> Merged into selinux/next, thanks!
Thanks everyone for the reviews and constructive feedback!
:system_r:cupsd_t:s0-s0:c0.c1023
tcontext=system_u:object_r:bin_t:s0 tclass=file
runcon-1365 [003] 6960.955560:
=> <7f325b4ce45b>
=> <5607093efa57>
Signed-off-by: Peter Enderborg
Reviewed-by: Thiébaud Weksteen
---
include/trace/events/avc.h |
ped to a class by searching
security/selinux/flask.h. The audited value is a bit field of the
permissions described in security/selinux/av_permissions.h for the
corresponding class.
[1] https://source.android.com/devices/tech/debug/native_stack_dump
Signed-off-by: Thiébaud Weksteen
Suggested-by: J
patch to include decoded permissions.
- Remove ssid and tsid from attributes list.
- Update commit log with more context.
Peter Enderborg (1):
selinux: add basic filtering for audit trace events
Thiébaud Weksteen (1):
selinux: add tracepoint on audited events
MAINTAINERS| 1
ped to a class by searching
security/selinux/flask.h. The audited value is a bit field of the
permissions described in security/selinux/av_permissions.h for the
corresponding class.
[1] https://source.android.com/devices/tech/debug/native_stack_dump
Signed-off-by: Thiébaud Weksteen
Suggested-by: J
:system_r:cupsd_t:s0-s0:c0.c1023
tcontext=system_u:object_r:bin_t:s0 tclass=file
runcon-1365 [003] 6960.955560:
=> <7f325b4ce45b>
=> <5607093efa57>
Signed-off-by: Peter Enderborg
Reviewed-by: Thiébaud Weksteen
---
include/trace/events/avc.h |
context.
Peter Enderborg (2):
selinux: add basic filtering for audit trace events
selinux: add permission names to trace event
Thiébaud Weksteen (1):
selinux: add tracepoint on denials
MAINTAINERS| 1 +
include/trace/events/avc.h | 60
ed or
requested attributes.
Suggested-by: Steven Rostedt
Suggested-by: Stephen Smalley
Reviewed-by: Thiébaud Weksteen
Signed-off-by: Peter Enderborg
---
include/trace/events/avc.h | 11 +--
security/selinux/avc.c | 36
2 files changed, 45 insertions(+),
On Thu, Aug 13, 2020 at 5:41 PM Stephen Smalley
wrote:
>
> An explanation here of how one might go about decoding audited and
> tclass would be helpful to users (even better would be a script to do it
> for them). Again, I know how to do that but not everyone using
> perf/ftrace will.
What
s the internal numeric representation of scontext
and tsid is numeric for tcontext. They are useful for filtering.
Signed-off-by: Peter Enderborg
Reviewed-by: Thiébaud Weksteen
---
v2 changes:
- update changelog to include usage examples
include/trace/events/avc.h | 41 +
com/devices/tech/debug/native_stack_dump
Signed-off-by: Thiébaud Weksteen
Suggested-by: Joel Fernandes
Reviewed-by: Peter Enderborg
---
v2 changes:
- update changelog to include usage examples
MAINTAINERS| 1 +
include/trace/events/avc.h |
-by: Thiébaud Weksteen
Suggested-by: Joel Fernandes
Reviewed-by: Peter Enderborg
---
MAINTAINERS| 1 +
include/trace/events/avc.h | 37 +
security/selinux/avc.c | 5 +
3 files changed, 43 insertions(+)
create mode 100644 include/trace
From: Peter Enderborg
Add further attributes to filter the trace events from AVC.
Signed-off-by: Peter Enderborg
Reviewed-by: Thiébaud Weksteen
---
include/trace/events/avc.h | 41 --
security/selinux/avc.c | 22 +++-
2 files changed
Thanks Peter, this looks like a great start.
> Perhaps the two of you could work together to come up with a common
tracepoint that addresses both needs.
Agreed.
> 1 Filtering. Types goes to trace so we can put up a filter for contexts or
> type etc.
That's right. I think this is the main
On Tue, Jul 28, 2020 at 6:20 PM Paul Moore wrote:
> I probably wasn't as clear as I should have been. I think it would be
> helpful if you demonstrated how one would take the SELinux data in the
> perf event and translated that into something meaningful.
So the data itself is not that relevant.
On Tue, Jul 28, 2020 at 5:12 PM Paul Moore wrote:
> Perhaps it would be helpful if you provided an example of how one
> would be expected to use this new tracepoint? That would help put
> things in the proper perspective.
The best example is the one I provided in the commit message, that is
On Tue, Jul 28, 2020 at 3:12 PM Steven Rostedt wrote:
> Where in that document does it say that trace events have a fixed size.
> We have a lot of dynamically sized trace events.
My mistake. From the "format" pseudo-file, I assumed the offset and
size were fixed.
> Please take a look at
On Tue, Jul 28, 2020 at 3:04 PM Stephen Smalley
wrote:
> Ok, also please use unsigned int for the fields and %u for the cls value.
Will do in v3. Thanks.
-by: Thiébaud Weksteen
Signed-off-by: Joel Fernandes
---
Changes in v2:
- Replace %d formatter with %x
- Replace TRACE_EVENT with TRACE_EVENT_CONDITION
- Add pid to structure and printk
- Rename structure fields for clarity
MAINTAINERS| 1 +
include/trace/events/selinux.h | 39
of the printk, which should be sufficient for the correlation.
On Fri, Jul 24, 2020 at 3:55 PM Paul Moore wrote:
>
> On Fri, Jul 24, 2020 at 9:32 AM Stephen Smalley
> wrote:
> > On Fri, Jul 24, 2020 at 5:15 AM Thiébaud Weksteen wrote:
> > > The audit data currently captures
-by: Thiébaud Weksteen
Signed-off-by: Joel Fernandes
---
MAINTAINERS| 1 +
include/trace/events/selinux.h | 35 ++
security/selinux/avc.c | 6 ++
3 files changed, 42 insertions(+)
create mode 100644 include/trace/events/selinux.h
diff
Hi Jan,
I've been working on lx_current and cpus.py to support other architectures
than just x86. From my understanding, current/get_current are not available
with the default debug option (-g). We could either modify that level so that
the inline functions/macros are available or reimplement
Hi Jan,
I've been working on lx_current and cpus.py to support other architectures
than just x86. From my understanding, current/get_current are not available
with the default debug option (-g). We could either modify that level so that
the inline functions/macros are available or reimplement
Signed-off-by: Thiébaud Weksteen
---
scripts/gdb/linux/tasks.py | 16
1 file changed, 16 insertions(+)
diff --git a/scripts/gdb/linux/tasks.py b/scripts/gdb/linux/tasks.py
index 0fa33b0..862a4ae 100644
--- a/scripts/gdb/linux/tasks.py
+++ b/scripts/gdb/linux/tasks.py
@@ -66,6
Signed-off-by: Thiébaud Weksteen
---
scripts/gdb/linux/tasks.py | 2 --
1 file changed, 2 deletions(-)
diff --git a/scripts/gdb/linux/tasks.py b/scripts/gdb/linux/tasks.py
index 89d38e1..0fa33b0 100644
--- a/scripts/gdb/linux/tasks.py
+++ b/scripts/gdb/linux/tasks.py
@@ -20,7 +20,6 @@ task_type
Signed-off-by: Thiébaud Weksteen thieb...@weksteen.fr
---
scripts/gdb/linux/tasks.py | 16
