Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp2293966imu; Tue, 6 Nov 2018 12:08:13 -0800 (PST) X-Google-Smtp-Source: AJdET5cEd8Y/t7enKyqSYn/4A75GvvjeNvOW/zuEIorRs6eYrXNJARtECukqBkogPYOWJ3GKRQwo X-Received: by 2002:a62:7a92:: with SMTP id v140-v6mr27579404pfc.46.1541534892865; Tue, 06 Nov 2018 12:08:12 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1541534892; cv=none; d=google.com; s=arc-20160816; b=uONngJ3r92JYmO2LCAvPTPDcafDexywZEXEqvRbTKRna4JuGeAUt5l0bEPExcm0Eaw UKanxm8dAr7ms2fLcsO+YISrAW70vpnoat6su7mBap7lbNGluFOhFANmSMMsHBuiKUbK ZZK0shLJcTnjICBHfIvy9u3zK+aLK5fE9fMazovmVaiYYFD4rZKDi0PjM/hGDa8p0Yy+ ODeitP+BFUHsb53zjEvRCEw2jDzFmmIkszKDMF+PKG8JCiDxud6FEhYx1fjj74tlw+IL R/skb11CyYSesVZ6b1ZrnXN89PEc/nn4wfyh2wjPzU+fyuzk/X4adIkH+DoFBJB0oOA5 jjlA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=o7KNBT5u2FpdE9ddKtjUHG9Vamfl6XScoxgvK/qV5gY=; b=mAjqJ6k0NFDD7NVU1FiVY7gkApysqCS18FWua/3oWJslc7mwirq/RlCIu/1NsGGRlt gYqE7JfUP1QzQO1hVoHqOJyN/rnFA/c2toLolXug6OtZK5qu1oDM6f2zZSdPzuGsfJm7 qAANa5sgpiE/2I6dkbwGjPWz5pdkOU0WurDy1gUHvpLFy5otGzYqPuO4qyz70o41Vecw rmE9u58N+gVOvBbw/6GX4CEUNeivSDyfToFe9t6DtRPIATMJ/KNTFdtwReLZ544SwMax S7VJYFwyw8euA+NcdVPPv7COxUMzVlhKQZhjxX+MPOSSRdbGlply4v8z33ijgOiwrh22 xU0w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b="r/77uaws"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id z61-v6si231777plb.46.2018.11.06.12.07.45; Tue, 06 Nov 2018 12:08:12 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b="r/77uaws"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727315AbeKGFdI (ORCPT + 99 others); Wed, 7 Nov 2018 00:33:08 -0500 Received: from mail-lj1-f195.google.com ([209.85.208.195]:41110 "EHLO mail-lj1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726184AbeKGFdH (ORCPT ); Wed, 7 Nov 2018 00:33:07 -0500 Received: by mail-lj1-f195.google.com with SMTP id z80-v6so12626612ljb.8 for ; Tue, 06 Nov 2018 12:06:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=o7KNBT5u2FpdE9ddKtjUHG9Vamfl6XScoxgvK/qV5gY=; b=r/77uawsFZbyZTeCVUbPwrZv505elxTg42SrdWG576eXWyWEWgygXWj8fF+jFAXATB qvPlpEAZoJ9aeYgfrElrw7mzcJsBGFcLCIukhSnZMpcejSxyAMROAZaAgVlnUZ93JPkt w/OuU+lN6ufozZzv9+Wf+23i0QPwXaLBGLqjZJz3BGUIv/woCes5f2Uh4eLRMbFxuB0I QdU6uNeTlIFWGNkVhXeykDCCdaswbO1FJaAMJLrRtE7VF3hGiXHg6ZiweUquEUw2S7c7 mXlKJ39i4hY7/tM1NoiVHvJO0o4ai8i7B/H22Ms1FFDW1I0QN8a5jwtfjFpXbheP0HQU tbxg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=o7KNBT5u2FpdE9ddKtjUHG9Vamfl6XScoxgvK/qV5gY=; b=AfKZ3FgiMKrpgEnRrG+DJvvT1KdECBCV+9plsxRTsdGUTvv8OkoAYqiUCgzBAe1DeX 6xGZQ72Ho9zYOwLjSF2l8qYUURSipWLdt0d4pNzo6OIi+nlNdPA83Uq5xZi87jcoQeBv GqVH710WnWbbV8kf9rAEwg+D5jOP3WZ15mD3eTg8+4c4NmXDo2p4UgKaa9oXjd3U99Fk e6Lt786EbaNkDTAxUuaH5wko0JgJQcWZY46ejr6R/BA2ccT6UsletzC+fzur1o4LPGCP BOzh5rTa7LZeg844Ra8T5kqUD5gVDIWZVtOyHITcrq5Alnt6jJoR+DgAr0QSyYLkGYND RU0A== X-Gm-Message-State: AGRZ1gLKUx2C+qCOEwrUU7v17aHlKtlWiLW4EinaDJwCBJtCme/mpgxm r/qFWrYRNWmpK0TRkZIJaa1/ivF1pycLXk3TlFr7 X-Received: by 2002:a2e:8884:: with SMTP id k4-v6mr17773328lji.145.1541534772365; Tue, 06 Nov 2018 12:06:12 -0800 (PST) MIME-Version: 1.0 References: <20181029104854.17432-1-david.abdurachmanov@gmail.com> In-Reply-To: <20181029104854.17432-1-david.abdurachmanov@gmail.com> From: Paul Moore Date: Tue, 6 Nov 2018 15:06:01 -0500 Message-ID: Subject: Re: [PATCH 0/2] riscv: add audit support To: david.abdurachmanov@gmail.com Cc: palmer@sifive.com, aou@eecs.berkeley.edu, linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, linux-audit@redhat.com Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Oct 29, 2018 at 6:49 AM David Abdurachmanov wrote: > This patchset adds system call audit support on riscv (riscv32 & > riscv64). > > The pachset was prepared on top of v4.19 tag. > > audit-userspace changes were submitted. See: > https://github.com/linux-audit/audit-userspace/pull/73 > > Tested the following manually: > - auditctl (checked several different example rules from internet) > - aulast > - aulastlog > - ausearch > - ausyscall > - aureport > - autrace (compared some syscalls to strace: order and return > value/input arguments seem to be correct) > - /proc/self/loginuid (required by DNF [package manager]) > > I looked into audit-testsuite and with some adjustments results are: > > Failed 4/14 test programs. 19/88 subtests failed. I realize that the test suite failures are likely not due to your code, but rather shortcomings in the test suite itself, but I think it is important to resolve these problems before we commit the kernel changes. You mention Fedora 29/RISCV below, is that the distro you are using for testing? Also, are you using a stock kernel config from the distro or your own? > The failing tests were due to missing CONFIG_IP_NF_MANGLE ... Assuming a general purpose like Fedora, that seems like an odd omission. Any chance you can rebuild your kernel with the mangle table? > ... 'id -Z' not printing categories (don't know why) ... Are you seeing the MLS/MCS sensitivity level, s0, or are you not seeing any of the MLS/MCS fields? > ... not having loadable kernel module support enablled ... Much like the netfilter config, any chance you can enable this in your kernel? > ... and syscall_socketcall not being relevant for new arches. We will probably need to make that ABI dependent in the test suite. > audit-testsuite with adjustments: > https://github.com/davidlt/audit-testsuite/tree/riscv64 > > Depends on: > [PATCH 1/2] Move EM_RISCV into elf-em.h > http://lists.infradead.org/pipermail/linux-riscv/2018-October/001885.html > > This should solve DNF issues in Fedora 29/RISCV. -- paul moore www.paul-moore.com