Re: [PATCH v3 3/3] selinux: add permission names to trace event

On Fri, Aug 21, 2020 at 9:21 AM Thiébaud Weksteen wrote: >> >> I'm okay with merging patches 1/3 and 2/3 wth the changes Stephen >> suggested, but I think we will need to leave patch 3/3 out of this for >> now. > > That works for me. Can you respin patches 1 and two with those changes and repost?

Re: [PATCH v3 3/3] selinux: add permission names to trace event

On 8/21/20 3:19 PM, Paul Moore wrote: > On Fri, Aug 21, 2020 at 8:29 AM Stephen Smalley > wrote: >> On Thu, Aug 20, 2020 at 10:31 PM Steven Rostedt wrote: >>> On Wed, 19 Aug 2020 09:11:08 -0400 >>> Stephen Smalley wrote: >>> So we'll need to update this plugin whenever we modify securi

Re: [PATCH v3 3/3] selinux: add permission names to trace event

On Fri, Aug 21, 2020 at 8:29 AM Stephen Smalley wrote: > On Thu, Aug 20, 2020 at 10:31 PM Steven Rostedt wrote: > > On Wed, 19 Aug 2020 09:11:08 -0400 > > Stephen Smalley wrote: > > > > > So we'll need to update this plugin whenever we modify > > > security/selinux/include/classmap.h to keep the

Re: [PATCH v3 3/3] selinux: add permission names to trace event

On Fri, Aug 21, 2020 at 8:15 AM Stephen Smalley wrote: > > On Thu, Aug 20, 2020 at 10:22 PM Paul Moore wrote: > > > > On Tue, Aug 18, 2020 at 8:14 AM Stephen Smalley > > wrote: > > > On Tue, Aug 18, 2020 at 4:11 AM peter enderborg > > > wrote: > > > > ... > > > > > > Is there any other things

Re: [PATCH v3 3/3] selinux: add permission names to trace event

On Thu, Aug 20, 2020 at 10:31 PM Steven Rostedt wrote: > > On Wed, 19 Aug 2020 09:11:08 -0400 > Stephen Smalley wrote: > > > So we'll need to update this plugin whenever we modify > > security/selinux/include/classmap.h to keep them in sync. Is that a > > concern? I don't suppose the plugin cou

Re: [PATCH v3 3/3] selinux: add permission names to trace event

On Thu, Aug 20, 2020 at 10:22 PM Paul Moore wrote: > > On Tue, Aug 18, 2020 at 8:14 AM Stephen Smalley > wrote: > > On Tue, Aug 18, 2020 at 4:11 AM peter enderborg > > wrote: > > ... > > > > Is there any other things we need to fix? A part 1&2 now OK? > > > > They looked ok to me, but Paul shou

Re: [PATCH v3 3/3] selinux: add permission names to trace event

On 8/21/20 4:22 AM, Paul Moore wrote: > On Tue, Aug 18, 2020 at 8:14 AM Stephen Smalley > wrote: >> On Tue, Aug 18, 2020 at 4:11 AM peter enderborg >> wrote: > ... > >>> Is there any other things we need to fix? A part 1&2 now OK? >> They looked ok to me, but Paul should review them. > Patches 1

Re: [PATCH v3 3/3] selinux: add permission names to trace event

On Wed, 19 Aug 2020 09:11:08 -0400 Stephen Smalley wrote: > So we'll need to update this plugin whenever we modify > security/selinux/include/classmap.h to keep them in sync.  Is that a > concern?  I don't suppose the plugin could directly include classmap.h?  > I guess we'd have to export it

Re: [PATCH v3 3/3] selinux: add permission names to trace event

On Tue, Aug 18, 2020 at 8:14 AM Stephen Smalley wrote: > On Tue, Aug 18, 2020 at 4:11 AM peter enderborg > wrote: ... > > Is there any other things we need to fix? A part 1&2 now OK? > > They looked ok to me, but Paul should review them. Patches 1 and 2 look fine to me with the small nits tha

Re: [PATCH v3 3/3] selinux: add permission names to trace event

On 8/18/20 12:09 PM, Steven Rostedt wrote: On Mon, 17 Aug 2020 16:29:33 -0400 Steven Rostedt wrote: On Mon, 17 Aug 2020 16:13:29 -0400 Stephen Smalley wrote: Does this require a corresponding patch to userspace?  Otherwise, I get the following: libtraceevent: No such file or directory  

Re: [PATCH v3 3/3] selinux: add permission names to trace event

On Mon, 17 Aug 2020 16:29:33 -0400 Steven Rostedt wrote: > On Mon, 17 Aug 2020 16:13:29 -0400 > Stephen Smalley wrote: > > > Does this require a corresponding patch to userspace?  Otherwise, I get > > the following: > > > > libtraceevent: No such file or directory > >   [avc:selinux_audited]

Re: [PATCH v3 3/3] selinux: add permission names to trace event

On Tue, Aug 18, 2020 at 4:11 AM peter enderborg wrote: > > On 8/17/20 10:16 PM, Stephen Smalley wrote: > > On 8/17/20 1:07 PM, Thiébaud Weksteen wrote: > > > >> From: Peter Enderborg > >> > >> In the print out add permissions, it will look like: > >> <...>-1042 [007] 201.965142: seli

Re: [PATCH v3 3/3] selinux: add permission names to trace event

On 8/17/20 10:16 PM, Stephen Smalley wrote: > On 8/17/20 1:07 PM, Thiébaud Weksteen wrote: > >> From: Peter Enderborg >> >> In the print out add permissions, it will look like: >> <...>-1042  [007]    201.965142: selinux_audited: >> requested=0x400 denied=0x400 audited=0x4000

Re: [PATCH v3 3/3] selinux: add permission names to trace event

On Mon, 17 Aug 2020 16:13:29 -0400 Stephen Smalley wrote: > Does this require a corresponding patch to userspace?  Otherwise, I get > the following: > > libtraceevent: No such file or directory >   [avc:selinux_audited] function avc_trace_perm_to_name not defined Yes, we need to add a plugin

Re: [PATCH v3 3/3] selinux: add permission names to trace event

On 8/17/20 1:07 PM, Thiébaud Weksteen wrote: From: Peter Enderborg In the print out add permissions, it will look like: <...>-1042 [007] 201.965142: selinux_audited: requested=0x400 denied=0x400 audited=0x400 result=-13 scontext=system_u:system_r:cupsd_t

Re: [PATCH v3 3/3] selinux: add permission names to trace event

On 8/17/20 1:07 PM, Thiébaud Weksteen wrote: From: Peter Enderborg In the print out add permissions, it will look like: <...>-1042 [007] 201.965142: selinux_audited: requested=0x400 denied=0x400 audited=0x400 result=-13 scontext=system_u:system_r:cupsd_t

[PATCH v3 3/3] selinux: add permission names to trace event

From: Peter Enderborg In the print out add permissions, it will look like: <...>-1042 [007] 201.965142: selinux_audited: requested=0x400 denied=0x400 audited=0x400 result=-13 scontext=system_u:system_r:cupsd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:bin_t