Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp1159999imu;
        Fri, 4 Jan 2019 14:27:49 -0800 (PST)
X-Google-Smtp-Source: ALg8bN5V3OW9qflXRqYuejB8bAqIeK6NTfRPKi99iHQhy5StubRjuhpZ3TAq6L2s+OHD3ICy7zfP
X-Received: by 2002:a17:902:7896:: with SMTP id q22mr53392525pll.280.1546640869266;
        Fri, 04 Jan 2019 14:27:49 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1546640869; cv=none;
        d=google.com; s=arc-20160816;
        b=ZuPUcYz8qGxPAbd0CQoKthGZwccH2o/DTuJ2oqt19m6zHMB6h+Y/XdursHs7OmggCZ
         OA7WJxb7NIakJpXokRi9kgFKXFOQKodHUaty/1RBEsdkZ1rfxq6FYa2VhuR45P1GT2d0
         x5E/9k9YH6pzAltLNZazSZNpT+xuPIH6Nkw6ix9iXMhaL3ruxDI4cqPw3Ltw2tI6ZsFM
         2MIVzidEA2KIb7TUV4nYNRh0oCGTxDDDeYXDD3H4kuzdSAC+MCSGE6aFVhym5rkq1C+d
         iurmsvIrbJqqZl1GwvPhJbefLzdnoOQtde0Y11Euzi6NPdgq4FG4mOHkwdy2hoCYNwzT
         mWfg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date:dkim-signature;
        bh=n9KKoy07FqMceGHLDf06eKMyV/ZGFogpP6+m44Yd7bE=;
        b=IPLeOu+lRQc4SArZMo12pXHz4OpbjFxvvsUWraziVIJrncE8ZaHrCWIWfo4biBPDTz
         wuip+PEQXIudhZYPXScO17600VI0lCjgskLoDl9gqBas8k4w3TotQnT4NrcIdeU4SDh8
         CwS+pDvs+K3xt/TAYB86iOnjxwjplZHyH1ImA25gkpnBcufb1tM3Q9uxt1nemrJ59ACu
         AlPb0zT+ABTNpcdfZdPR0y5G/M/GNFOAMZVv7cxWbSLkkHcDNQF0GRP8JCfe/mSqxx9U
         Q58ffvmKl49J2p4FAX06P1YWCJKLs9OTaIPGbrIIA7RRBu7JjsnYPDgLTrecvG6/vSIF
         2V1Q==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=fail header.i=@gmail.com header.s=20161025 header.b=l2sb3uOV;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id e6si54151061pgl.471.2019.01.04.14.27.21;
        Fri, 04 Jan 2019 14:27:49 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=fail header.i=@gmail.com header.s=20161025 header.b=l2sb3uOV;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726328AbfADWEk (ORCPT <rfc822;linux.htchiang@gmail.com>
        + 99 others); Fri, 4 Jan 2019 17:04:40 -0500
Received: from mail-pg1-f195.google.com ([209.85.215.195]:43790 "EHLO
        mail-pg1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726105AbfADWEk (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 4 Jan 2019 17:04:40 -0500
Received: by mail-pg1-f195.google.com with SMTP id v28so18008273pgk.10;
        Fri, 04 Jan 2019 14:04:39 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=sender:date:from:to:cc:subject:message-id:references:mime-version
         :content-disposition:in-reply-to:user-agent;
        bh=n9KKoy07FqMceGHLDf06eKMyV/ZGFogpP6+m44Yd7bE=;
        b=l2sb3uOVyz41p3U0Fdr5xZMAHQjrhfqXdnJw1DHB/ICiiaMspoAGZy1Q0xnnEgAg5i
         1CFfht5I8lmZLINJZyzQLDPOs55u4Ke4IEXQJtunzcv/uuFVhpeWK9TYxmzvI0aym16Q
         KdXRqzfRVjVwIZPEJH354PCh/I5Y8y2GfF+sHkHq+gLnN9zfkMq+JWAaI+BOnoEHa5dQ
         95T4kqy5Mqryy8Kc4W1eh9ry0U55J+NmrQ2HG1/9wbyMPwLxKq7/9dxyU4PpVc/ioIl6
         So336ChBm0uMwu+1KheQZSrODmFppeQt/oVicsIOSazL6/7/SlAXJCJH2S1/I/67DSp0
         I9Wg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:sender:date:from:to:cc:subject:message-id
         :references:mime-version:content-disposition:in-reply-to:user-agent;
        bh=n9KKoy07FqMceGHLDf06eKMyV/ZGFogpP6+m44Yd7bE=;
        b=LTk2iNEsrqHTt7YXG++hlZn1R4MRxq6xuQuUEDVwEoDljdReO6eIyrcQ0GbcIkt+rE
         0NIkDctADYmIZUTuNS01IxK7FzubdH3rYp7aINNy5ECFWC3SiHZNqGyHdlZNCLlV97e0
         kCu3wy5d0MEBOg/RXHl6d9zEe/JiYPdy8mjzhxBt98co8x9E0ivShHSQv/I19U7OGSX2
