提交 · 014149cce19c5acb19014e57a5b739b7f64e6fbf · OpenHarmony / kernel_linux

20 6月, 2006 3 次提交

A
[PATCH] deprecate AUDIT_POSSBILE · 014149cc
由 Al Viro 提交于 5月 23, 2006
```
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
```
014149cc

[PATCH] fix audit_krule_to_{rule,data} return values · 0a3b483e

由 Amy Griffis 提交于 5月 02, 2006

Don't return -ENOMEM when callers of these functions are checking for
a NULL return.  Bug noticed by Serge Hallyn.
Signed-off-by: NAmy Griffis <amy.griffis@hp.com>
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

0a3b483e

[PATCH] fix deadlocks in AUDIT_LIST/AUDIT_LIST_RULES · 9044e6bc

由 Al Viro 提交于 5月 22, 2006

We should not send a pile of replies while holding audit_netlink_mutex
since we hold the same mutex when we receive commands. As the result,
we can get blocked while sending and sit there holding the mutex while
auditctl is unable to send the next command and get around to receiving
what we'd sent.

Solution: create skb and put them into a queue instead of sending;
once we are done, send what we've got on the list. The former can
be done synchronously while we are handling AUDIT_LIST or AUDIT_LIST_RULES;
we are holding audit_netlink_mutex at that point. The latter is done
asynchronously and without messing with audit_netlink_mutex.
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

9044e6bc

01 5月, 2006 2 次提交

[PATCH] More user space subject labels · ce29b682

由 Steve Grubb 提交于 4月 01, 2006

Hi,

The patch below builds upon the patch sent earlier and adds subject label to
all audit events generated via the netlink interface. It also cleans up a few
other minor things.
Signed-off-by: NSteve Grubb <sgrubb@redhat.com>
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

ce29b682

[PATCH] support for context based audit filtering, part 2 · 3dc7e315

由 Darrel Goeddel 提交于 3月 10, 2006

This patch provides the ability to filter audit messages based on the
elements of the process' SELinux context (user, role, type, mls sensitivity,
and mls clearance). It uses the new interfaces from selinux to opaquely
store information related to the selinux context and to filter based on that
information. It also uses the callback mechanism provided by selinux to
refresh the information when a new policy is loaded.
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

3dc7e315

21 3月, 2006 6 次提交

[PATCH] sem2mutex: audit_netlink_sem · 5a0bbce5

由 Ingo Molnar 提交于 3月 07, 2006

Semaphore to mutex conversion.

The conversion was generated via scripts, and the result was validated
automatically via a script as well.
Signed-off-by: NIngo Molnar <mingo@elte.hu>
Cc: David Woodhouse <dwmw2@infradead.org>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

5a0bbce5

[PATCH] Fix audit operators · d9d9ec6e

由 Dustin Kirkland 提交于 2月 16, 2006

Darrel Goeddel initiated a discussion on IRC regarding the possibility
of audit_comparator() returning -EINVAL signaling an invalid operator.

It is possible when creating the rule to assure that the operator is one
of the 6 sane values.  Here's a snip from include/linux/audit.h  Note
that 0 (nonsense) and 7 (all operators) are not valid values for an
operator.

...

/* These are the supported operators.
 *      4  2  1
 *      =  >  <
 *      -------
 *      0  0  0         0       nonsense
 *      0  0  1         1       <
 *      0  1  0         2       >
 *      0  1  1         3       !=
 *      1  0  0         4       =
 *      1  0  1         5       <=
 *      1  1  0         6       >=
 *      1  1  1         7       all operators
 */
...

Furthermore, prior to adding these extended operators, flagging the
AUDIT_NEGATE bit implied !=, and otherwise == was assumed.

The following code forces the operator to be != if the AUDIT_NEGATE bit
was flipped on.  And if no operator was specified, == is assumed.  The
only invalid condition is if the AUDIT_NEGATE bit is off and all of the
AUDIT_EQUAL, AUDIT_LESS_THAN, and AUDIT_GREATER_THAN bits are
on--clearly a nonsensical operator.

Now that this is handled at rule insertion time, the default -EINVAL
return of audit_comparator() is eliminated such that the function can
only return 1 or 0.

If this is acceptable, let's get this applied to the current tree.

:-Dustin

--
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
(cherry picked from 9bf0a8e137040f87d1b563336d4194e38fb2ba1a commit)

d9d9ec6e

[PATCH] add/remove rule update · 5d330108

由 Steve Grubb 提交于 1月 09, 2006

Hi,

The following patch adds a little more information to the add/remove rule message emitted
by the kernel.
Signed-off-by: NSteve Grubb <sgrubb@redhat.com>
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

5d330108

[PATCH] audit string fields interface + consumer · 93315ed6

由 Amy Griffis 提交于 2月 07, 2006

Updated patch to dynamically allocate audit rule fields in kernel's
internal representation.  Added unlikely() calls for testing memory
allocation result.

Amy Griffis wrote:     [Wed Jan 11 2006, 02:02:31PM EST]
> Modify audit's kernel-userspace interface to allow the specification
> of string fields in audit rules.
>
> Signed-off-by: Amy Griffis <amy.griffis@hp.com>
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
(cherry picked from 5ffc4a863f92351b720fe3e9c5cd647accff9e03 commit)

93315ed6

D
[PATCH] Minor cosmetic cleanups to the code moved into auditfilter.c · d884596f
由 David Woodhouse 提交于 12月 16, 2005
```
Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
```
d884596f

[PATCH] Fix audit record filtering with !CONFIG_AUDITSYSCALL · fe7752ba

由 David Woodhouse 提交于 12月 15, 2005

This fixes the per-user and per-message-type filtering when syscall
auditing isn't enabled.

[AV: folded followup fix from the same author]
Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

fe7752ba

OpenHarmony / kernel_linux 上一次同步 3 年多

OpenHarmony / kernel_linux
上一次同步 3 年多