提交 0fb02e71 编写于 作者: L Linus Torvalds

Merge tag 'audit-pr-20170907' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit

Pull audit updates from Paul Moore:
 "A small pull request for audit this time, only four patches and only
  two with any real code changes.

  Those two changes are the removal of a pointless SELinux AVC
  initialization audit event and a fix to improve the audit timestamp
  overhead.

  The other two patches are comment cleanup and administrative updates,
  nothing very exciting.

  Everything passes our tests"

* tag 'audit-pr-20170907' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit:
  audit: update the function comments
  selinux: remove AVC init audit log message
  audit: update the audit info in MAINTAINERS
  audit: Reduce overhead using a coarse clock
...@@ -2413,9 +2413,10 @@ AUDIT SUBSYSTEM ...@@ -2413,9 +2413,10 @@ AUDIT SUBSYSTEM
M: Paul Moore <paul@paul-moore.com> M: Paul Moore <paul@paul-moore.com>
M: Eric Paris <eparis@redhat.com> M: Eric Paris <eparis@redhat.com>
L: linux-audit@redhat.com (moderated for non-subscribers) L: linux-audit@redhat.com (moderated for non-subscribers)
W: http://people.redhat.com/sgrubb/audit/ W: https://github.com/linux-audit
T: git git://git.infradead.org/users/pcmoore/audit W: https://people.redhat.com/sgrubb/audit
S: Maintained T: git git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git
S: Supported
F: include/linux/audit.h F: include/linux/audit.h
F: include/uapi/linux/audit.h F: include/uapi/linux/audit.h
F: kernel/audit* F: kernel/audit*
......
...@@ -1662,7 +1662,7 @@ static inline void audit_get_stamp(struct audit_context *ctx, ...@@ -1662,7 +1662,7 @@ static inline void audit_get_stamp(struct audit_context *ctx,
struct timespec64 *t, unsigned int *serial) struct timespec64 *t, unsigned int *serial)
{ {
if (!ctx || !auditsc_get_stamp(ctx, t, serial)) { if (!ctx || !auditsc_get_stamp(ctx, t, serial)) {
ktime_get_real_ts64(t); *t = current_kernel_time64();
*serial = audit_serial(); *serial = audit_serial();
} }
} }
...@@ -1833,7 +1833,7 @@ void audit_log_format(struct audit_buffer *ab, const char *fmt, ...) ...@@ -1833,7 +1833,7 @@ void audit_log_format(struct audit_buffer *ab, const char *fmt, ...)
} }
/** /**
* audit_log_hex - convert a buffer to hex and append it to the audit skb * audit_log_n_hex - convert a buffer to hex and append it to the audit skb
* @ab: the audit_buffer * @ab: the audit_buffer
* @buf: buffer to convert to hex * @buf: buffer to convert to hex
* @len: length of @buf to be converted * @len: length of @buf to be converted
......
...@@ -1462,7 +1462,7 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts ...@@ -1462,7 +1462,7 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts
} }
/** /**
* audit_free - free a per-task audit context * __audit_free - free a per-task audit context
* @tsk: task whose audit context block to free * @tsk: task whose audit context block to free
* *
* Called from copy_process and do_exit * Called from copy_process and do_exit
...@@ -1489,7 +1489,7 @@ void __audit_free(struct task_struct *tsk) ...@@ -1489,7 +1489,7 @@ void __audit_free(struct task_struct *tsk)
} }
/** /**
* audit_syscall_entry - fill in an audit record at syscall entry * __audit_syscall_entry - fill in an audit record at syscall entry
* @major: major syscall type (function) * @major: major syscall type (function)
* @a1: additional syscall register 1 * @a1: additional syscall register 1
* @a2: additional syscall register 2 * @a2: additional syscall register 2
...@@ -1536,14 +1536,14 @@ void __audit_syscall_entry(int major, unsigned long a1, unsigned long a2, ...@@ -1536,14 +1536,14 @@ void __audit_syscall_entry(int major, unsigned long a1, unsigned long a2,
return; return;
