lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Mon, 23 Dec 2013 17:27:34 -0500
From:	Richard Guy Briggs <>
Cc:	Richard Guy Briggs <>,
	Eric Paris <>,
	Peter Zijlstra <>,
	Ingo Molnar <>,
	John Johansen <>,
	"Eric W. Biederman" <>,
	Oleg Nesterov <>
Subject: [PATCH 0/5][RFC][v2] steps to make audit pid namespace-safe

This patchset is a revival of some of Eric Biederman's work to make audit

In a couple of places, audit was printing PIDs in the task's pid namespace
rather than relative to the audit daemon's pid namespace, which currently is

It also allows processes to log audit user messages in their own pid
namespaces, which was not previously permitted.  Please see:

Part of the cleanup here involves deprecating task->pid and task->tgid, which
should be accessed using their respective helper functions.


Richard Guy Briggs (5):
  pid: get pid_t ppid of task in init_pid_ns
  audit: convert PPIDs to the inital PID namespace.
  audit: store audit_pid as a struct pid pointer
  audit: anchor all pid references in the initial pid namespace
  audit: allow user processes to log from another PID namespace

 drivers/tty/tty_audit.c              |    3 +-
 include/linux/sched.h                |   24 +++++++++++++++
 kernel/audit.c                       |   54 ++++++++++++++++++++++++----------
 kernel/audit.h                       |    4 +-
 kernel/auditfilter.c                 |   17 ++++++++++-
 kernel/auditsc.c                     |   24 ++++++++-------
 security/apparmor/audit.c            |    2 +-
 security/integrity/integrity_audit.c |    2 +-
 security/lsm_audit.c                 |   11 ++++--
 9 files changed, 104 insertions(+), 37 deletions(-)

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
More majordomo info at
Please read the FAQ at

Powered by blists - more mailing lists