[PATCH 7/7] keys: Add tracepoints for the keyrings facility
Justin Stitt
justinstitt at google.com
Sat Sep 28 02:03:29 UTC 2024
Hi,
On Wed, Aug 21, 2024 at 01:36:15PM GMT, David Howells wrote:
> Add some tracepoints to aid in debuggin the keyrings facility and
> applications that use it. A number of events and operations are traceable,
> including:
>
> - Allocation
> - Refcounting
> - Instantiation and negative instantiation/rejection
> - Update
> - Detection of key being dead
> - Key quota changes
> - Key quota failure
> - Link, unlink and move
> - Keyring clearance
> - Revocation and invalidation
> - Garbage collection
>
> Signed-off-by: David Howells <dhowells at redhat.com>
> cc: Jarkko Sakkinen <jarkko at kernel.org>
> cc: keyrings at vger.kernel.org
> cc: linux-security-module at vger.kernel.org
> ---
> include/trace/events/key.h | 401 +++++++++++++++++++++++++++++++++++++
> security/keys/gc.c | 4 +
> security/keys/internal.h | 1 +
> security/keys/key.c | 50 ++++-
> security/keys/keyctl.c | 2 +
> security/keys/keyring.c | 27 ++-
> 6 files changed, 472 insertions(+), 13 deletions(-)
> create mode 100644 include/trace/events/key.h
>
> diff --git a/include/trace/events/key.h b/include/trace/events/key.h
> new file mode 100644
> index 000000000000..b3f8c39cc0e8
> --- /dev/null
> +++ b/include/trace/events/key.h
> @@ -0,0 +1,401 @@
<snip>
> + TP_STRUCT__entry(
> + __field(key_serial_t, key)
> + __field(uid_t, uid)
> + __array(char, type, 8)
> + __array(char, desc, 24)
> + ),
> +
> + TP_fast_assign(
> + __entry->key = key->serial;
> + __entry->uid = from_kuid(&init_user_ns, key->uid);
> + strncpy(__entry->type, key->type->name, sizeof(__entry->type) - 1);
> + strncpy(__entry->desc, key->description ?: "", sizeof(__entry->desc) - 1);
> + __entry->type[sizeof(__entry->type) - 1] = 0;
> + __entry->desc[sizeof(__entry->desc) - 1] = 0;
Looks like these want to be NUL-terminated. Can we use strscpy or
strscpy_pad since strncpy is deprecated [1] for use on NUL-terminated
strings.
> + ),
> +
> + TP_printk("key=%08x uid=%08x t=%s d=%s",
> + __entry->key,
> + __entry->uid,
> + __entry->type,
> + __entry->desc)
> + );
> +
<snip>
[1]: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings
Thanks
Justin
More information about the Linux-security-module-archive
mailing list