context->serial = 0; context->serial = 0;
ktime_get_real_ts64(&context->ctime); context->ctime = current_kernel_time64();
context->in_syscall = 1; context->in_syscall = 1;
context->current_state = state; context->current_state = state;
context->ppid = 0; context->ppid = 0;
} }
/** /**
* audit_syscall_exit - deallocate audit context after a system call * __audit_syscall_exit - deallocate audit context after a system call
* @success: success value of the syscall * @success: success value of the syscall
* @return_code: return value of the syscall * @return_code: return value of the syscall
* *
...@@ -1705,7 +1705,7 @@ static struct audit_names *audit_alloc_name(struct audit_context *context, ...@@ -1705,7 +1705,7 @@ static struct audit_names *audit_alloc_name(struct audit_context *context,
} }
/** /**
* audit_reusename - fill out filename with info from existing entry * __audit_reusename - fill out filename with info from existing entry
* @uptr: userland ptr to pathname * @uptr: userland ptr to pathname
* *
* Search the audit_names list for the current audit context. If there is an * Search the audit_names list for the current audit context. If there is an
...@@ -1730,7 +1730,7 @@ __audit_reusename(const __user char *uptr) ...@@ -1730,7 +1730,7 @@ __audit_reusename(const __user char *uptr)
} }
/** /**
* audit_getname - add a name to the list * __audit_getname - add a name to the list
* @name: name to add * @name: name to add
* *
* Add a name to the list of audit names for this context. * Add a name to the list of audit names for this context.
...@@ -2135,7 +2135,7 @@ void __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat) ...@@ -2135,7 +2135,7 @@ void __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
} }
/** /**
* audit_ipc_obj - record audit data for ipc object * __audit_ipc_obj - record audit data for ipc object
* @ipcp: ipc permissions * @ipcp: ipc permissions
* *
*/ */
...@@ -2151,7 +2151,7 @@ void __audit_ipc_obj(struct kern_ipc_perm *ipcp) ...@@ -2151,7 +2151,7 @@ void __audit_ipc_obj(struct kern_ipc_perm *ipcp)
} }
/** /**
* audit_ipc_set_perm - record audit data for new ipc permissions * __audit_ipc_set_perm - record audit data for new ipc permissions
* @qbytes: msgq bytes * @qbytes: msgq bytes
* @uid: msgq user id * @uid: msgq user id
* @gid: msgq group id * @gid: msgq group id
...@@ -2180,7 +2180,7 @@ void __audit_bprm(struct linux_binprm *bprm) ...@@ -2180,7 +2180,7 @@ void __audit_bprm(struct linux_binprm *bprm)
/** /**
* audit_socketcall - record audit data for sys_socketcall * __audit_socketcall - record audit data for sys_socketcall
* @nargs: number of args, which should not be more than AUDITSC_ARGS. * @nargs: number of args, which should not be more than AUDITSC_ARGS.
* @args: args array * @args: args array
* *
...@@ -2211,7 +2211,7 @@ void __audit_fd_pair(int fd1, int fd2) ...@@ -2211,7 +2211,7 @@ void __audit_fd_pair(int fd1, int fd2)
} }
/** /**
* audit_sockaddr - record audit data for sys_bind, sys_connect, sys_sendto * __audit_sockaddr - record audit data for sys_bind, sys_connect, sys_sendto
* @len: data length in user space * @len: data length in user space
* @a: data address in kernel space * @a: data address in kernel space
* *
......
...@@ -197,8 +197,6 @@ void __init avc_init(void) ...@@ -197,8 +197,6 @@ void __init avc_init(void)
avc_xperms_data_cachep = kmem_cache_create("avc_xperms_data", avc_xperms_data_cachep = kmem_cache_create("avc_xperms_data",
sizeof(struct extended_perms_data), sizeof(struct extended_perms_data),
0, SLAB_PANIC, NULL); 0, SLAB_PANIC, NULL);
audit_log(current->audit_context, GFP_KERNEL, AUDIT_KERNEL, "AVC INITIALIZED\n");
} }
int avc_get_hash_stats(char *page) int avc_get_hash_stats(char *page)
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册