rpms/kernel/devel linux-2.6-audit-new-msg-types.patch, NONE, 1.1 kernel-2.6.spec, 1.1878, 1.1879
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Fri Jan 27 18:51:45 UTC 2006
Author: davej
Update of /cvs/dist/rpms/kernel/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv21147
Modified Files:
kernel-2.6.spec
Added Files:
linux-2.6-audit-new-msg-types.patch
Log Message:
new audit msg types.
linux-2.6-audit-new-msg-types.patch:
include/linux/audit.h | 19 +++++++++++++++----
kernel/audit.c | 2 ++
security/selinux/nlmsgtab.c | 6 ++++--
3 files changed, 21 insertions(+), 6 deletions(-)
--- NEW FILE linux-2.6-audit-new-msg-types.patch ---
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -33,11 +33,20 @@
* 1200 - 1299 messages internal to the audit daemon
* 1300 - 1399 audit event messages
* 1400 - 1499 SE Linux use
- * 1500 - 1999 future use
- * 2000 is for otherwise unclassified kernel audit messages
+ * 1500 - 1599 kernel LSPP events
+ * 1600 - 1699 kernel crypto events
+ * 1700 - 1999 future kernel use (maybe integrity labels and related events)
+ * 2000 is for otherwise unclassified kernel audit messages (legacy)
+ * 2001 - 2099 unused (kernel)
+ * 2100 - 2199 user space anomaly records
+ * 2200 - 2299 user space actions taken in response to anomalies
+ * 2300 - 2399 user space generated LSPP events
+ * 2400 - 2499 user space crypto events
+ * 2500 - 2999 future user space (maybe integrity labels and related events)
*
- * Messages from 1000-1199 are bi-directional. 1200-1299 are exclusively user
- * space. Anything over that is kernel --> user space communication.
+ * Messages from 1000-1199 are bi-directional. 1200-1299 & 2100 - 2999 are
+ * exclusively user space. 1300-2099 is kernel --> user space
+ * communication.
*/
#define AUDIT_GET 1000 /* Get status */
#define AUDIT_SET 1001 /* Set status (enable/disable/auditd) */
@@ -54,6 +63,8 @@
#define AUDIT_FIRST_USER_MSG 1100 /* Userspace messages mostly uninteresting to kernel */
#define AUDIT_USER_AVC 1107 /* We filter this differently */
#define AUDIT_LAST_USER_MSG 1199
+#define AUDIT_FIRST_USER_MSG2 2100 /* More user space messages */
+#define AUDIT_LAST_USER_MSG2 2999
#define AUDIT_DAEMON_START 1200 /* Daemon startup record */
#define AUDIT_DAEMON_END 1201 /* Daemon normal stop record */
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -367,6 +367,7 @@ static int audit_netlink_ok(kernel_cap_t
break;
case AUDIT_USER:
case AUDIT_FIRST_USER_MSG...AUDIT_LAST_USER_MSG:
+ case AUDIT_FIRST_USER_MSG2...AUDIT_LAST_USER_MSG2:
if (!cap_raised(eff_cap, CAP_AUDIT_WRITE))
err = -EPERM;
break;
@@ -447,6 +448,7 @@ static int audit_receive_msg(struct sk_b
break;
case AUDIT_USER:
case AUDIT_FIRST_USER_MSG...AUDIT_LAST_USER_MSG:
+ case AUDIT_FIRST_USER_MSG2...AUDIT_LAST_USER_MSG2:
if (!audit_enabled && msg_type != AUDIT_USER_AVC)
return 0;
--- a/security/selinux/nlmsgtab.c
+++ b/security/selinux/nlmsgtab.c
@@ -145,8 +145,10 @@ int selinux_nlmsg_lookup(u16 sclass, u16
break;
case SECCLASS_NETLINK_AUDIT_SOCKET:
- if (nlmsg_type >= AUDIT_FIRST_USER_MSG &&
- nlmsg_type <= AUDIT_LAST_USER_MSG) {
+ if ((nlmsg_type >= AUDIT_FIRST_USER_MSG &&
+ nlmsg_type <= AUDIT_LAST_USER_MSG) ||
+ (nlmsg_type >= AUDIT_FIRST_USER_MSG2 &&
+ nlmsg_type <= AUDIT_LAST_USER_MSG2)) {
*perm = NETLINK_AUDIT_SOCKET__NLMSG_RELAY;
} else {
err = nlmsg_perm(nlmsg_type, perm, nlmsg_audit_perms,
Index: kernel-2.6.spec
===================================================================
RCS file: /cvs/dist/rpms/kernel/devel/kernel-2.6.spec,v
retrieving revision 1.1878
retrieving revision 1.1879
diff -u -r1.1878 -r1.1879
--- kernel-2.6.spec 27 Jan 2006 04:07:58 -0000 1.1878
+++ kernel-2.6.spec 27 Jan 2006 18:51:42 -0000 1.1879
@@ -352,6 +352,7 @@
Patch1790: linux-2.6-softcursor-persistent-alloc.patch
Patch1800: linux-2.6-pwc-powerup-by-default.patch
Patch1810: linux-2.6-smsc-ircc2-pnp.patch
+Patch1820: linux-2.6-audit-new-msg-types.patch
Patch1830: linux-2.6-w1-hush-debug.patch
Patch1840: linux-2.6-x86-hp-reboot.patch
Patch1850: linux-2.6-mv643xx-compile-fix.patch
@@ -837,6 +838,7 @@
%patch1800 -p1
# PNP support for smsc-ircc2
%patch1810 -p1
+%patch1820 -p1
# Silence debug messages in w1
%patch1830 -p1
# Reboot through BIOS on HP laptops.
@@ -1369,6 +1371,9 @@
%endif
%changelog
+* Fti Jan 27 2006 Dave Jones <davej at redhat.com>
+- New userspace audit message types.
+
* Thu Jan 26 2006 Dave Jones <davej at redhat.com>
- Fix building of kdump kernels.
- Fix slab corruption in network layer.
More information about the fedora-cvs-commits
mailing list