Received: by 2002:a05:6358:489b:b0:bb:da1:e618 with SMTP id x27csp135537rwn; Wed, 7 Sep 2022 13:50:59 -0700 (PDT) X-Google-Smtp-Source: AA6agR4I/AiHEqYAG42u5Jz8Wc2V13U4qv17z5wQqBXC4MVj9bFAbRztKs4lt1393x9epEzGXoyE X-Received: by 2002:a63:83c6:0:b0:42b:bb27:91a4 with SMTP id h189-20020a6383c6000000b0042bbb2791a4mr4827894pge.61.1662583858837; Wed, 07 Sep 2022 13:50:58 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1662583858; cv=none; d=google.com; s=arc-20160816; b=B+ZFWihTKQYhk9Cxoi23G5xmEj8K2GQ73/2IwLqBGk+8OEmd/2tj7MsSmWMpcfFFAk DyUWbMU4TPC0wACBT53k3iMxOxEyte702kVjvJnAUx9IIA67kkM1p1YeeXKco299PXlo M19/imTQJ9Pcj75YwYwbiTSvkrOWqBwDipyBN8Dv2eim59XwvVbFFKjLZPN7FdCCPLCo U3+RKdOFgCawymV/8g7gxuqLubx6nyTj7chHQOCUNL3es4RyyPGqtHtaVI6vMAFZyH30 mu4rgfC62eYU+P13Kakf7zpdGDfHe1qPFP4DA7qs+uO3CsP+2QBKpXqVWobctRHG7TNC LowA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=KcEWNmQCFEGlwSCr9ZMLZUL2o8HZZDxeYrIRyVxUuzQ=; b=ega4yRS8QSvTVeYbonlygdnt82Q6jELoANRMWXzqMaygvIvEbrTHwT27dhKZOGkjS4 svS0HSbnWSUEuRKuzPyPiOxjtq+qyic0PcHm31mH7zwYcr1gRhk77TErj+L2sdK9Bs6x jmQyMGFSnp1TxKtPtzVYb6KLin0HzQh33TMt73oe6RYjpHWbF0hJnK/fZjSOUaxx931w BddiAcnjlD6W2C/IfCsfHiQdXjfEwI/CrC9A1vAGeD3ljpJELIUpb29Vi7CAIYy4GgkX otPVXFFvYf7EDXXv94Aqvl4kdcyUGCnPfvjgpkQmtCuo2I2q4AvxbpnL/UE+mhRpPNwg NajQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@paul-moore-com.20210112.gappssmtp.com header.s=20210112 header.b=zK84tTcQ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id n6-20020a170903110600b00172f1c0ff49si19653325plh.28.2022.09.07.13.50.47; Wed, 07 Sep 2022 13:50:58 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@paul-moore-com.20210112.gappssmtp.com header.s=20210112 header.b=zK84tTcQ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229721AbiIGUYD (ORCPT + 99 others); Wed, 7 Sep 2022 16:24:03 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39144 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229472AbiIGUYB (ORCPT ); Wed, 7 Sep 2022 16:24:01 -0400 Received: from mail-ot1-x32e.google.com (mail-ot1-x32e.google.com [IPv6:2607:f8b0:4864:20::32e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 96B38C12E0 for ; Wed, 7 Sep 2022 13:24:00 -0700 (PDT) Received: by mail-ot1-x32e.google.com with SMTP id h9-20020a9d5549000000b0063727299bb4so11015480oti.9 for ; Wed, 07 Sep 2022 13:24:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore-com.20210112.gappssmtp.