Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp3835557ybt;
        Sun, 5 Jul 2020 08:12:28 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJyrLbGIW1EpFWnx8ClMg2LQt+1QmnxqzlanMz7TJVeRIq4UR/lR47LOg8o7CKuIhU8iPM4c
X-Received: by 2002:a17:907:20d1:: with SMTP id qq17mr40763596ejb.214.1593961948225;
        Sun, 05 Jul 2020 08:12:28 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1593961948; cv=none;
        d=google.com; s=arc-20160816;
        b=Cx0EY+8DO/m5AUhhb8tq1eLgPOjyDQBCkxfhJ173TtUm7DF5b1Se81ZI2LwgZ1A2FO
         irOY9/1qNuEZhwtrQ2KHW7q5XRapmZjs0zKTipxN5wW0zcRMmI1ny9bMLCkN9cQJYcQr
         kOrXDv897cRiJWZY+aKjpXpjtTUVBfKkwECbt25GJpTEH+R7Au836MiWn9Ib2+O6tQLT
         anUCxyyqMdacvkV5PDiV+aHiLtv3KFlbfaGFD1aJBkYP1HtTXftTqIx9+TUDP1oykg6m
         4mjXbzGfxdPCZxWjo0tuUZ80VVBjqQg3CKocflY1xZZNiX7dQ6Ry5YTAlVnIvQoDyk6y
         yPnA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:dkim-signature;
        bh=2tHsNsc85oEMgxfMe/9ECsv9KY90m64bzbMRR9357CU=;
        b=ViavqWaCOw690r8ZAz2TAuBmy9hE7KiXkRPGLTL9qFDCdygoR13P1s/IZa+YQ4IQSm
         Sgrok13+miexJVRNEXdjidugve/qvP9bWPYDcLHqins72ZP76t6AC6GfzQ4azFTDtBgj
         GjX3h2JOprjdHYdh2C3GrAM0D3tM27PPx8o0SzG/qC2xIUdeJTN9srMq2i0NnISfKyVC
         vRPQoYtamXGS4Txa2rdRQAh0rGY0bC05Ti+73g6/7KDqgPO9Lx4cAYRP5TGAx8bWD1Br
         jCDVNfV6n6yl5cZQVDflBE7I/hoIGouxLE2K33hBvqp4A+vhTx1PD6fkStiXGPpEZjjJ
         SsMw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=Hbpzh2mk;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id n1si11455022edy.409.2020.07.05.08.12.05;
        Sun, 05 Jul 2020 08:12:28 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=Hbpzh2mk;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727981AbgGEPLZ (ORCPT <rfc822;0330sisy@gmail.com> + 99 others);
        Sun, 5 Jul 2020 11:11:25 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39216 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1727839AbgGEPLY (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sun, 5 Jul 2020 11:11:24 -0400
Received: from mail-ej1-x641.google.com (mail-ej1-x641.google.com [IPv6:2a00:1450:4864:20::641])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 44F12C08C5E0
        for <linux-kernel@vger.kernel.org>; Sun,  5 Jul 2020 08:11:24 -0700 (PDT)
Received: by mail-ej1-x641.google.com with SMTP id dr13so39776240ejc.3
        for <linux-kernel@vger.kernel.org>; Sun, 05 Jul 2020 08:11:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=paul-moore-com.20150623.gappssmtp.com; s=20150623;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=2tHsNsc85oEMgxfMe/9ECsv9KY90m64bzbMRR9357CU=;
        b=Hbpzh2mkywq3PINoKnKvIeWREaFlJ3B37cTwpnx5RerTgpbuKhSZPwrsl1vLicqVxn
         ppPB4hWBeYerbw9BThTxK+n8qqf2CdjU6s1IapyqlR2OMNy+nRTlEXRsvO55prOmzSfR
         GdJuNL11UHoSywYCM3N0fE+L0KDjyeW5bA0QLIHmCIHZMOCWUhHXaRZ43bxKjdjMI7bD
         l+lzN56NXJzBqSPgPsICGEuAOksqaFb7tK3H4T7GjSYbz1pnMTuBMKKgASJ99mLUoqmU
         dkZrcvT0qaRaKCHuU/YsajwEu9OLxgMbwVVylVTd94Q+LxGxTmDXntTiK6+kU/1BOiQp
         yhkg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=2tHsNsc85oEMgxfMe/9ECsv9KY90m64bzbMRR9357CU=;
        b=Vvd2nNXQRhc11Rc8SKDeMYc7pIG1+uHI5TPFHG6wzQ4ijda2/icoT51AcqnUeVTuif
         6B7iHiOuuE88tM5vU28OdgxWbYkHX05U3Ewe1N4E5xtqg1MyQCM6u9F+9QkrIM8HEARd
