Received: by 2002:a05:7412:b995:b0:f9:9502:5bb8 with SMTP id it21csp347107rdb; Thu, 21 Dec 2023 10:46:29 -0800 (PST) X-Google-Smtp-Source: AGHT+IFq9HBo4359khc3abIQ+5P2zfxvZaBCMY9D4zSzHEWE86xqUeS9UXzDyXxQFUOczYxcwy8G X-Received: by 2002:a17:90a:2a4b:b0:28b:d83d:29a7 with SMTP id d11-20020a17090a2a4b00b0028bd83d29a7mr195430pjg.6.1703184389144; Thu, 21 Dec 2023 10:46:29 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1703184389; cv=none; d=google.com; s=arc-20160816; b=BMFsuhfz5zg6iZIQzPaAk7sTieZ7XKIsTD+MH6UHAt2zLBfQ1D2qHssaDRVYPBZlvP Ik/c/cp6aYPmc7emVPZ5IcPLg53WpTuYjwDjy33Iw2AM7BH4crJ7dxYVODF2QoTzBkWm KV2Jz9RGVk1ewnOJf5vfAgEEoEYtydKbp8xhkam0kghH3CkiIZNCJMhtdFVvNImA9NI0 CvR7Ln2Scmk8L+kdC8WCpkrrGK4DXyF7yx5M3q/GRst+pfnBSDGEfglFJVyvcqPKPtd5 HH288cgxVBxkdart0mlbcdcJkfIeEgPlr/e0OUtQkdiqpe+3RASXlfgMU1HpzhkdPLsK hTRQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:list-unsubscribe:list-subscribe:list-id:precedence :references:message-id:subject:cc:to:from:date:dkim-signature; bh=tTZJj/stq3vvt+KCrz5/tXdDBO8bHwca21l5bUq4YTQ=; fh=4d8YPi7DyD64u8cOf/sZ4HbPzTj/5FPXeAi71rXeGP0=; b=ULno7zlo+gQmFcC8zdNIS90KnvxcvgvzIQy/9X2QmZTwk6/svjX7sz+TQDnMmbw5Re kk9r+ucvZVRYwV0Mi+1KSYtnpCWtUXi54ausWSvoNYnGWPMslXE03zLAEdZTQFro7rWK ekgWhSstvmnScUVRkRYTIkXSmSA50+BNdKL/5pxJaQV3U4gs7eZduJXGq+uT4yTxH/KE 2jws6i3HEca6bTT3dLjPJNm7G/N+pb7oSoZToSw/hgXLWM/NAYAxxC+CVts3AR7TOXhi eoDpJPOXmsBq8LCXgRxYIO2ys60B0Efr7O5zLDCMfDXdBtPkA/MthJrLAoGuxyFP9s31 qnpQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@digikod.net header.s=20191114 header.b=Jz8p7OLm; spf=pass (google.com: domain of linux-kernel+bounces-8948-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-8948-linux.lists.archive=gmail.com@vger.kernel.org" Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [147.75.48.161]) by mx.google.com with ESMTPS id 33-20020a17090a09a400b0028bca4d6b53si1982644pjo.108.2023.12.21.10.46.28 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Dec 2023 10:46:29 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-8948-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) client-ip=147.75.48.161; Authentication-Results: mx.google.com; dkim=pass header.i=@digikod.net header.s=20191114 header.b=Jz8p7OLm; spf=pass (google.com: domain of linux-kernel+bounces-8948-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-8948-linux.lists.archive=gmail.com@vger.kernel.org" Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 576F2B2329E for ; Thu, 21 Dec 2023 18:46:24 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 9E15E64ABD; Thu, 21 Dec 2023 18:46:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=digikod.net header.i=@digikod.net header.b="Jz8p7OLm" X-Original-To: linux-kernel@vger.kernel.org Received: from smtp-190d.mail.infomaniak.ch (smtp-190d.mail.infomaniak.ch [185.125.25.