[RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring
Paul Moore
paul at paul-moore.com
Wed Sep 15 14:12:08 UTC 2021
On Wed, Sep 15, 2021 at 8:29 AM Richard Guy Briggs <rgb at redhat.com> wrote:
> I was in the middle of reviewing the v2 patchset to add my acks when I
> forgot to add the comment that you still haven't convinced me that ses=
> isn't needed or relevant if we are including auid=.
[Side note: v3 was posted on Monday, it would be more helpful to see
the Reviewed-by tags on the v3 patchset.]
Ah, okay, it wasn't clear to me from your earlier comments that this
was your concern. It sounded as if you were arguing that both session
ID and audit ID needed to be logged for every io_uring op, which
doesn't make sense (as previously discussed). However, I see your
point, and in fact pulling the audit ID from @current in the
audit_log_uring() function is just plain wrong ... likely a vestige of
the original copy-n-paste or format matching, I'll drop that now.
Thanks.
While a small code change, it is somewhat significant so I'll post an
updated v4 patchset later today once it passes through a round of
testing.
--
paul moore
www.paul-moore.com
More information about the Linux-security-module-archive
mailing list