaJe2hbIke ANYhBUQEE4V2GYs8uS+M5TCgmZNs9B1QDSax4NrQFjBarOuYcNPda0GXrkAq5Ktyp1bv oRUSq2tiAU2uwG12oIuNbjOlprTeX4qHloFSnFWLAwy8xuw6moaacDp1a7Hn9lVzn2OT yEq/AZRTcR6bPY6kNbCjfvB3nIoFgy8Lr7TGtHynGJvQpXuOzqnFmYWGoyVaexoUV8RX qzn11FRo8jokYieTGZyzM9fs2tAuElFw720qzRbOUw2c6IH+itoaanZfwJUefzOxfiyn glYg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=HAaDmrAhiPIUs37kgOYsuLv6czEMDqu6UUWI/wc1ByU=; b=zL6z8OroXwbZ1kKEfObq93qyvgHUirMx5jJKWpyLgwMttTpemOap/3z/mt2RgPiPlG +HqF7tw2ZeybmSBKRgh9T0Vf70cJL4gr+A3OOnPsohbHI9AE5rCdQ9eNtaNEpNmm4VX0 gwpk+9o3Gil64nmPup/5n97dN1mNh/r6vyfAxKSlq17j3ml4HrIevESV6DTHRn4kn5jT FAxwcNC8fuEJk6qssudczCgeBEm4KAVyc84Vo5sTG99/H5C6X5Y7ApcF37jbHJeD6NUF yLceTHYiE6XCU0OwGWJ+HaZXjaH+DGX2/7weWzeGW1oa5bZiXfP3vTJ+NGMpZXo5nAQN KWbQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b="Ufl/m0Se"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id o11-v6si20924627pls.76.2018.10.29.15.58.31; Mon, 29 Oct 2018 15:58:49 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b="Ufl/m0Se"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730987AbeJ3Hsr (ORCPT + 99 others); Tue, 30 Oct 2018 03:48:47 -0400 Received: from mail-lf1-f65.google.com ([209.85.167.65]:40044 "EHLO mail-lf1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730358AbeJ3Hsr (ORCPT ); Tue, 30 Oct 2018 03:48:47 -0400 Received: by mail-lf1-f65.google.com with SMTP id n3-v6so7390103lfe.7 for ; Mon, 29 Oct 2018 15:57:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=HAaDmrAhiPIUs37kgOYsuLv6czEMDqu6UUWI/wc1ByU=; b=Ufl/m0SeikOBfA0wbXyLlcAUlbpY+4/mTTOt7gzUSr81A2a+YoPJgRRjxxXTSOWlIZ ikIJtQRPgWeuKPvFzD8+Uq6IGlG8wraAwAYXbU31iOL+/geSyeury0NDOBBjbpbdecFo XfToOUDJu4vmX2mLNjbS8CthKmztMudI/zrsSV9YcZrNTYun0wAEE7BHbc13gFFdtleU esssIvtr6DRBAugWSfo3HTqd9FK4tXMXHIM0lTFCLBOosS2kizGF+ptvmcIR+SAhvJb9 0ZvIciQQ1Nwivg6KBxX+RvtslGMRNZWAGfZtOHkaUSExWDP0Sl6AoZ2VjEornFc3yc3m eJ7Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=HAaDmrAhiPIUs37kgOYsuLv6czEMDqu6UUWI/wc1ByU=; b=Gi1Ds7JOapJR3kMOf+5zlLgVSDqZHjhEqcPogD+3D6qdYEyLx0lW86+jwwu7beK3AC ga1U0qz+vRX6jjN4SmD7PC7ZFfT6NFiFC14XYSozCXYlBdrELE9a/StQZi8q1ixLc0PF B8XjDJS0kKiVmdTu8bEny93Yklq7bCuHOtvdFtrLqs+TShhiPU7yuB3vXPcXeh/M48/0 uZE2Q4xeMxDQnlweaie2aCPz05JDTezuSKlLn012yttkswgW/kMUKNtnUq5XDQVmSPYx BvtWVALiF6RYDtqoiRWQ36JbrDmNI1mMtseSfGoMTMoiK8nWpS6wb73C6XNkHBE0+SvD Qa5w== X-Gm-Message-State: AGRZ1gKY7aEpusWbiTzzBAOAN02glO8oCtgx8iN4waPpbO0+/GszLfui pUnuu97SWrxJqV0e/PIEcYBX7oOtGGAGosTxpuYF X-Received: by 2002:a19:1a41:: with SMTP id a62-v6mr372254lfa.40.1540853875709; Mon, 29 Oct 2018 15:57:55 -0700 (PDT) MIME-Version: 1.0 References: <20181029104854.17432-1-david.abdurachmanov@gmail.com> In-Reply-To: <20181029104854.17432-1-david.abdurachmanov@gmail.com> From: Paul Moore Date: Mon, 29 Oct 2018 18:57:44 -0400 Message-ID: Subject: Re: [PATCH 0/2] riscv: add audit support To: david.abdurachmanov@gmail.com Cc: palmer@sifive.com, aou@eecs.berkeley.edu, linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, linux-audit@redhat.com Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Oct 29, 2018 at 6:49 AM David Abdurachmanov wrote: > This patchset adds system call audit support on riscv (riscv32 & > riscv64). > > The pachset was prepared on top of v4.19 tag. > > audit-userspace changes were submitted. See: > https://github.com/linux-audit/audit-userspace/pull/73 > > Tested the following manually: > - auditctl (checked several different example rules from internet) > - aulast > - aulastlog > - ausearch > - ausyscall > - aureport > - autrace (compared some syscalls to strace: order and return > value/input arguments seem to be correct) > - /proc/self/loginuid (required by DNF [package manager]) > > I looked into audit-testsuite and with some adjustments results are: > > Failed 4/14 test programs. 19/88 subtests failed. > > The failing tests were due to missing CONFIG_IP_NF_MANGLE, 'id -Z' not > printing categories (don't know why), not having loadable kernel module > support enablled and syscall_socketcall not being relevant for new arches. > > audit-testsuite with adjustments: > https://github.com/davidlt/audit-testsuite/tree/riscv64 > > Depends on: > [PATCH 1/2] Move EM_RISCV into elf-em.h > http://lists.infradead.org/pipermail/linux-riscv/2018-October/001885.html > > This should solve DNF issues in Fedora 29/RISCV. > > David Abdurachmanov (2): > riscv: add audit support > riscv: audit: add audit hook in do_syscall_trace_enter/exit() > > arch/riscv/Kconfig | 1 + > arch/riscv/include/asm/ptrace.h | 5 +++++ > arch/riscv/include/asm/syscall.h | 10 ++++++++++ > arch/riscv/include/asm/thread_info.h | 6 ++++++ > arch/riscv/kernel/entry.S | 4 ++-- > arch/riscv/kernel/ptrace.c | 5 +++++ > include/uapi/linux/audit.h | 2 ++ > 7 files changed, 31 insertions(+), 2 deletions(-) Thanks for the patches David, I'll be able to take a closer look next week once the merge window is closed. -- paul moore www.paul-moore.com