         ZdQGsALzUclFkDiD/sVW9O1lzjIqYO1yJaR2LDnAOyAoUwDcyn3iN+v3Nfb+eYsHeX1G
         4a0WpCwK3GTmMNt43lZ1IzIslI2RFN/v3bYcvFnsOB4UUP1SpQufql6CRegcHEtReyaK
         n6FA==
X-Gm-Message-State: AJcUukeGyoSNoKyNmg4spdwPwBS01cVqK9lfIqa3rJtv/LqQhDyzLvXC
        ME9BAiR+g1NaXDsn1jNGbpQ=
X-Received: by 2002:a63:78cd:: with SMTP id t196mr3067788pgc.62.1546639479078;
        Fri, 04 Jan 2019 14:04:39 -0800 (PST)
Received: from localhost ([2600:1700:e321:62f0:329c:23ff:fee3:9d7c])
        by smtp.gmail.com with ESMTPSA id b27sm88629400pfh.113.2019.01.04.14.04.38
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Fri, 04 Jan 2019 14:04:38 -0800 (PST)
Date:   Fri, 4 Jan 2019 14:04:37 -0800
From:   Guenter Roeck <linux@roeck-us.net>
To:     Richard Guy Briggs <rgb@redhat.com>
Cc:     containers@lists.linux-foundation.org, linux-api@vger.kernel.org,
        Linux-Audit Mailing List <linux-audit@redhat.com>,
        linux-fsdevel@vger.kernel.org, LKML <linux-kernel@vger.kernel.org>,
        netdev@vger.kernel.org, netfilter-devel@vger.kernel.org,
        ebiederm@xmission.com, luto@kernel.org, carlos@redhat.com,
        dhowells@redhat.com, viro@zeniv.linux.org.uk, simo@redhat.com,
        eparis@parisplace.org, serge@hallyn.com
Subject: Re: [PATCH ghak90 (was ghak32) V4 01/10] audit: collect audit task
 parameters
Message-ID: <20190104220437.GB19346@roeck-us.net>
References: <cover.1533065887.git.rgb@redhat.com>
 <8e617ab568df28a66dfbe3284452de186b42fb0f.1533065887.git.rgb@redhat.com>
 <20190104025006.GA15567@roeck-us.net>
 <20190104145735.vlrw2fip5syn2exc@madcap2.tricolour.ca>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20190104145735.vlrw2fip5syn2exc@madcap2.tricolour.ca>
User-Agent: Mutt/1.5.24 (2015-08-30)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, Jan 04, 2019 at 09:57:35AM -0500, Richard Guy Briggs wrote:
> On 2019-01-03 18:50, Guenter Roeck wrote:
> > Hi Richard,
> > 
> > On Tue, Jul 31, 2018 at 04:07:36PM -0400, Richard Guy Briggs wrote:
> > > The audit-related parameters in struct task_struct should ideally be
> > > collected together and accessed through a standard audit API.
> > > 
> > > Collect the existing loginuid, sessionid and audit_context together in a
> > > new struct audit_task_info called "audit" in struct task_struct.
> > > 
> > > Use kmem_cache to manage this pool of memory.
> > > Un-inline audit_free() to be able to always recover that memory.
> > > 
> > > See: https://github.com/linux-audit/audit-kernel/issues/81
> > > 
> > > Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
> > 
> > Overall I am not sure if keeping task_struct a bit smaller is worth
> > the added complexity, but I guess that is just me. 
> 
> The motivation was to consolidate all the audit bits into one pointer,
> isolating them from the rest of the kernel, restricting access only to
> helper functions to prevent abuse by other subsystems and trying to
> reduce kABI issues in the future.  I agree it is a bit more complex.  It
> was provoked by the need to add contid which seemed to make the most
> sense as a peer to loginuid and sessionid, and adding it to task_struct
> would have made it a bit too generic and available.
> 
> This is addressed at some length by Paul Moore here in v2:
> 	https://lkml.org/lkml/2018/4/18/759
> 
That makes sense. Thanks a lot for the clarification.

Guenter