audit/stable-4.14 PR 20170907
-----BEGIN PGP SIGNATURE----- iQJIBAABCAAyFiEEcQCq365ubpQNLgrWVeRaWujKfIoFAlmxqfYUHHBhdWxAcGF1 bC1tb29yZS5jb20ACgkQVeRaWujKfIqajw//dDczulHzGe/bicB9dGR9qLurWn3m lCsNl3eAhNlcoPGeEgmEMpqlAf8HEwi8am4RnL3XfHKVGtgBIA+K8Hmm7AXI2YTp 8ZU6aRK+nW2gD+vFz6D0oknsx3wx9GtHutCeDEHKdiaTRL0RyYr9o3NgU2ngAF09 Pg5rJadd5DxVyrHKImpJTZNIvI96BIzXLV7OrYLu59dLKW8lMWZ4ZGz3v+QDO4tu 1bNPkM1uwcPUamen3R1O0W8GUIIOgTDzKIvrgKLV3aziyVtAIbUvkUaa7El3v8/K Fsefjwp96AxLw1wQibKafm63Zx9V7e5cqA7ALyqCGWXW2DR+uV0mpQiKOAZO6OqQ g7fTKxoMRjjX22OkYxBBbYqKDM8Pi4iH41tZJ7dw7Q9/U+dLwlwitf8WdPspSeMo E9Ng9EgfUAfFZuHcTXobM1XKZos1t8UE8HIDbmr+Ono5w4LqdEws94+uLLNKI4Og s3022Nah8RG8zzgGSsJCqsJkuxpv9Hm4qrt28mIj+PVMsa6GtBDsOe9PgMts4XEx PW3Yy9Jt7UcDr31sMHF/EqMe9wIGkwCsNVTWCGW5g5vLxsVYv9q++pfn8qcP1m+K kCkbi2HwgOLFrOsA+YDJ6+5V0+IqLkegjSpnCm/S95szrVu6xif1KIj4JFCClUEy 5xJ/3pxz6hF4DMM= =in0T -----END PGP SIGNATURE----- Merge tag 'audit-pr-20170907' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit Pull audit updates from Paul Moore: "A small pull request for audit this time, only four patches and only two with any real code changes. Those two changes are the removal of a pointless SELinux AVC initialization audit event and a fix to improve the audit timestamp overhead. The other two patches are comment cleanup and administrative updates, nothing very exciting. Everything passes our tests" * tag 'audit-pr-20170907' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit: audit: update the function comments selinux: remove AVC init audit log message audit: update the audit info in MAINTAINERS audit: Reduce overhead using a coarse clock
This commit is contained in:
commit
0fb02e718f
|
@ -2413,9 +2413,10 @@ AUDIT SUBSYSTEM
|
|||
M: Paul Moore <paul@paul-moore.com>
|
||||
M: Eric Paris <eparis@redhat.com>
|
||||
L: linux-audit@redhat.com (moderated for non-subscribers)
|
||||
W: http://people.redhat.com/sgrubb/audit/
|
||||
T: git git://git.infradead.org/users/pcmoore/audit
|
||||
S: Maintained
|
||||
W: https://github.com/linux-audit
|
||||
W: https://people.redhat.com/sgrubb/audit
|
||||
T: git git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git
|
||||
S: Supported
|
||||
F: include/linux/audit.h
|
||||
F: include/uapi/linux/audit.h
|
||||
F: kernel/audit*
|
||||
|
|
|
@ -1662,7 +1662,7 @@ static inline void audit_get_stamp(struct audit_context *ctx,
|
|||
struct timespec64 *t, unsigned int *serial)
|
||||
{
|
||||
if (!ctx || !auditsc_get_stamp(ctx, t, serial)) {
|
||||
ktime_get_real_ts64(t);
|
||||
*t = current_kernel_time64();
|
||||
*serial = audit_serial();
|
||||
}
|
||||
}
|
||||
|
@ -1833,7 +1833,7 @@ void audit_log_format(struct audit_buffer *ab, const char *fmt, ...)
