mbox series

[0/3] Add DT_AUDIT support [BZ #24943]

Message ID cover.1585914979.git.fweimer@redhat.com
Headers show
Series Add DT_AUDIT support [BZ #24943] | expand

Message

dilfridge--- via Libc-alpha April 3, 2020, 12:02 p.m. UTC
xgetline has been committed separately with slightly different behavior.
I think the zero-on-EOF behavior is preferable, so I'm switching the
implementation to that.

It turns out that it is possible to simplify the audit string list
processing, so the second commit does that.

Tested on x86_64-linux-gnu and i686-linux-gnu.

Thanks,
Florian

Florian Weimer (3):
  support: Change xgetline to return 0 on EOF
  elf: Simplify handling of lists of audit strings
  elf: Implement DT_AUDIT, DT_DEPAUDIT support [BZ #24943]

 NEWS                            |   3 +
 elf/Makefile                    |  22 ++-
 elf/rtld.c                      | 247 +++++++++++++++++---------------
 elf/tst-audit14.c               |  46 ++++++
 elf/tst-audit15.c               |  50 +++++++
 elf/tst-audit16.c               |  54 +++++++
 elf/tst-auditlogmod-1.c         |  27 ++++
 elf/tst-auditlogmod-2.c         |  27 ++++
 elf/tst-auditlogmod-3.c         |  27 ++++
 support/support_process_state.c |   2 +-
 support/xgetline.c              |  22 +--
 support/xstdio.h                |   5 +-
 12 files changed, 405 insertions(+), 127 deletions(-)
 create mode 100644 elf/tst-audit14.c
 create mode 100644 elf/tst-audit15.c
 create mode 100644 elf/tst-audit16.c
 create mode 100644 elf/tst-auditlogmod-1.c
 create mode 100644 elf/tst-auditlogmod-2.c
 create mode 100644 elf/tst-auditlogmod-3.c

Comments

dilfridge--- via Libc-alpha April 3, 2020, 12:49 p.m. UTC | #1
On 4/3/20 8:02 AM, Florian Weimer via Libc-alpha wrote:
> xgetline has been committed separately with slightly different behavior.
> I think the zero-on-EOF behavior is preferable, so I'm switching the
> implementation to that.
> 
> It turns out that it is possible to simplify the audit string list
> processing, so the second commit does that.
> 
> Tested on x86_64-linux-gnu and i686-linux-gnu.

Thanks for working on this.

The auditors, despite the implementation being a bit immature, are a
useful way to alter the dynamic loaders behaviour.

Your patches go a long way to improving this framework, and you add
some nice internal API design examples.