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 56EF31F601 for ; Thu, 21 Dec 2023 18:46:09 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=digikod.net Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=digikod.net Received: from smtp-2-0001.mail.infomaniak.ch (unknown [10.5.36.108]) by smtp-2-3000.mail.infomaniak.ch (Postfix) with ESMTPS id 4SwzsQ3Q0nzMqGk7; Thu, 21 Dec 2023 18:46:02 +0000 (UTC) Received: from unknown by smtp-2-0001.mail.infomaniak.ch (Postfix) with ESMTPA id 4SwzsP3FQGzMpnPr; Thu, 21 Dec 2023 19:46:01 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=digikod.net; s=20191114; t=1703184362; bh=deZ4ghKKW+5Po8LBWBxHHxYPzl2S7/Qg+OvXDshhnrM=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=Jz8p7OLmX78jTpuk4kL02zFarFURPfJdjmw6+227t89uuSC68b28T/PC/SkASES5u ckyTHkqqxniGinRQFpTFRYcLcqT9KoaXxnRqoFX1DR45RdqCqjlda9qA/c1f5TelyL djbtHsneUnctKlH+l2sewJbAGYIsN/7/Nz9my3pY= Date: Thu, 21 Dec 2023 19:45:58 +0100 From: =?utf-8?Q?Micka=C3=ABl_Sala=C3=BCn?= To: Paul Moore Cc: Eric Paris , James Morris , "Serge E . Hallyn" , Ben Scarlato , =?utf-8?Q?G=C3=BCnther?= Noack , Jeff Xu , Jorge Lucangeli Obes , Konstantin Meskhidze , Shervin Oloumi , audit@vger.kernel.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org Subject: Re: [RFC PATCH v1 4/7] landlock: Log domain creation and enforcement Message-ID: <20231221.doe8Aebae8vi@digikod.net> References: <20230921061641.273654-1-mic@digikod.net> <20230921061641.273654-5-mic@digikod.net> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: X-Infomaniak-Routing: alpha On Wed, Dec 20, 2023 at 04:22:22PM -0500, Paul Moore wrote: > On Thu, Sep 21, 2023 at 2:17 AM Mickaël Salaün wrote: > > > > Add audit support for domain creation, i.e. task self-restriction. > > > > Signed-off-by: Mickaël Salaün > > --- > > security/landlock/audit.c | 24 ++++++++++++++++++++++++ > > security/landlock/audit.h | 8 ++++++++ > > security/landlock/syscalls.c | 4 ++++ > > 3 files changed, 36 insertions(+) > > > > diff --git a/security/landlock/audit.c b/security/landlock/audit.c > > index f58bd529784a..d9589d07e126 100644 > > --- a/security/landlock/audit.c > > +++ b/security/landlock/audit.c > > @@ -84,6 +84,30 @@ void landlock_log_create_ruleset(struct landlock_ruleset *const ruleset) > > audit_log_end(ab); > > } > > > > +void landlock_log_restrict_self(struct landlock_ruleset *const domain, > > + struct landlock_ruleset *const ruleset) > > +{ > > + struct audit_buffer *ab; > > + > > + WARN_ON_ONCE(domain->id); > > + WARN_ON_ONCE(!ruleset->id); > > + > > + ab = audit_log_start(audit_context(), GFP_ATOMIC, AUDIT_LANDLOCK); > > + if (!ab) > > + /* audit_log_lost() call */ > > + return; > > + > > + domain->hierarchy->id = > > + atomic64_inc_return(&ruleset_and_domain_counter); > > + log_task(ab); > > + audit_log_format(ab, " op=restrict-self domain=%llu ruleset=%llu", > > + domain->hierarchy->id, ruleset->id); > > If domain creation and self restriction are the same, I would suggest > going with "op=create-domain" so it better matches "op=release-domain" > in patch 3/7. OK, I'll do something more consistent. > > Also see my previous comment about consistency between AUDIT_LANDLOCK records. > > > + audit_log_format( > > + ab, " parent=%llu", > > + domain->hierarchy->parent ? domain->hierarchy->parent->id : 0); > > + audit_log_end(ab); > > +} > > -- > paul-moore.com >