lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <CAHC9VhRQ3MyTbqFCnagVyTKOcf_R6TQ0t6km8k=vso4SH-VKVw@mail.gmail.com>
Date:   Mon, 13 Nov 2017 15:37:08 -0500
From:   Paul Moore <paul@...l-moore.com>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
Cc:     linux-audit@...hat.com, linux-kernel@...r.kernel.org
Subject: [GIT PULL] Audit patches for v4.15

Hi Linus,

Another relatively small pull request for audit, nine patches total.
The only real new bit of functionality is the patch from Richard which
adds the ability to filter records based on the filesystem type.  The
remainder are bug fixes and cleanups; the bug fix highlights include:
ensuring that we properly audit init/PID-1 (me), and allowing the
audit daemon to shutdown the kernel/auditd connection cleanly by
setting the audit PID to zero (Steve).

Please merge for v4.14.

Thanks,
-Paul

---
The following changes since commit 196a5085592c62ffa4eb739d7ce49c040c2953a1:

 audit: update the function comments (2017-09-05 09:46:59 -0400)

are available in the Git repository at:

 git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git
  tags/audit-pr-20171113

for you to fetch changes up to 42d5e37654e4cdb9fb2e2f3ab30045fee35c42d8:

 audit: filter PATH records keyed on filesystem magic
  (2017-11-10 16:08:56 -0500)

----------------------------------------------------------------
audit/stable-4.15 PR 20171113

----------------------------------------------------------------
Casey Schaufler (1):
     Audit: remove unused audit_log_secctx function

Paul Moore (5):
     audit: ensure that 'audit=1' actually enables audit for PID 1
     audit: initialize the audit subsystem as early as possible
     audit: don't use simple_strtol() anymore
     audit: convert audit_ever_enabled to a boolean
     audit: use audit_set_enabled() in audit_enable()

Richard Guy Briggs (1):
     audit: filter PATH records keyed on filesystem magic

Steve Grubb (2):
     audit: Add new syscalls to the perm=w filter
     audit: Allow auditd to set pid to 0 to end auditing

include/asm-generic/audit_dir_write.h |  3 ++
include/asm-generic/audit_write.h     |  3 ++
include/linux/audit.h                 |  8 ----
include/uapi/linux/audit.h            |  8 +++-
kernel/audit.c                        | 76 +++++++++++--------------------
kernel/audit.h                        |  2 +-
kernel/auditfilter.c                  | 39 ++++++++++++++----
kernel/auditsc.c                      | 23 +++++++++++
8 files changed, 97 insertions(+), 65 deletions(-)

-- 
paul moore
www.paul-moore.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