[GIT PULL] Audit subsystem for v3.15
From: Eric Paris
Date: Thu Apr 10 2014 - 19:54:27 EST
Linus,
Please pull the audit tree for v3.15. You will have merge conflicts.
I'll publish my branch "merge-test" where I attempted to resolve them
the way you will.
The main issue is an across tree change to syscall_get_arch(). I change
it from taking a task_struct and pt_regs to take a void. Not a single
arch used or needed either of these arguments. (For 3.16 we plan to
implement the function on more arches)
There are a couple of conflicts where I made changes to #includes and
your tree also has some additions. Should be obvious.
Two conflict issues with Kconfig changes. The first is just that your
tree has some additional 'select' lines mine didn't. Obvious to
resolve.
The second is a conflict in init/Kconfig. I don't completely understand
it. I believe it was the addition of ALPHA to the gigantic depends
line. I cherry-picked the patch from your tree that introduced ALPHA
before I made the switch to HAVE_ARCH_AUDITSYSCALL. I believed that
would avoid the conflict, but I guess I was wrong. In any case, I have
the 'select HAVE_ARCH_AUDITSYSCALL' in alpha.
There is also a conflict given the last second EPERM->ECONNREFUSED
switcheroo. My 3.15 is less restrictive. We return ECONNREFUSED only
for non-init username. Should be another easy one...
Please let me know if anything isn't easy/obvious for you!
Thank you!
-Eric
The following changes since commit b7d3622a39fde7658170b7f3cf6c6889bb8db30d:
Merge tag 'v3.13' into for-3.15 (2014-03-07 11:41:32 -0500)
are available in the git repository at:
git://git.infradead.org/users/eparis/audit.git master
for you to fetch changes up to 312103d64d0fcadb332899a2c84b357ddb18f4e3:
AUDIT: make audit_is_compat depend on CONFIG_AUDIT_COMPAT_GENERIC (2014-04-10 17:51:29 -0400)
----------------------------------------------------------------
AKASHI Takahiro (2):
audit: Add CONFIG_HAVE_ARCH_AUDITSYSCALL
audit: Add generic compat syscall support
Chris Metcalf (1):
AUDIT: make audit_is_compat depend on CONFIG_AUDIT_COMPAT_GENERIC
Eric Paris (7):
audit: include subject in login records
syscall_get_arch: remove useless function arguments
audit: use uapi/linux/audit.h for AUDIT_ARCH declarations
audit: define audit_is_compat in kernel internal header
AUDIT: Allow login in non-init namespaces
audit: do not cast audit_rule_data pointers pointlesly
audit: renumber AUDIT_FEATURE_CHANGE into the 1300 range
Eric W. Biederman (2):
audit: Use struct net not pid_t to remember the network namespce to reply in
audit: Send replies in the proper network namespace.
Joe Perches (1):
audit: remove stray newline from audit_log_execve_info() audit_panic() call
Josh Boyer (1):
audit: remove stray newlines from audit_log_lost messages
Monam Agarwal (1):
kernel: Use RCU_INIT_POINTER(x, NULL) in audit.c
Richard Guy Briggs (9):
audit: Use more current logging style again
capabilities: add descriptions for AUDIT_CONTROL and AUDIT_WRITE
audit: rename the misleading audit_get_context() to audit_take_context()
pid: get pid_t ppid of task in init_pid_ns
audit: convert PPIDs to the inital PID namespace.
audit: anchor all pid references in the initial pid namespace
audit: allow user processes to log from another PID namespace
audit: remove superfluous new- prefix in AUDIT_LOGIN messages
sched: declare pid_alive as inline
William Roberts (3):
mm: Create utility function for accessing a tasks commandline value
proc: Update get proc_pid_cmdline() to use mm.h helpers
audit: Audit proc/<pid>/cmdline aka proctitle
èæé (1):
alpha: Enable system-call auditing support.
arch/alpha/Kconfig | 4 ++++
arch/alpha/include/asm/ptrace.h | 5 +++++
arch/alpha/include/asm/thread_info.h | 2 ++
arch/alpha/kernel/Makefile | 1 +
arch/alpha/kernel/audit.c | 60 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
arch/alpha/kernel/entry.S | 6 +++++-
arch/alpha/kernel/ptrace.c | 4 ++++
arch/arm/Kconfig | 1 +
arch/arm/include/asm/syscall.h | 5 ++---
arch/ia64/Kconfig | 1 +
arch/mips/include/asm/syscall.h | 4 ++--
arch/mips/kernel/ptrace.c | 2 +-
arch/parisc/Kconfig | 1 +
arch/powerpc/Kconfig | 1 +
arch/s390/Kconfig | 1 +
arch/s390/include/asm/syscall.h | 7 +++----
arch/sh/Kconfig | 1 +
arch/sparc/Kconfig | 1 +
arch/um/Kconfig.common | 1 +
arch/x86/Kconfig | 1 +
arch/x86/include/asm/syscall.h | 10 ++++------
drivers/tty/tty_audit.c | 3 ++-
fs/proc/base.c | 36 ++----------------------------------
include/asm-generic/syscall.h | 4 +---
include/linux/audit.h | 17 ++++++++++++++++-
include/linux/mm.h | 1 +
include/linux/sched.h | 20 +++++++++++++++++++-
include/uapi/linux/audit.h | 3 ++-
include/uapi/linux/capability.h | 4 ++++
init/Kconfig | 5 ++++-
kernel/audit.c | 66 ++++++++++++++++++++++++++++++++++++++++-------------------------
kernel/audit.h | 8 +++++++-
kernel/auditfilter.c | 41 +++++++++++++++++++++++++++++++----------
kernel/auditsc.c | 133 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++---------------------------------
kernel/seccomp.c | 4 ++--
lib/Kconfig | 9 +++++++++
lib/Makefile | 1 +
lib/audit.c | 15 ++++++++++++++-
lib/compat_audit.c | 50 +++++++++++++++++++++++++++++++++++++++++++++++++
mm/util.c | 48 +++++++++++++++++++++++++++++++++++++++++++++++
security/integrity/integrity_audit.c | 2 +-
security/lsm_audit.c | 11 +++++++----
42 files changed, 464 insertions(+), 136 deletions(-)
create mode 100644 arch/alpha/kernel/audit.c
create mode 100644 lib/compat_audit.c
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/