linux/kernel/auditsc.c, branch v2.6.20 Mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ https://git.shady.money/linux/atom?h=v2.6.20 2006-12-08T16:28:46Z [PATCH] struct path: convert kernel 2006-12-08T16:28:46Z Josef Sipek jsipek@fsl.cs.sunysb.edu 2006-12-08T10:37:17Z urn:sha1:a7a005fd12b84392becca311f2a20d5bf2a1b7af Signed-off-by: Josef Sipek <jsipek@fsl.cs.sunysb.edu> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org> [PATCH] tty: ->signal->tty locking 2006-12-08T16:28:38Z Peter Zijlstra a.p.zijlstra@chello.nl 2006-12-08T10:36:04Z urn:sha1:24ec839c431eb79bb8f6abc00c4e1eb3b8c4d517 Fix the locking of signal->tty. Use ->sighand->siglock to protect ->signal->tty; this lock is already used by most other members of ->signal/->sighand. And unless we are 'current' or the tasklist_lock is held we need ->siglock to access ->signal anyway. (NOTE: sys_unshare() is broken wrt ->sighand locking rules) Note that tty_mutex is held over tty destruction, so while holding tty_mutex any tty pointer remains valid. Otherwise the lifetime of ttys are governed by their open file handles. This leaves some holes for tty access from signal->tty (or any other non file related tty access). It solves the tty SLAB scribbles we were seeing. (NOTE: the change from group_send_sig_info to __group_send_sig_info needs to be examined by someone familiar with the security framework, I think it is safe given the SEND_SIG_PRIV from other __group_send_sig_info invocations) [schwidefsky@de.ibm.com: 3270 fix] [akpm@osdl.org: various post-viro fixes] Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl> Acked-by: Alan Cox <alan@redhat.com> Cc: Oleg Nesterov <oleg@tv-sign.ru> Cc: Prarit Bhargava <prarit@redhat.com> Cc: Chris Wright <chrisw@sous-sol.org> Cc: Roland McGrath <roland@redhat.com> Cc: Stephen Smalley <sds@tycho.nsa.gov> Cc: James Morris <jmorris@namei.org> Cc: "David S. Miller" <davem@davemloft.net> Cc: Jeff Dike <jdike@addtoit.com> Cc: Martin Schwidefsky <schwidefsky@de.ibm.com> Cc: Jan Kara <jack@ucw.cz> Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org> audit: Add auditing to ipsec 2006-12-07T04:14:22Z Joy Latten latten@austin.ibm.com 2006-11-27T19:11:54Z urn:sha1:161a09e737f0761ca064ee6a907313402f7a54b6 An audit message occurs when an ipsec SA or ipsec policy is created/deleted. Signed-off-by: Joy Latten <latten@austin.ibm.com> Signed-off-by: James Morris <jmorris@namei.org> Signed-off-by: David S. Miller <davem@davemloft.net> [PATCH] severing skbuff.h -> highmem.h 2006-12-04T07:00:29Z Al Viro viro@zeniv.linux.org.uk 2006-10-19T20:08:53Z urn:sha1:a1f8e7f7fb9d7e2cbcb53170edca7c0ac4680697 Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> [PATCH] name_count array overrun 2006-10-04T12:31:21Z Steve Grubb sgrubb@redhat.com 2006-09-28T18:31:32Z urn:sha1:ac9910ce017ff5f86f3a25e969b2c4f5d6ac438f Hi, This patch removes the rdev logging from the previous patch The below patch closes an unbounded use of name_count. This can lead to oopses in some new file systems. Signed-off-by: Steve Grubb <sgrubb@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> [PATCH] PPID filtering fix 2006-10-04T12:31:19Z Alexander Viro aviro@redhat.com 2006-09-29T04:08:50Z urn:sha1:419c58f11fb732cc8bd1335fa43e0decb34e0be3 On Thu, Sep 28, 2006 at 04:03:06PM -0400, Eric Paris wrote: > After some looking I did not see a way to get into audit_log_exit > without having set the ppid. So I am dropping the set from there and > only doing it at the beginning. > > Please comment/ack/nak as soon as possible. Ehh... That's one hell of an overhead to be had ;-/ Let's be lazy. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> [PATCH] audit/accounting: tty locking 2006-09-29T16:18:25Z Alan Cox alan@lxorguk.ukuu.org.uk 2006-09-29T09:01:41Z urn:sha1:eb84a20e9e6b98dcb33023ad22241d79107a08a7 Add tty locking around the audit and accounting code. The whole current->signal-> locking is all deeply strange but it's for someone else to sort out. Add rather than replace the lock for acct.c Signed-off-by: Alan Cox <alan@redhat.com> Acked-by: Arjan van de Ven <arjan@linux.intel.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: Oleg Nesterov <oleg@tv-sign.ru> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org> [PATCH] selinux: rename selinux_ctxid_to_string 2006-09-26T15:48:52Z Stephen Smalley sds@tycho.nsa.gov 2006-09-26T06:31:57Z urn:sha1:1a70cd40cb291c25b67ec0da715a49d76719329d Rename selinux_ctxid_to_string to selinux_sid_to_string to be consistent with other interfaces. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Acked-by: James Morris <jmorris@namei.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org> [PATCH] selinux: eliminate selinux_task_ctxid 2006-09-26T15:48:52Z Stephen Smalley sds@tycho.nsa.gov 2006-09-26T06:31:56Z urn:sha1:62bac0185ad3dfef11d9602980445c54d45199c6 Eliminate selinux_task_ctxid since it duplicates selinux_task_get_sid. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Acked-by: James Morris <jmorris@namei.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org> [PATCH] audit: AUDIT_PERM support 2006-09-11T17:32:30Z Al Viro viro@zeniv.linux.org.uk 2006-08-31T23:26:40Z urn:sha1:55669bfa141b488be865341ed12e188967d11308 add support for AUDIT_PERM predicate Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>