[GIT PULL] Audit patches for 4.8
Paul Moore
pmoore at redhat.com
Thu Jul 28 07:31:39 UTC 2016
Hi Linus,
Six audit patches for 4.8. There are a couple of style and minor whitespace
tweaks for the logs, as well as a minor fixup to catch errors on user filter
rules, however the major improvements are a fix to the s390 syscall argument
masking code (reviewed by the nice s390 folks), some consolidation around the
exclude filtering (less code, always a win), and a double-fetch fix for
recording the execve arguments. Please pull for 4.8.
Thanks,
-Paul
---
The following changes since commit 2dcd0af568b0cf583645c8a317dd12e344b1c72a:
Linux 4.6 (2016-05-15 15:43:13 -0700)
are available in the git repository at:
git://git.infradead.org/users/pcmoore/audit stable-4.8
for you to fetch changes up to 43761473c254b45883a64441dd0bc85a42f3645c:
audit: fix a double fetch in audit_log_single_execve_arg()
(2016-07-20 14:15:46 -0400)
----------------------------------------------------------------
Paul Moore (3):
audit: fix some horrible switch statement style crimes
s390: ensure that syscall arguments are properly masked on s390
audit: fix a double fetch in audit_log_single_execve_arg()
Richard Guy Briggs (2):
audit: fixup: log on errors from filter user rules
audit: add fields to exclude filter by reusing user filter
Steve Grubb (1):
audit: fix whitespace in CWD record
arch/s390/kernel/ptrace.c | 10 +-
include/linux/audit.h | 2 -
kernel/audit.c | 4 +-
kernel/audit.h | 2 +
kernel/auditfilter.c | 147 +++++++-------------
kernel/auditsc.c | 342 +++++++++++++++++++++---------------------
6 files changed, 235 insertions(+), 272 deletions(-)
--
paul moore
security @ redhat
More information about the Linux-audit
mailing list