Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp158449imu; Thu, 3 Jan 2019 16:26:20 -0800 (PST) X-Google-Smtp-Source: ALg8bN7Uf342LVaPvbR4zQ/9VUKGtJsfn1bGwggLM/fHeATFln/TO8jssOhlVHsZwi42ubXMycgd X-Received: by 2002:a63:8f45:: with SMTP id r5mr18592508pgn.222.1546561580617; Thu, 03 Jan 2019 16:26:20 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1546561580; cv=none; d=google.com; s=arc-20160816; b=mYa1AUN2v2gWFgcquUZ31hnR55/ZzPQ6CwnVpGXF7aKPL+Zy5jEy8QLPJ/mqBJhQHd MFTDz7/TYIepXVjvfZoL8GEZAKNDhJuMYZjjcVvy6hIXmBBEy3zIq9iLKSty6IqJBmbR z2WNs1UgOwtd5QCTfqdYncrkXwpE1fGUUVlQN2UkNtChiqRojFTCIlkC8NZ1f4LjyDOA 0jJq9CcGiKt9yZL1oQJQ2Oa75D1CGNqJV76sQm1cvg4Je/os1qTzoSBNQ2nds8blGiF0 8C2WjVK+ysbysxX33xuaNuPGiR0/31I11qcQZ5+FNWMTSAb1ahbiRcOgx2tV8Ez0hDE/ pKGA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=Icmrvv+eKc7JLYOfSGTy5gIRSh1Zgg8phieU1RcmUvk=; b=DmzKBtg7HYN8+nkeavCzRbpZlOLrwyaIOmZs1C4QBtzetSDib5fm0vkjy9UP9un97K zNTuPEG4FbVTsuBw75laG2vfru/pvFYKM7/vt2t+FyAxpoEIkFCL+yODUYDUwBFqluZa ziHDdmlXTF//zNydA3+TKAAoFEDCljrP3HfOjWBBI+Gifnaw9quSuKrSxkU16UJHc0Vy Wt97cjo/JogNx3dCRHMsruy3q8qMi7H8/czrUNr3fYvjVlI7KSh4I4ZYC4oEDhgjLCXj Px7mSfn5700kHxkkEH7AJEK254dGYfpwCA3xATqcRkaacANyUdvb64pNK/e5bRdBTA0K NqKQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=nuPYAG6e; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id a9si2905313pff.126.2019.01.03.16.26.05; Thu, 03 Jan 2019 16:26:20 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=nuPYAG6e; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727749AbfACULN (ORCPT + 99 others); Thu, 3 Jan 2019 15:11:13 -0500 Received: from mail-lj1-f195.google.com ([209.85.208.195]:37788 "EHLO mail-lj1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726679AbfACULM (ORCPT ); Thu, 3 Jan 2019 15:11:12 -0500 Received: by mail-lj1-f195.google.com with SMTP id t18-v6so30720473ljd.4 for ; Thu, 03 Jan 2019 12:11:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Icmrvv+eKc7JLYOfSGTy5gIRSh1Zgg8phieU1RcmUvk=; b=nuPYAG6e4vM53NHwsQtElxvXantHSWxLvCWX39nFidQGVZtMu19E06KWMp0Xpav40y VcBQPC2NAJvaW+6G7ZRX6kkEPEssdp8vfph1endclYSa5MAnKIRBGaYFHAqR/2wkC/Zd snbcqEWGOlk1N1tDMmEn3JKo/BH5kW1sy42QNOZrV7iOlj6USElD+wJwdWbTj/1EAu3+ 3+GihmFs4HIUA6vzRXSodXXCwg7RynVzXaV6r2vRvmmovBd0qtGmGlikhT4cHly9UEad UXp1Y2ErP7M49Z4eMKoz5WhgHdOrgq3T30noaEyhomNqHtv9OWfpL/W3TpMSWkUtEC5h 1ldw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Icmrvv+eKc7JLYOfSGTy5gIRSh1Zgg8phieU1RcmUvk=; b=KjAIcetsnoh/mtfzMtz2yb8QEDQ0PlJVN7wnYQTJp2HcfInmXlxmGyzoz0jGMQ1G4V BdaxB8W8mpm1LZobmuwOtySUlon7lHMFCUmVXUD5OvtjYN8vfaf3ai7ijhVuo1nBXTCn TcOnoWVbtfZ+AOjmSYfAfemVbyExMdPD5FRw1G5U+mca3qFsGrNmuDMUTcY3nbQxufLe Zaz37wKzj8J9gS3jlVArnTTrPAZ/fZ5dIJcFVdE9CXJZxgkhtBqB9/tvCavEqRQC5OAy +Jmq9QoDz8PdkRSz5WAgklil5BbpjgHMFzNV4UanDaWXUqfoXHnq5mzNxeX5bV4wxDm7 a8mw== X-Gm-Message-State: AJcUukdwUQ0zRsSM0rEA0xZDud55ANEiaxPpMHxC+ATuFDgJmjGWYmj3 1l2wenPgYqlrRSD+NhRrsHaco+BeR1qSyq6BF4hiqMFadA== X-Received: by 