1 file changed, 16 insertions(+)
diff --git a/scripts/gdb/linux/tasks.py b/scripts/gdb/linux/tasks.py
index 0fa33b0..862a4ae 100644
--- a/scripts/gdb/linux/tasks.py
+++ b/scripts/gdb/linux
Signed-off-by: Thiébaud Weksteen thieb...@weksteen.fr
---
scripts/gdb/linux/tasks.py | 2 --
1 file changed, 2 deletions(-)
diff --git a/scripts/gdb/linux/tasks.py b/scripts/gdb/linux/tasks.py
index 89d38e1..0fa33b0 100644
--- a/scripts/gdb/linux/tasks.py
+++ b/scripts/gdb/linux/tasks.py
Signed-off-by: Thiébaud Weksteen
---
scripts/gdb/linux/dmesg.py | 1 -
scripts/gdb/linux/symbols.py | 9 -
scripts/gdb/linux/tasks.py | 2 ++
scripts/gdb/linux/utils.py | 2 +-
4 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/scripts/gdb/linux/dmesg.py b/scripts/gdb
Signed-off-by: Thiébaud Weksteen
---
scripts/gdb/linux/utils.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scripts/gdb/linux/utils.py b/scripts/gdb/linux/utils.py
index 128c306..d7ff3a3 100644
--- a/scripts/gdb/linux/utils.py
+++ b/scripts/gdb/linux/utils.py
@@ -83,7
Set of patches to clean up scripts/gdb
Thiébaud Weksteen (3):
scripts/gdb: Fix typo in exception name
scripts/gdb: Fix PEP8 compliance
scripts/gdb: Remove useless global instruction
scripts/gdb/linux/dmesg.py | 1 -
scripts/gdb/linux/symbols.py | 9 -
scripts/gdb/linux/tasks.py
Set of patches to clean up scripts/gdb
Thiébaud Weksteen (3):
scripts/gdb: Fix typo in exception name
scripts/gdb: Fix PEP8 compliance
scripts/gdb: Remove useless global instruction
scripts/gdb/linux/dmesg.py | 1 -
scripts/gdb/linux/symbols.py | 9 -
scripts/gdb/linux/tasks.py
Signed-off-by: Thiébaud Weksteen thieb...@weksteen.fr
---
scripts/gdb/linux/utils.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scripts/gdb/linux/utils.py b/scripts/gdb/linux/utils.py
index 128c306..d7ff3a3 100644
--- a/scripts/gdb/linux/utils.py
+++ b/scripts/gdb/linux
Signed-off-by: Thiébaud Weksteen thieb...@weksteen.fr
---
scripts/gdb/linux/dmesg.py | 1 -
scripts/gdb/linux/symbols.py | 9 -
scripts/gdb/linux/tasks.py | 2 ++
scripts/gdb/linux/utils.py | 2 +-
4 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/scripts/gdb/linux
Add a gdb script to verify the consistency of lists.
Signed-off-by: Thiébaud Weksteen
---
Implement suggestions from Jan.
Changes in v2:
- Add copyright line
- Rename check_list to list_check
- Remove casting and only accept (struct list_head) object
- Add error message if argument
Add a gdb script to verify the consistency of lists.
Signed-off-by: Thiébaud Weksteen thieb...@weksteen.fr
---
Implement suggestions from Jan.
Changes in v2:
- Add copyright line
- Rename check_list to list_check
- Remove casting and only accept (struct list_head) object
- Add error message
Add a gdb script to verify the consistency of lists.
Signed-off-by: Thiébaud Weksteen
---
scripts/gdb/linux/lists.py | 78 ++
scripts/gdb/vmlinux-gdb.py | 1 +
2 files changed, 79 insertions(+)
create mode 100644 scripts/gdb/linux/lists.py
diff
Add a gdb script to verify the consistency of lists.
Signed-off-by: Thiébaud Weksteen thieb...@weksteen.fr
---
scripts/gdb/linux/lists.py | 78 ++
scripts/gdb/vmlinux-gdb.py | 1 +
2 files changed, 79 insertions(+)
create mode 100644 scripts/gdb
37 matches
Mail list logo