[PATCH-v2 -mm 0/9] LSM-neutral Audit (SELinux audit separation)
Ahmed S. Darwish
darwish.07 at gmail.com
Sat Mar 1 19:47:52 UTC 2008
Hi everybody,
A series of 9 patches to let Audit be LSM netural. This is done
for proper future audit<->SMACK integration which will also be
useful for any future LSM.
Basically, patches add below new LSM hooks:
1- secid extraction:
inode_getsecid(inode, secid)
ipc_getsecid(ipcp, secid)
2- LSM-specific Audit rules manipulation:
audit_rule_init(field, op, rulestr, lsmrule)
audit_rule_known(krule)
audit_rule_match(secid, field, op, rule, actx)
audit_rule_free(rule)
and remove ,now redundant, equivalent SELinux exported interfaces.
Initial work and idea by: Casey Schaufler <casey at schaufler-ca.com>
Thanks to Paul Moore <paul.moore at hp.com> for his deep review of first
version.
include/linux/audit.h | 29 ++++++++
include/linux/security.h | 102 +++++++++++++++++++++++++++++
include/linux/selinux.h | 134 ---------------------------------------
kernel/audit.c | 24 ++----
kernel/audit.h | 25 -------
kernel/auditfilter.c | 99 ++++++++++------------------
kernel/auditsc.c | 74 +++++++++++----------
net/netlink/af_netlink.c | 3 +-
security/dummy.c | 47 +++++++++++++
security/security.c | 35 ++++++++++
security/selinux/exports.c | 42 ------------
security/selinux/hooks.c | 27 +++++++
security/selinux/include/audit.h | 65 ++++++++++++++++++
security/selinux/ss/services.c | 45 +++++++++----
14 files changed, 420 insertions(+), 331 deletions(-)
Regards,
--
"Better to light a candle, than curse the darkness"
Ahmed S. Darwish
Homepage: http://darwish.07.googlepages.com
Blog: http://darwish-07.blogspot.com
More information about the Linux-audit
mailing list