[PATCH 2/2] errormsg: add descriptive macros to replace overloaded error codes
Richard Guy Briggs
rgb at redhat.com
Thu May 4 20:29:45 UTC 2017
On 2017-05-04 16:11, Steve Grubb wrote:
> On Tuesday, April 4, 2017 6:37:48 AM EDT Richard Guy Briggs wrote:
> > Several return codes were overloaded and no longer giving helpful error
> > return messages from the field and comparison functions
> > audit_rule_fieldpair_data() and audit_rule_interfield_comp_data().
> >
> > Introduce 3 new macros with more helpful error descriptions for data
> > missing, incompatible fields and incompatible values.
> >
> > See: https://github.com/linux-audit/audit-userspace/issues/12
> >
> > Signed-off-by: Richard Guy Briggs <rgb at redhat.com>
> > ---
> > lib/errormsg.h | 6 ++++++
> > lib/libaudit.c | 28 ++++++++++++++--------------
> > 2 files changed, 20 insertions(+), 14 deletions(-)
> >
> > diff --git a/lib/errormsg.h b/lib/errormsg.h
> > index 35b7f95..50c7d50 100644
> > --- a/lib/errormsg.h
> > +++ b/lib/errormsg.h
> > @@ -67,6 +67,9 @@ static const struct msg_tab err_msgtab[] = {
> > { -29, 1, "only takes = operator" },
> > { -30, 2, "Field option not supported by kernel:" },
> > { -31, 1, "must be used with exclude, user, or exit filter" },
> > + { -32, 0, "field data is missing" },
>
> Actually, this means that the filter is missing in the rule. This is the kind
> of thing I would normally just fixup after patching the source.
>
> > + { -33, 2, "-C field incompatible" },
> > + { -34, 2, "-C value incompatible" },
> > };
> > #define EAU_OPMISSING 1
> > #define EAU_FIELDUNKNOWN 2
> > @@ -97,4 +100,7 @@ static const struct msg_tab err_msgtab[] = {
> > #define EAU_OPEQ 29
> > #define EAU_FIELDNOSUPPORT 30
> > #define EAU_FIELDNOFILTER 31
> > +#define EAU_DATAMISSING 32
> > +#define EAU_COMPFIELDINCOMPAT 33
> > +#define EAU_COMPVALINCOMPAT 34
> > #endif
> > diff --git a/lib/libaudit.c b/lib/libaudit.c
> > index b481f52..b1f8f9c 100644
> > --- a/lib/libaudit.c
> > +++ b/lib/libaudit.c
> > @@ -976,7 +976,7 @@ int audit_rule_interfield_comp_data(struct
> > audit_rule_data **rulep, struct audit_rule_data *rule = *rulep;
> >
> > if (f == NULL)
> > - return -1;
> > + return -EAU_DATAMISSING;
> >
> > if (rule->field_count >= (AUDIT_MAX_FIELDS - 1))
> > return -EAU_FIELDTOOMANY;
> > @@ -1043,7 +1043,7 @@ int audit_rule_interfield_comp_data(struct
> > audit_rule_data **rulep, AUDIT_COMPARE_UID_TO_EUID;
> > break;
> > default:
> > - return -1;
> > + return -EAU_COMPVALINCOMPAT;
>
> This means that we are attempting an incompatible comparison between fields.
