LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Weekly Edition

Return to the Kernel page

Recent Features

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

LSM-neutral Audit (SELinux audit separation)

From:  "Ahmed S. Darwish" <darwish.07@gmail.com>
To:  Chris Wright <chrisw@sous-sol.org>, Stephen Smalley <sds@tycho.nsa.gov>, James Morris <jmorris@namei.org>, Eric Paris <eparis@parisplace.org>, Casey Schaufler <casey@schaufler-ca.com
Subject:  [PATCH-v2 -mm 0/9] LSM-neutral Audit (SELinux audit separation)
Date:  Sat, 1 Mar 2008 21:47:52 +0200
Message-ID:  <20080301194752.GA19636@ubuntu>
Cc:  LKML <linux-kernel@vger.kernel.org>, Audit-ML <linux-audit@redhat.com>, LSM-ML <linux-security-module@vger.kernel.org>
Archive-link:  Article, Thread 

Hi everybody,

A series of 9 patches to let Audit be LSM netural. This is done 
for proper future audit<->SMACK integration which will also be
useful for any future LSM.

Basically, patches add below new LSM hooks:

1- secid extraction:
inode_getsecid(inode, secid)
ipc_getsecid(ipcp, secid)

2- LSM-specific Audit rules manipulation:
audit_rule_init(field, op, rulestr, lsmrule)
audit_rule_known(krule)
audit_rule_match(secid, field, op, rule, actx)
audit_rule_free(rule)

and remove ,now redundant, equivalent SELinux exported interfaces.

Initial work and idea by: Casey Schaufler <casey@schaufler-ca.com>
Thanks to Paul Moore <paul.moore@hp.com> for his deep review of first
version.

 include/linux/audit.h            |   29 ++++++++
 include/linux/security.h         |  102 +++++++++++++++++++++++++++++
 include/linux/selinux.h          |  134 ---------------------------------------
 kernel/audit.c                   |   24 ++----
 kernel/audit.h                   |   25 -------
 kernel/auditfilter.c             |   99 ++++++++++------------------
 kernel/auditsc.c                 |   74 +++++++++++----------
 net/netlink/af_netlink.c         |    3 +-
 security/dummy.c                 |   47 +++++++++++++
 security/security.c              |   35 ++++++++++
 security/selinux/exports.c       |   42 ------------
 security/selinux/hooks.c         |   27 +++++++
 security/selinux/include/audit.h |   65 ++++++++++++++++++
 security/selinux/ss/services.c   |   45 +++++++++----
 14 files changed, 420 insertions(+), 331 deletions(-)

Regards,

-- 

"Better to light a candle, than curse the darkness"

Ahmed S. Darwish
Homepage: http://darwish.07.googlepages.com
Blog: http://darwish-07.blogspot.com

--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds