]> nv-tegra.nvidia Code Review - linux-2.6.git/commitdiff
Merge branch 'audit.b3' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit...
authorLinus Torvalds <torvalds@g5.osdl.org>
Sat, 25 Mar 2006 17:24:53 +0000 (09:24 -0800)
committerLinus Torvalds <torvalds@g5.osdl.org>
Sat, 25 Mar 2006 17:24:53 +0000 (09:24 -0800)
* 'audit.b3' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current: (22 commits)
  [PATCH] fix audit_init failure path
  [PATCH] EXPORT_SYMBOL patch for audit_log, audit_log_start, audit_log_end and audit_format
  [PATCH] sem2mutex: audit_netlink_sem
  [PATCH] simplify audit_free() locking
  [PATCH] Fix audit operators
  [PATCH] promiscuous mode
  [PATCH] Add tty to syscall audit records
  [PATCH] add/remove rule update
  [PATCH] audit string fields interface + consumer
  [PATCH] SE Linux audit events
  [PATCH] Minor cosmetic cleanups to the code moved into auditfilter.c
  [PATCH] Fix audit record filtering with !CONFIG_AUDITSYSCALL
  [PATCH] Fix IA64 success/failure indication in syscall auditing.
  [PATCH] Miscellaneous bug and warning fixes
  [PATCH] Capture selinux subject/object context information.
  [PATCH] Exclude messages by message type
  [PATCH] Collect more inode information during syscall processing.
  [PATCH] Pass dentry, not just name, in fsnotify creation hooks.
  [PATCH] Define new range of userspace messages.
  [PATCH] Filter rule comparators
  ...

Fixed trivial conflict in security/selinux/hooks.c

14 files changed:
1  2 
fs/namei.c
fs/open.c
include/linux/fsnotify.h
include/linux/security.h
ipc/msg.c
ipc/shm.c
kernel/Makefile
kernel/auditsc.c
net/core/dev.c
security/dummy.c
security/selinux/hooks.c
security/selinux/nlmsgtab.c
security/selinux/selinuxfs.c
security/selinux/ss/services.c

diff --cc fs/namei.c
Simple merge
diff --cc fs/open.c
Simple merge
index f7e517c1f1bdb493d9e02c729afc6f6755d24252,94919c376a723ad50804af9a85921b309b5eb171..11438eff4d4455573f76789edfd5ffb0cc646473
  
  #include <linux/dnotify.h>
  #include <linux/inotify.h>
+ #include <linux/audit.h>
  
 +/*
 + * fsnotify_d_instantiate - instantiate a dentry for inode
 + * Called with dcache_lock held.
 + */
 +static inline void fsnotify_d_instantiate(struct dentry *entry,
 +                                              struct inode *inode)
 +{
 +      inotify_d_instantiate(entry, inode);
 +}
 +
 +/*
 + * fsnotify_d_move - entry has been moved
 + * Called with dcache_lock and entry->d_lock held.
 + */
 +static inline void fsnotify_d_move(struct dentry *entry)
 +{
 +      inotify_d_move(entry);
 +}
 +
  /*
   * fsnotify_move - file old_name at old_dir was moved to new_name at new_dir
   */
Simple merge
diff --cc ipc/msg.c
Simple merge
diff --cc ipc/shm.c
Simple merge
diff --cc kernel/Makefile
Simple merge
Simple merge
diff --cc net/core/dev.c
index e0489ca731c57f17dda1ce30cfc7747098c4e221,e9f84a66ce8140f3f03579d471e2f8e5317bd1ab..8e1dc3051222f23e06b70025f006bb6256ab5194
  #include <linux/netpoll.h>
  #include <linux/rcupdate.h>
  #include <linux/delay.h>
 -#ifdef CONFIG_NET_RADIO
 -#include <linux/wireless.h>           /* Note : will define WIRELESS_EXT */
 +#include <linux/wireless.h>
  #include <net/iw_handler.h>
 -#endif        /* CONFIG_NET_RADIO */
  #include <asm/current.h>
+ #include <linux/audit.h>
  
  /*
   *    The list of packet types we will receive (as opposed to discard)
Simple merge
index ccaf988f37292876fa9bbef366ed7d36cf508c48,81b726b1a41919ba72ea106e44889644e207f2ff..b61b9554bc27c1d9eec70e3bce7e6a4f020d2345
@@@ -117,8 -117,32 +117,34 @@@ static struct security_operations *seco
  static LIST_HEAD(superblock_security_head);
  static DEFINE_SPINLOCK(sb_security_lock);
  
 +static kmem_cache_t *sel_inode_cache;
 +
+ /* Return security context for a given sid or just the context 
+    length if the buffer is null or length is 0 */
+ static int selinux_getsecurity(u32 sid, void *buffer, size_t size)
+ {
+       char *context;
+       unsigned len;
+       int rc;
+       rc = security_sid_to_context(sid, &context, &len);
+       if (rc)
+               return rc;
+       if (!buffer || !size)
+               goto getsecurity_exit;
+       if (size < len) {
+               len = -ERANGE;
+               goto getsecurity_exit;
+       }
+       memcpy(buffer, context, len);
+ getsecurity_exit:
+       kfree(context);
+       return len;
+ }
  /* Allocate and free functions for each kind of security blob. */
  
  static int task_alloc_security(struct task_struct *task)
Simple merge
index f5d78365488fc2728782342cdaa5d49fb39d1302,5eba6664eac0795523956e31af9405e86cd06409..a4efc966f065eae8599ee034a3ac760efca0d92f
@@@ -262,8 -269,11 +270,11 @@@ static ssize_t sel_write_load(struct fi
                length = ret;
        else
                length = count;
+       audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_POLICY_LOAD,
+               "policy loaded auid=%u",
+               audit_get_loginuid(current->audit_context));
  out:
 -      up(&sel_sem);
 +      mutex_unlock(&sel_mutex);
        vfree(data);
        return length;
  }
Simple merge