LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Weekly Edition

Return to the Kernel page

Sponsored link

Serve your customers, not your servers, with VERIO Linux VPS. Full-access test-drive here.

Recent Features

LWN.net Weekly Edition for May 15, 2008

Distributed bug tracking

A Talk with Fedora Project Leader Paul Frields

LWN.net Weekly Edition for May 8, 2008

Blizzard tests the reach of copyright law

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

LSM-neutral Audit (SELinux audit separation)

From:  "Ahmed S. Darwish" <darwish.07@gmail.com>
To:  Chris Wright <chrisw@sous-sol.org>, Stephen Smalley <sds@tycho.nsa.gov>, James Morris <jmorris@namei.org>, Eric Paris <eparis@parisplace.org>, Casey Schaufler <casey@schaufler-ca.com
Subject:  [PATCH-v2 -mm 0/9] LSM-neutral Audit (SELinux audit separation)
Date:  Sat, 1 Mar 2008 21:47:52 +0200
Message-ID:  <20080301194752.GA19636@ubuntu>
Cc:  LKML <linux-kernel@vger.kernel.org>, Audit-ML <linux-audit@redhat.com>, LSM-ML <linux-security-module@vger.kernel.org>
Archive-link:  Article, Thread 

Hi everybody,

A series of 9 patches to let Audit be LSM netural. This is done 
for proper future audit<->SMACK integration which will also be
useful for any future LSM.

Basically, patches add below new LSM hooks:

1- secid extraction:
inode_getsecid(inode, secid)
ipc_getsecid(ipcp, secid)

2- LSM-specific Audit rules manipulation:
audit_rule_init(field, op, rulestr, lsmrule)
audit_rule_known(krule)
audit_rule_match(secid, field, op, rule, actx)
audit_rule_free(rule)

and remove ,now redundant, equivalent SELinux exported interfaces.

Initial work and idea by: Casey Schaufler <casey@schaufler-ca.com>
Thanks to Paul Moore <paul.moore@hp.com> for his deep review of first
version.

 include/linux/audit.h            |   29 ++++++++
 include/linux/security.h         |  102 +++++++++++++++++++++++++++++
 include/linux/selinux.h          |  134 ---------------------------------------
 kernel/audit.c                   |   24 ++----
 kernel/audit.h                   |   25 -------
 kernel/auditfilter.c             |   99 ++++++++++------------------
 kernel/auditsc.c                 |   74 +++++++++++----------
 net/netlink/af_netlink.c         |    3 +-
 security/dummy.c                 |   47 +++++++++++++
 security/security.c              |   35 ++++++++++
 security/selinux/exports.c       |   42 ------------
 security/selinux/hooks.c         |   27 +++++++
 security/selinux/include/audit.h |   65 ++++++++++++++++++
 security/selinux/ss/services.c   |   45 +++++++++----
 14 files changed, 420 insertions(+), 331 deletions(-)

Regards,

-- 

"Better to light a candle, than curse the darkness"

Ahmed S. Darwish
Homepage: http://darwish.07.googlepages.com
Blog: http://darwish-07.blogspot.com

--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds
Powered by Rackspace Managed Hosting.