>
> > }
> > break;
> > case AUDIT_FSUID:
> > @@ -1069,7 +1069,7 @@ int audit_rule_interfield_comp_data(struct
> > audit_rule_data **rulep, AUDIT_COMPARE_UID_TO_FSUID;
> > break;
> > default:
> > - return -1;
> > + return -EAU_COMPVALINCOMPAT;
> > }
> > break;
> > case AUDIT_LOGINUID:
> > @@ -1095,7 +1095,7 @@ int audit_rule_interfield_comp_data(struct
> > audit_rule_data **rulep, AUDIT_COMPARE_UID_TO_AUID;
> > break;
> > default:
> > - return -1;
> > + return -EAU_COMPVALINCOMPAT;
> > }
> > break;
> > case AUDIT_SUID:
> > @@ -1121,7 +1121,7 @@ int audit_rule_interfield_comp_data(struct
> > audit_rule_data **rulep, AUDIT_COMPARE_UID_TO_SUID;
> > break;
> > default:
> > - return -1;
> > + return -EAU_COMPVALINCOMPAT;
> > }
> > break;
> > case AUDIT_OBJ_UID:
> > @@ -1147,7 +1147,7 @@ int audit_rule_interfield_comp_data(struct
> > audit_rule_data **rulep, AUDIT_COMPARE_SUID_TO_OBJ_UID;
> > break;
> > default:
> > - return -1;
> > + return -EAU_COMPVALINCOMPAT;
> > }
> > break;
> > case AUDIT_UID:
> > @@ -1173,7 +1173,7 @@ int audit_rule_interfield_comp_data(struct
> > audit_rule_data **rulep, AUDIT_COMPARE_UID_TO_SUID;
> > break;
> > default:
> > - return -1;
> > + return -EAU_COMPVALINCOMPAT;
> > }
> > break;
> >
> > @@ -1197,7 +1197,7 @@ int audit_rule_interfield_comp_data(struct
> > audit_rule_data **rulep, AUDIT_COMPARE_EGID_TO_SGID;
> > break;
> > default:
> > - return -1;
> > + return -EAU_COMPVALINCOMPAT;
> > }
> > break;
> > case AUDIT_FSGID:
> > @@ -1219,7 +1219,7 @@ int audit_rule_interfield_comp_data(struct
> > audit_rule_data **rulep, AUDIT_COMPARE_EGID_TO_FSGID;
> > break;
> > default:
> > - return -1;
> > + return -EAU_COMPVALINCOMPAT;
> > }
> > break;
> > case AUDIT_GID:
> > @@ -1241,7 +1241,7 @@ int audit_rule_interfield_comp_data(struct
> > audit_rule_data **rulep, AUDIT_COMPARE_GID_TO_SGID;
> > break;
> > default:
> > - return -1;
> > + return -EAU_COMPVALINCOMPAT;
> > }
> > break;
> > case AUDIT_OBJ_GID:
> > @@ -1263,7 +1263,7 @@ int audit_rule_interfield_comp_data(struct
> > audit_rule_data **rulep, AUDIT_COMPARE_SGID_TO_OBJ_GID;
> > break;
> > default:
> > - return -1;
> > + return -EAU_COMPVALINCOMPAT;
> > }
> > break;
> > case AUDIT_SGID:
> > @@ -1285,11 +1285,11 @@ int audit_rule_interfield_comp_data(struct
> > audit_rule_data **rulep, AUDIT_COMPARE_EGID_TO_SGID;
> > break;
> > default:
> > - return -1;
> > + return -EAU_COMPVALINCOMPAT;
> > }
> > break;
> > default:
> > - return -1;
> > + return -EAU_COMPFIELDINCOMPAT;
>
> This means the same thing.
>
> > break;
> > }
> > rule->field_count++;
> > @@ -1389,7 +1389,7 @@ int audit_rule_fieldpair_data(struct audit_rule_data
> > **rulep, const char *pair, struct audit_rule_data *rule = *rulep;
> >
> > if (f == NULL)
> > - return -1;
> > + return -EAU_DATAMISSING;
>
> This also means that the filter was not given. Patch not applied.
>
> Was there a patch in this series that converted errormsg.h to use the macros?
I don't quite follow. Can you give a fictional example off the top of
your head of what you are hoping for? I'm hoping to eventually replace
them with an enum list.
> -Steve
>
> > if (rule->field_count >= (AUDIT_MAX_FIELDS - 1))
> > return -EAU_FIELDTOOMANY;
- RGB
--
Richard Guy Briggs <rgb at redhat.com>
Sr. S/W Engineer, Kernel Security, Base Operating Systems
Remote, Ottawa, Red Hat Canada
IRC: rgb, SunRaycer
Voice: +1.647.777.2635, Internal: (81) 32635
More information about the Linux-audit
mailing list