         kTVj9zbeYF+on+k83gSOhyXPBUsKN2HN1e7DMqOGxTYL7wNeFkp78i0GgnrrDxriqPav
         gCaZUiWIP4fdZPYGwYcqOr4X8mN32UDniDvKE/v6BWq84PdDE96du47bjmuWl+60dQLV
         xOwCJGzh+blRc7kFP+IQeskG4Dguya5XXjJklmi8csgq/wfsxtauvTBb0+quYGG1Xkdf
         eF+g==
X-Gm-Message-State: AOAM532vyr3KCaKP5MvqPao4JdTB/VMzh0yTnHxo4JMkxK3zgqFQEM3D
        9yH1dEriCL47aL+ove0qX8mFFnQ6t3Q4aC9FgsoW
X-Received: by 2002:a17:906:aac9:: with SMTP id kt9mr36448175ejb.488.1593961882949;
 Sun, 05 Jul 2020 08:11:22 -0700 (PDT)
MIME-Version: 1.0
References: <cover.1593198710.git.rgb@redhat.com> <4a5019ed3cfab416aeb6549b791ac6d8cc9fb8b7.1593198710.git.rgb@redhat.com>
In-Reply-To: <4a5019ed3cfab416aeb6549b791ac6d8cc9fb8b7.1593198710.git.rgb@redhat.com>
From:   Paul Moore <paul@paul-moore.com>
Date:   Sun, 5 Jul 2020 11:11:11 -0400
Message-ID: <CAHC9VhSwMEZrq0dnaXmPi=bu0NgUtWPuw-2UGDrQa6TwxWkZtw@mail.gmail.com>
Subject: Re: [PATCH ghak90 V9 08/13] audit: add containerid support for user records
To:     Richard Guy Briggs <rgb@redhat.com>
Cc:     containers@lists.linux-foundation.org, linux-api@vger.kernel.org,
        Linux-Audit Mailing List <linux-audit@redhat.com>,
        linux-fsdevel@vger.kernel.org, LKML <linux-kernel@vger.kernel.org>,
        netdev@vger.kernel.org, netfilter-devel@vger.kernel.org,
        sgrubb@redhat.com, Ondrej Mosnacek <omosnace@redhat.com>,
        dhowells@redhat.com, simo@redhat.com,
        Eric Paris <eparis@parisplace.org>,
        Serge Hallyn <serge@hallyn.com>, ebiederm@xmission.com,
        nhorman@tuxdriver.com, Dan Walsh <dwalsh@redhat.com>,
        mpatel@redhat.com
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Sat, Jun 27, 2020 at 9:23 AM Richard Guy Briggs <rgb@redhat.com> wrote:
>
> Add audit container identifier auxiliary record to user event standalone
> records.
>
> Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
> Acked-by: Neil Horman <nhorman@tuxdriver.com>
> Reviewed-by: Ondrej Mosnacek <omosnace@redhat.com>
> ---
>  kernel/audit.c | 19 ++++++++++++-------
>  1 file changed, 12 insertions(+), 7 deletions(-)
>
> diff --git a/kernel/audit.c b/kernel/audit.c
> index 54dd2cb69402..997c34178ee8 100644
> --- a/kernel/audit.c
> +++ b/kernel/audit.c
> @@ -1507,6 +1504,14 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
>                                 audit_log_n_untrustedstring(ab, str, data_len);
>                         }
>                         audit_log_end(ab);
> +                       rcu_read_lock();
> +                       cont = _audit_contobj_get(current);
> +                       rcu_read_unlock();
> +                       audit_log_container_id(context, cont);
> +                       rcu_read_lock();
> +                       _audit_contobj_put(cont);
> +                       rcu_read_unlock();
> +                       audit_free_context(context);

I haven't searched the entire patchset, but it seems like the pattern
above happens a couple of times in this patchset, yes?  If so would it
make sense to wrap the above get/log/put in a helper function?

Not a big deal either way, I'm pretty neutral on it at this point in
the patchset but thought it might be worth mentioning in case you
noticed the same and were on the fence.

--
paul moore
www.paul-moore.com