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date; bh=KcEWNmQCFEGlwSCr9ZMLZUL2o8HZZDxeYrIRyVxUuzQ=; b=zK84tTcQN8WWOYXDo4qDxzUBX21SjObgSyQnROD7QfT0srJbajghxH/nwF4yGOfc3P vYxgMj1xWzMnI+OpdUZkyOX5bklNhiaHgV4UuZGxKxj7yN8jrvmDplhg3HfNE4CvFqro z1hpPvVQb4tmJIl0uJSbAokY82CgR6WOH1dwEaqQj6SSlTEYVWkvfh//xWMcNvwZhvyK bAAdbDAUCqk5xdrnlNAFZhy3YCdaKzaWAQyaR7dP3e1GTyRFkPQauVONNwIqIn7XtpCE eyqloBOaxfRxwm8Q4jwnclnJVHt6zU7TVwikWWwW1CQmHtn4cO/5UBzIel1Ny58hUm1F sBfQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date; bh=KcEWNmQCFEGlwSCr9ZMLZUL2o8HZZDxeYrIRyVxUuzQ=; b=z/N43i4ae34tsIQyR+1uyHEaCPEv8vhiigeBWVlicu+DaTr0uSzpaMGDFQJIjbLoBI c4O8QnOBVaMd4cD9t+gl3hh32T/zuKTWf71YoSw/9BPys+FqfpwoSJS6JCRG6vaJAw4O Dsl3DbMZ1Tj1T/7eyBL4c2aWXzTmBJzEOA1Vp1kt+i6LxmRZbxAY3/cFQwSJj4O4IGLg gSOZKOSGw20lt82gkB1gL9/OebCpCwPKeFj3KpQ+iXF7x668iVXHk6rirb2tbVaziAqf QP/Ice0ojXXDaXfyDZ0y/goD6+VNw5LeyEBBa57/ONeeu7THSfC3+kiNN617+dn9111L 9CZA== X-Gm-Message-State: ACgBeo2DDj7l3RjC+tLvOZNz/3h9mJwF1RK5s+WQWC+29Xz9n8nLAynj fKRVrQC/0wgx2guBRVbrTI/3nY8s+P1Xy+FsrRRS X-Received: by 2002:a9d:2de3:0:b0:638:e210:c9da with SMTP id g90-20020a9d2de3000000b00638e210c9damr2143948otb.69.1662582239884; Wed, 07 Sep 2022 13:23:59 -0700 (PDT) MIME-Version: 1.0 References: <4753948.GXAFRqVoOG@x2> In-Reply-To: <4753948.GXAFRqVoOG@x2> From: Paul Moore Date: Wed, 7 Sep 2022 16:23:49 -0400 Message-ID: Subject: Re: [PATCH v4 3/4] fanotify,audit: Allow audit to use the full permission event response To: Steve Grubb Cc: Richard Guy Briggs , Jan Kara , Linux-Audit Mailing List , LKML , linux-fsdevel@vger.kernel.org, Eric Paris , Amir Goldstein Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_NONE, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Sep 7, 2022 at 4:11 PM Steve Grubb wrote: > On Wednesday, September 7, 2022 2:43:54 PM EDT Richard Guy Briggs wrote: > > > > Ultimately I guess I'll leave it upto audit subsystem what it wants to > > > > have in its struct fanotify_response_info_audit_rule because for > > > > fanotify subsystem, it is just an opaque blob it is passing. > > > > > > In that case, let's stick with leveraging the type/len fields in the > > > fanotify_response_info_header struct, that should give us all the > > > flexibility we need. > > > > > > Richard and Steve, it sounds like Steve is already aware of additional > > > information that he wants to send via the > > > fanotify_response_info_audit_rule struct, please include that in the > > > next revision of this patchset. I don't want to get this merged and > > > then soon after have to hack in additional info. > > > > Steve, please define the type and name of this additional field. > > Maybe extra_data, app_data, or extra_info. Something generic that can be > reused by any application. Default to 0 if not present. I think the point is being missed ... The idea is to not speculate on additional fields, as discussed we have ways to handle that, the issue was that Steve implied that he already had ideas for "things" he wanted to add. If there are "things" that need to be added, let's do that now, however if there is just speculation that maybe someday we might need to add something else we can leave that until later. -- paul-moore.com