Received: by 2002:a05:6a10:a0d1:0:0:0:0 with SMTP id j17csp247252pxa; Fri, 21 Aug 2020 06:22:13 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx9OcHXaKac0xIaxRmgb5oNpfdF5b4VpO1GijVvqVSlZKHR7dLCig+K3LQev2spEvbrkZXR X-Received: by 2002:a05:6402:1386:: with SMTP id b6mr2777663edv.296.1598016132860; Fri, 21 Aug 2020 06:22:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1598016132; cv=none; d=google.com; s=arc-20160816; b=f0UK8Mh0xxkC5IEtOTLhYv2UxoAv8cbpdgYkGI6yCC098ai7ZuHzl2gWdP9MeIf7Lv PJxYwpcggNQjCagQC1d6jWHehplzmdXcRZUwjXfH57L9Iay5PwIZ8Te4PYmXjlnXRR/6 2iFtQLT3gtgR7WoqJ4wK9RADHPK/Raxiv0+qbSy77+RmK/dDz5dUat/DuOpTGEeXx/f4 azzAYb0133bf5Ee8lF1FRxUg+NM3jgRlld7tAlgVi2aVHtAMY5bomvv+UXEYQ2oyDdVk j59yU4lVAc5/feYiZ7unYsh0szBxNTU7es6u4fwqiNoVlkL5531C8GEjc63YGbkJDo1/ mSgw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=cVL+YBSTW0gTGAsJy7eQf6mIthH46kkGl4RlwWjQRJQ=; b=SJL3Je68j1a2ZxE2Rt1XD6NweP8KNI47jioqR+NmD20ROqRF7AreyxZOmi3au0fEXr TgTGQzjgCZF3OBbl2RGpWUMJxVJboHc7KMQIxMCJQMe+q+/NZmNkk191VmGRBMl306eB 3ooxp3kaj0UuToDC+p3xxLklO+UlLUsKpVZk8SBwBA+eekpyf6/67qH8MT/5TZRx5plg 2h8TfFbs7lKR5Qoio2bvUzOEiLZL0gd5JSXxKHMyyp75UeBweHGsGE//E9vE89wQCqwC hqLE5hsuV9Rtan16GkhxgXrea8s8tEhei5OkUO2BM/a9NJ0dPJu50uHbTJcz+Pu/qAJn RpZA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b="DC/fjH5u"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id e5si1180417ejq.390.2020.08.21.06.21.49; Fri, 21 Aug 2020 06:22:12 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b="DC/fjH5u"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728696AbgHUNT2 (ORCPT + 99 others); Fri, 21 Aug 2020 09:19:28 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33472 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727925AbgHUNT0 (ORCPT ); Fri, 21 Aug 2020 09:19:26 -0400 Received: from mail-ed1-x544.google.com (mail-ed1-x544.google.com [IPv6:2a00:1450:4864:20::544]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 90C0CC061575 for ; Fri, 21 Aug 2020 06:19:26 -0700 (PDT) Received: by mail-ed1-x544.google.com with SMTP id b2so1396355edw.5 for ; Fri, 21 Aug 2020 06:19:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=cVL+YBSTW0gTGAsJy7eQf6mIthH46kkGl4RlwWjQRJQ=; b=DC/fjH5uZhwsjMMnPsqy+Jzu9rgTcgAcImUv+ERIfaEdocpnRMpQq9pzp7JiZOxnC6 fyJ6crrJO0uxSv4D3YFWY6jmxhCEpV1yJ4H8U//Ic4uP8piMXL460DJw/YP9s8zrBXTg OyW4HfFUXAMHbqukuHlvcqIE46xNX4dWinKEfpefDrfNQnHDJ/xz+EQyMmNcz0stVtm6 Y3G8ZWQJQKUDn8vBvGMRQ2vxkDpxbcLC1tg29Rt1WCt/+FEYUoKZMdYQ4BHnsIGai+9+ MlY/+ehzJhto9kj6DICRKPfSQEeV3ZbN0YVOPmKVklhr4ugn1lbnvqrrEAIzjwoZ8+Eb 4lYw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=cVL+YBSTW0gTGAsJy7eQf6mIthH46kkGl4RlwWjQRJQ=; b=UIYUgJr1yzhWKGix5pTBv6lu0uu3TxmI57vhvQ0X+9L09xN+nE7MyZyCjdKmaUgjwd TLbJSFu+tMD+USTXmKPKcxSVT+PDlnwxlWP88AElBqZtn0sxbIwh2sSu+pHyHQqyOiPH Chpfj4S6LAjXc+3nXS5rIKltSeiINVKWfXa6feh7+l+M+tb7TrRwIn4Hkavsca5CZFjs HlWpb5Jz4yTp2VGsU16ZPvVNAbFIdB8ZF0/la0bUsYDdvQetgPVOx3O0EiEPnQcV5lpd