[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] xsm/flask: adjust print messages to use %pd

  • To: "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Fri, 9 Sep 2022 14:10:44 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=KZ+pzLOSX6IqrMvfzGW5iPAa5yZL+aE8Ip8QkvxBh6I=; b=Y2NIK7gb3AHKSA47zExgyrUV8GfZ+nCmCWqsvulaUUTJPi/+X2cwBGcS6lSuSuJGcp+UuFwLcVuO2QxN7pdskV82DL1pfYLqITr7Tnv7POXMKteY1iqQc3tT+VepiUTHY1+jWGYsdvOo8JHLfDfNo7Q3mxQFRLKOe2Ia4WbkbYVu0AWkBPfbyrdPfW+I7/HPrT6Dq7LcfTVwaWM8OexvA8PCbNNkHaAN1IeT78VLXr1fZ6YZHN+idVubObH401l7HM1YOBeHHIPdQ51U+0kE5kC1jU1igwQRQgDgwXWOPcOqbqwK4FT01huH4zkBLriZyZcJEngHyFoJPzJIt0pibQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=SNxz4y3jHBPpVx+ALMuj73bpEemMK/aODnUuc14RdkY3U0QtAkwqDxceibyb9hxmrrALoAOJrokz21+wRxUxYDkeRzPQlen3JZxZm3yfPcYp2BUdAicq1rpPhFMBCuIQAGcY7m/mfo1XcMGozqUfYF43PWu4MR8YbfA1aS7FR14/hNwkDriw+nHl+PpKoKE0b/TypU0Qpcpm/2Il/+a/1PwVPn/dPgdsULNYUnzzycfZKfYPJg5/whJn81XWVvr3c2dIk/ARwSk1VnOeHncltOXGV4OTRf5xJY5E4z8rGCil9/weI5EPFxvi6u/C50vtgYZ2bPJKVSt13BICIkGiuw==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: jandryuk@xxxxxxxxx, xen-devel@xxxxxxxxxxxxxxxxxxxx
  • Delivery-date: Fri, 09 Sep 2022 12:11:02 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 09.09.2022 13:34, Daniel P. Smith wrote:
> On 9/9/22 06:04, Jan Beulich wrote:
>> On 09.09.2022 11:50, Daniel P. Smith wrote:
>>> --- a/xen/xsm/flask/avc.c
>>> +++ b/xen/xsm/flask/avc.c
>>> @@ -566,14 +566,14 @@ void avc_audit(u32 ssid, u32 tsid, u16 tclass, u32 
>>> requested,
>>>       if ( a && (a->sdom || a->tdom) )
>>>       {
>>>           if ( a->sdom && a->tdom && a->sdom != a->tdom )
>>> -            avc_printk(&buf, "domid=%d target=%d ", a->sdom->domain_id, 
>>> a->tdom->domain_id);
>>> +            avc_printk(&buf, "source=%pd target=%dp ", a->sdom, a->tdom);
>>>           else if ( a->sdom )
>>> -            avc_printk(&buf, "domid=%d ", a->sdom->domain_id);
>>> +            avc_printk(&buf, "source=%pd ", a->sdom);
>>>           else
>>> -            avc_printk(&buf, "target=%d ", a->tdom->domain_id);
>>> +            avc_printk(&buf, "target=%pd ", a->tdom);
>>
>> Apart from switching to %pd to also replace "domid" by "source". That's
>> fine in the first case (where both domain IDs are logged), but in the
>> second case it's a little questionable. Wouldn't it be better to be
>> able to distinguish the tdom == NULL case from the tdom == sdom one,
>> perhaps by using "source" in the former case but "domid" in the latter
>> one?
> 
> Apologies as I am not quite following your question. Let me provide my 
> reasoning and if it doesn't address your question, then please help me 
> understand your concern.
> 
> The function avc_printk() allows for the incremental build up of an AVC 
> message. In this section, it is attempting to include the applicable 
> source and target that was used to render the AVC. With the switch to 
> %pd, the first and second lines would become "domid=d{id}". I personally 
> find that a bit redundant. Adding to that, in the context of this 
> function there is "sdom" which is source domain, "cdom" which is current 
> domain, and tdom which is target domain. The print statements using cdom 
> or tdom already denoted them with "current=" and "target=" respectively. 
> Whereas, sdom was prefixed with "domid=" in the print statements. To me, 
> it makes more sense to change the prefixes of sdom with "source=" to 
> accurately reflect the context of that domid.

Well, yes, perhaps "domain" would be better than "domid" with the change
to %pd. But I still think the middle of the three printk()s would better
distinguish tdom == NULL from tdom == sdom:

        else if ( a->sdom )
            avc_printk(&buf, "%s=%pd ", a->tdom ? "domain" : "source", a->sdom);

Jan

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.