| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 5 Jun 2018 20:48:40 -0400
From: Paul Moore <paul@...l-moore.com>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: linux-audit@...hat.com, linux-kernel@...r.kernel.org
Subject: [GIT PULL] Audit patches for v4.18
Hi Linus,
Another reasonable chunk of audit changes for v4.18, thirteen patches
in total. The thirteen patches can mostly be broken down into one of
four categories: general bug fixes, accessor functions for audit state
stored in the task_struct, negative filter matches on executable
names, and extending the (relatively) new seccomp logging knobs to the
audit subsystem. The main driver for the accessor functions from
Richard are the changes we're working on to associate audit events
with containers, but I think they have some standalone value too so I
figured it would be good to get them in now. The seccomp/audit
patches from Tyler apply the seccomp logging improvements from a few
releases ago to audit's seccomp logging; starting with this patchset
the changes in /proc/sys/kernel/seccomp/actions_logged should apply to
both the standard kernel logging and audit.
As usual, everything passes the audit-testsuite and it happens to
merge cleanly with your tree.
Please pull, thanks.
-Paul
--
The following changes since commit 60cc43fc888428bb2f18f08997432d426a243338:
Linux 4.17-rc1 (2018-04-15 18:24:20 -0700)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git
tags/audit-pr-20180605
for you to fetch changes up to 5b71388663c0920848c0ee7de946970a2692b76d:
audit: Fix wrong task in comparison of session ID
(2018-05-21 14:27:43 -0400)
----------------------------------------------------------------
audit/stable-4.18 PR 20180605
----------------------------------------------------------------
Ondrej Mosnáček (2):
audit: allow not equal op for audit by executable
audit: Fix wrong task in comparison of session ID
Richard Guy Briggs (7):
audit: add syscall information to FEATURE_CHANGE records
audit: convert sessionid unset to a macro
audit: use inline function to get audit context
audit: use inline function to set audit context
audit: use new audit_context access funciton for seccomp_actions_logged
audit: normalize loginuid read access
audit: use existing session info function
Tyler Hicks (4):
seccomp: Separate read and write code for actions_logged sysctl
seccomp: Configurable separator for the actions_logged string
seccomp: Audit attempts to modify the actions_logged sysctl
seccomp: Don't special case audited processes when logging
Documentation/userspace-api/seccomp_filter.rst | 7 --
include/linux/audit.h | 39 ++++---
include/net/xfrm.h | 4 +-
include/uapi/linux/audit.h | 1 +
init/init_task.c | 3 +-
kernel/audit.c | 6 +-
kernel/audit_watch.c | 2 +-
kernel/auditfilter.c | 6 +-
kernel/auditsc.c | 135 ++++++++++++++++---------
kernel/fork.c | 2 +-
kernel/seccomp.c | 126 ++++++++++++++++-------
net/bridge/netfilter/ebtables.c | 2 +-
net/core/dev.c | 18 ++--
net/netfilter/x_tables.c | 2 +-
net/netlabel/netlabel_user.c | 2 +-
security/integrity/ima/ima_api.c | 2 +-
security/integrity/integrity_audit.c | 2 +-
security/lsm_audit.c | 2 +-
security/selinux/hooks.c | 7 +-
security/selinux/selinuxfs.c | 6 +-
security/selinux/ss/services.c | 12 +--
21 files changed, 242 insertions(+), 144 deletions(-)
--
paul moore
www.paul-moore.com
Powered by blists - more mailing lists