diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2018-06-07 02:34:00 +0300 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2018-06-07 02:34:00 +0300 |
commit | 8b5c6a3a49d9ebc7dc288870b9c56c4f946035d8 (patch) | |
tree | c70c88f0ee12cd59878c2c4da29d4984954ba7d6 /net | |
parent | 8b70543e9af036984a52800811416b74978ae4de (diff) | |
parent | 5b71388663c0920848c0ee7de946970a2692b76d (diff) | |
download | linux-8b5c6a3a49d9ebc7dc288870b9c56c4f946035d8.tar.xz |
Merge tag 'audit-pr-20180605' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit
Pull audit updates from Paul Moore:
"Another reasonable chunk of audit changes for v4.18, thirteen patches
in total.
The thirteen patches can mostly be broken down into one of four
categories: general bug fixes, accessor functions for audit state
stored in the task_struct, negative filter matches on executable
names, and extending the (relatively) new seccomp logging knobs to the
audit subsystem.
The main driver for the accessor functions from Richard are the
changes we're working on to associate audit events with containers,
but I think they have some standalone value too so I figured it would
be good to get them in now.
The seccomp/audit patches from Tyler apply the seccomp logging
improvements from a few releases ago to audit's seccomp logging;
starting with this patchset the changes in
/proc/sys/kernel/seccomp/actions_logged should apply to both the
standard kernel logging and audit.
As usual, everything passes the audit-testsuite and it happens to
merge cleanly with your tree"
[ Heh, except it had trivial merge conflicts with the SELinux tree that
also came in from Paul - Linus ]
* tag 'audit-pr-20180605' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit:
audit: Fix wrong task in comparison of session ID
audit: use existing session info function
audit: normalize loginuid read access
audit: use new audit_context access funciton for seccomp_actions_logged
audit: use inline function to set audit context
audit: use inline function to get audit context
audit: convert sessionid unset to a macro
seccomp: Don't special case audited processes when logging
seccomp: Audit attempts to modify the actions_logged sysctl
seccomp: Configurable separator for the actions_logged string
seccomp: Separate read and write code for actions_logged sysctl
audit: allow not equal op for audit by executable
audit: add syscall information to FEATURE_CHANGE records
Diffstat (limited to 'net')
-rw-r--r-- | net/bridge/netfilter/ebtables.c | 2 | ||||
-rw-r--r-- | net/core/dev.c | 18 | ||||
-rw-r--r-- | net/netfilter/x_tables.c | 2 | ||||
-rw-r--r-- | net/netlabel/netlabel_user.c | 2 |
4 files changed, 12 insertions, 12 deletions
diff --git a/net/bridge/netfilter/ebtables.c b/net/bridge/netfilter/ebtables.c index 6ba639f6c51d..0e27c51331fb 100644 --- a/net/bridge/netfilter/ebtables.c +++ b/net/bridge/netfilter/ebtables.c @@ -1062,7 +1062,7 @@ static int do_replace_finish(struct net *net, struct ebt_replace *repl, #ifdef CONFIG_AUDIT if (audit_enabled) { - audit_log(current->audit_context, GFP_KERNEL, + audit_log(audit_context(), GFP_KERNEL, AUDIT_NETFILTER_CFG, "table=%s family=%u entries=%u", repl->name, AF_BRIDGE, repl->nentries); diff --git a/net/core/dev.c b/net/core/dev.c index 983b277a1229..9c149238a4ce 100644 --- a/net/core/dev.c +++ b/net/core/dev.c @@ -6731,15 +6731,15 @@ static int __dev_set_promiscuity(struct net_device *dev, int inc, bool notify) dev->flags & IFF_PROMISC ? "entered" : "left"); if (audit_enabled) { current_uid_gid(&uid, &gid); - audit_log(current->audit_context, GFP_ATOMIC, - AUDIT_ANOM_PROMISCUOUS, - "dev=%s prom=%d old_prom=%d auid=%u uid=%u gid=%u ses=%u", - dev->name, (dev->flags & IFF_PROMISC), - (old_flags & IFF_PROMISC), - from_kuid(&init_user_ns, audit_get_loginuid(current)), - from_kuid(&init_user_ns, uid), - from_kgid(&init_user_ns, gid), - audit_get_sessionid(current)); + audit_log(audit_context(), GFP_ATOMIC, + AUDIT_ANOM_PROMISCUOUS, + "dev=%s prom=%d old_prom=%d auid=%u uid=%u gid=%u ses=%u", + dev->name, (dev->flags & IFF_PROMISC), + (old_flags & IFF_PROMISC), + from_kuid(&init_user_ns, audit_get_loginuid(current)), + from_kuid(&init_user_ns, uid), + from_kgid(&init_user_ns, gid), + audit_get_sessionid(current)); } dev_change_rx_flags(dev, IFF_PROMISC); diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c index 55cb4d197184..df9ab71b0ed9 100644 --- a/net/netfilter/x_tables.c +++ b/net/netfilter/x_tables.c @@ -1420,7 +1420,7 @@ xt_replace_table(struct xt_table *table, #ifdef CONFIG_AUDIT if (audit_enabled) { - audit_log(current->audit_context, GFP_KERNEL, + audit_log(audit_context(), GFP_KERNEL, AUDIT_NETFILTER_CFG, "table=%s family=%u entries=%u", table->name, table->af, private->number); diff --git a/net/netlabel/netlabel_user.c b/net/netlabel/netlabel_user.c index 58495f44c62a..2f328af91a52 100644 --- a/net/netlabel/netlabel_user.c +++ b/net/netlabel/netlabel_user.c @@ -104,7 +104,7 @@ struct audit_buffer *netlbl_audit_start_common(int type, if (audit_enabled == 0) return NULL; - audit_buf = audit_log_start(current->audit_context, GFP_ATOMIC, type); + audit_buf = audit_log_start(audit_context(), GFP_ATOMIC, type); if (audit_buf == NULL) return NULL; |