jb+/Jo90EULoXEjuqEBGkzom0sCmmZc5IUxFEjGM452WBe3PLYuzr6GxEKDCcMyOGqAV ARnQ== X-Gm-Message-State: AOAM531nczdQUfb1zQyX0s2eKoHTp2HDxoSi39NzHnLOKVsE7QFSr40H eqTmILo6H1XF376zMRFlCJGf+Be4CLn/Bo9dZoZyaJw8Whxo X-Received: by 2002:aa7:c383:: with SMTP id k3mr2713274edq.164.1598015964731; Fri, 21 Aug 2020 06:19:24 -0700 (PDT) MIME-Version: 1.0 References: <20200817170729.2605279-1-tweek@google.com> <20200817170729.2605279-4-tweek@google.com> <0bb62de9-1020-a7c4-3a7f-48ae2f78e3b7@gmail.com> <20200817162933.79f69c66@oasis.local.home> <20200818120948.1a428da9@oasis.local.home> <66e6d84e-20b5-1bd3-e107-322f42ce35d3@gmail.com> <20200820223136.162850ce@oasis.local.home> In-Reply-To: From: Paul Moore Date: Fri, 21 Aug 2020 09:19:13 -0400 Message-ID: Subject: Re: [PATCH v3 3/3] selinux: add permission names to trace event To: Stephen Smalley Cc: Steven Rostedt , =?UTF-8?Q?Thi=C3=A9baud_Weksteen?= , Nick Kralevich , Peter Enderborg , Eric Paris , Ingo Molnar , Mauro Carvalho Chehab , "David S. Miller" , Rob Herring , linux-kernel , SElinux list Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Aug 21, 2020 at 8:29 AM Stephen Smalley wrote: > On Thu, Aug 20, 2020 at 10:31 PM Steven Rostedt wrote: > > On Wed, 19 Aug 2020 09:11:08 -0400 > > Stephen Smalley wrote: > > > > > So we'll need to update this plugin whenever we modify > > > security/selinux/include/classmap.h to keep them in sync. Is that a > > > concern? I don't suppose the plugin could directly include classmap.h? > > > I guess we'd have to export it as a public header. It isn't considered > > > to be part of the kernel API/ABI and can change anytime (but in practice > > > changes are not that frequent, and usually just additive in nature). > > > > Yes, it would require some stability between userspace and the plugin. > > If the value indexes don't change then that would work fine. If you add > > new ones, that too should be OK, just have a way to state "unknown" in > > the plugin. > > Since we introduced the dynamic class/perm mapping support, it has > been possible for the values of existing classes/permissions to > change, and that has happened at time, e.g. when we added watch > permissions to the common file perms, that shifted the values of the > class file perms like entrypoint, when we added the process2 class > right after the process class, it shifted the values of all the > subsequent classes in the classmap.h. So you can't rely on those > values remaining stable across kernel versions. I think it is becoming increasingly clear that generating the permission set string in userspace isn't really workable without breaking the dynamic class/permission mapping to some degree. Unfortunately I don't see these perf changes as a big enough "win" to offset the loss of the dynamic mapping loss. I'm okay with merging patches 1/3 and 2/3 wth the changes Stephen suggested, but I think we will need to leave patch 3/3 out of this for now. -- paul moore www.paul-moore.com