2002:a2e:8605:: with SMTP id a5-v6mr24858054lji.145.1546546270277; Thu, 03 Jan 2019 12:11:10 -0800 (PST) MIME-Version: 1.0 References: <2827530000d6b4972d446b0226adab153ff3b5c5.1533065887.git.rgb@redhat.com> <20181101184853.vxel3dfdntzmhcnq@madcap2.tricolour.ca> In-Reply-To: <20181101184853.vxel3dfdntzmhcnq@madcap2.tricolour.ca> From: Paul Moore Date: Thu, 3 Jan 2019 15:10:59 -0500 Message-ID: Subject: Re: [PATCH ghak90 (was ghak32) V4 05/10] audit: add support for non-syscall auxiliary records To: Richard Guy Briggs Cc: containers@lists.linux-foundation.org, linux-audit@redhat.com, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, ebiederm@xmission.com, luto@kernel.org, carlos@redhat.com, dhowells@redhat.com, viro@zeniv.linux.org.uk, simo@redhat.com, Eric Paris , Serge Hallyn Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Nov 1, 2018 at 2:49 PM Richard Guy Briggs wrote: > On 2018-10-19 19:17, Paul Moore wrote: > > On Sun, Aug 5, 2018 at 4:33 AM Richard Guy Briggs wrote: > > > Standalone audit records have the timestamp and serial number generated > > > on the fly and as such are unique, making them standalone. This new > > > function audit_alloc_local() generates a local audit context that will > > > be used only for a standalone record and its auxiliary record(s). The > > > context is discarded immediately after the local associated records are > > > produced. > > > > > > Signed-off-by: Richard Guy Briggs > > > Acked-by: Serge Hallyn > > > --- > > > include/linux/audit.h | 8 ++++++++ > > > kernel/audit.h | 1 + > > > kernel/auditsc.c | 33 ++++++++++++++++++++++++++++----- > > > 3 files changed, 37 insertions(+), 5 deletions(-) > > > > I'm not in love with the local flag, and the whole local context in > > general, but that's a larger discussion and not something I want to > > force on this patchset; we can fix it later. > > I understand your reasoning to combine it so that if one patch gets > backported then both do, or if one gets reverted both do, but I really > prefer them seperate for similar reasons if there is more than one user. The key is "more than one user". As I mentioned below, assuming that the only user is the networking bits (we can continue to discuss the tty caller in the tty patch), this should live with the networking bits; it makes no sense to keep it separate in that case. Of course, if there is more than one user, then keeping this change separate is reasonable. > > I think this patch looks fine, but it seems a bit odd standalone; it's > > almost always better to include new capabilities/functions in the same > > patch as the user. Since the only user is the networking bits, it > > might make more sense to fold this patch into that one. > > It was kept seperate due to tty_audit usage. See my reasoning for patch > 6, but I'm willing to negotiate if that merits an exception like the > USER records do. -- paul moore www.paul-moore.com