Re: [PATCH v1 0/2] two suggested iouring op audit updates

On Fri, Jan 27, 2023 at 5:46 PM Jens Axboe <axboe(a)kernel.dk&gt; wrote: > On 1/27/23 3:38 PM, Paul Moore wrote: > > On Fri, Jan 27, 2023 at 2:43 PM Jens Axboe <axboe(a)kernel.dk&gt; wrote: > >> On 1/27/23 12:42 PM, Paul Moore wrote: > >>> On Fri, Jan 27, 2023 at 12:40 PM Jens Axboe <axboe(a)kernel.dk&gt; wrote: > >>>> On 1/27/23 10:23 AM, Richard Guy Briggs wrote: > >>>>> A couple of updates to the iouring ops audit bypass selections > >>>>> suggested in consultation with Steve Grubb. > >>>>> > >>>>> Richard Guy Briggs (2): > >>>>> io_uring,audit: audit IORING_OP_FADVISE but not IORING_OP_MADVISE > >>>>> io_uring,audit: do not log IORING_OP_*GETXATTR > >>>>> > >>>>> io_uring/opdef.c | 4 +++- > >>>>> 1 file changed, 3 insertions(+), 1 deletion(-) > >>>> > >>>> Look fine to me - we should probably add stable to both of them, > >>>> just to keep things consistent across releases. I can queue them up > >>>> for 6.3. > >>> > >>> Please hold off until I've had a chance to look them over ... > >> > >> I haven't taken anything yet, for things like this I always let it > >> simmer until people have had a chance to do so. > > > > Thanks. FWIW, that sounds very reasonable to me, but I've seen lots > > of different behaviors across subsystems and wanted to make sure we > > were on the same page. > > Sounds fair. BTW, can we stop CC'ing closed lists on patch > submissions? Getting these: > > Your message to Linux-audit awaits moderator approval > > on every reply is really annoying. We kinda need audit related stuff on the linux-audit list, that's our mailing list for audit stuff. However, I agree that it is crap that the linux-audit list is moderated, but unfortunately that isn't something I control (I haven't worked for RH in years, and even then the list owner was really weird about managing the list). Occasionally I grumble about moving the kernel audit development to a linux-audit list on vger but haven't bothered yet, perhaps this is as good a reason as any. Richard, Steve - any chance of opening the linux-audit list?