|
|||
}
|
||||
|
||||
/**
|
||||
* audit_log_hex - convert a buffer to hex and append it to the audit skb
|
||||
* audit_log_n_hex - convert a buffer to hex and append it to the audit skb
|
||||
* @ab: the audit_buffer
|
||||
* @buf: buffer to convert to hex
|
||||
* @len: length of @buf to be converted
|
||||
|
|
|
@ -1462,7 +1462,7 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts
|
|||
}
|
||||
|
||||
/**
|
||||
* audit_free - free a per-task audit context
|
||||
* __audit_free - free a per-task audit context
|
||||
* @tsk: task whose audit context block to free
|
||||
*
|
||||
* Called from copy_process and do_exit
|
||||
|
@ -1489,7 +1489,7 @@ void __audit_free(struct task_struct *tsk)
|
|||
}
|
||||
|
||||
/**
|
||||
* audit_syscall_entry - fill in an audit record at syscall entry
|
||||
* __audit_syscall_entry - fill in an audit record at syscall entry
|
||||
* @major: major syscall type (function)
|
||||
* @a1: additional syscall register 1
|
||||
* @a2: additional syscall register 2
|
||||
|
@ -1536,14 +1536,14 @@ void __audit_syscall_entry(int major, unsigned long a1, unsigned long a2,
|
|||
return;
|
||||
|
||||
context->serial = 0;
|
||||
ktime_get_real_ts64(&context->ctime);
|
||||
context->ctime = current_kernel_time64();
|
||||
context->in_syscall = 1;
|
||||
context->current_state = state;
|
||||
context->ppid = 0;
|
||||
}
|
||||
|
||||
/**
|
||||
* audit_syscall_exit - deallocate audit context after a system call
|
||||
* __audit_syscall_exit - deallocate audit context after a system call
|
||||
* @success: success value of the syscall
|
||||
* @return_code: return value of the syscall
|
||||
*
|
||||
|
@ -1705,7 +1705,7 @@ static struct audit_names *audit_alloc_name(struct audit_context *context,
|
|||
}
|
||||
|
||||
/**
|
||||
* audit_reusename - fill out filename with info from existing entry
|
||||
* __audit_reusename - fill out filename with info from existing entry
|
||||
* @uptr: userland ptr to pathname
|
||||
*
|
||||
* Search the audit_names list for the current audit context. If there is an
|
||||
|
@ -1730,7 +1730,7 @@ __audit_reusename(const __user char *uptr)
|
|||
}
|
||||
|
||||
/**
|
||||
* audit_getname - add a name to the list
|
||||
* __audit_getname - add a name to the list
|
||||
* @name: name to add
|
||||
*
|
||||
* Add a name to the list of audit names for this context.
|
||||
|
@ -2135,7 +2135,7 @@ void __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
|
|||
}
|
||||
|
||||
/**
|
||||
* audit_ipc_obj - record audit data for ipc object
|
||||
* __audit_ipc_obj - record audit data for ipc object
|
||||
* @ipcp: ipc permissions
|
||||
*
|
||||
*/
|
||||
|
@ -2151,7 +2151,7 @@ void __audit_ipc_obj(struct kern_ipc_perm *ipcp)
|
|||
}
|
||||
|
||||
/**
|
||||
* audit_ipc_set_perm - record audit data for new ipc permissions
|
||||
* __audit_ipc_set_perm - record audit data for new ipc permissions
|
||||
* @qbytes: msgq bytes
|
||||
* @uid: msgq user id
|
||||
* @gid: msgq group id
|
||||
|
@ -2180,7 +2180,7 @@ void __audit_bprm(struct linux_binprm *bprm)
|
|||
|
||||
|
||||
/**
|
||||
* audit_socketcall - record audit data for sys_socketcall
|
||||
* __audit_socketcall - record audit data for sys_socketcall
|
||||
* @nargs: number of args, which should not be more than AUDITSC_ARGS.
|
||||
* @args: args array
|
||||
*
|
||||
|
@ -2211,7 +2211,7 @@ void __audit_fd_pair(int fd1, int fd2)
|
|||
}
|
||||
|
||||
/**
|
||||
* audit_sockaddr - record audit data for sys_bind, sys_connect, sys_sendto
|
||||
* __audit_sockaddr - record audit data for sys_bind, sys_connect, sys_sendto
|
||||
* @len: data length in user space
|
||||
* @a: data address in kernel space
|
||||
*
|
||||
|
|
|
@ -197,8 +197,6 @@ void __init avc_init(void)
|
|||
avc_xperms_data_cachep = kmem_cache_create("avc_xperms_data",
|
||||
sizeof(struct extended_perms_data),
|
||||
0, SLAB_PANIC, NULL);
|
||||
|
||||
audit_log(current->audit_context, GFP_KERNEL, AUDIT_KERNEL, "AVC INITIALIZED\n");
|
||||
}
|
||||
|
||||
int avc_get_hash_stats(char *page)
|
||||
|
|
Loading…
Reference in New Issue