17 Aug, 2009
1 commit
-
Convert avc_audit in security/selinux/avc.c to use lsm_audit.h,
for better maintainability.- changed selinux to use common_audit_data instead of
avc_audit_data
- eliminated code in avc.c and used code from lsm_audit.h instead.Had to add a LSM_AUDIT_NO_AUDIT to lsm_audit.h so that avc_audit
can call common_lsm_audit and do the pre and post callbacks without
doing the actual dump. This makes it so that the patched version
behaves the same way as the unpatched version.Also added a denied field to the selinux_audit_data private space,
once again to make it so that the patched version behaves like the
unpatched.I've tested and confirmed that AVCs look the same before and after
this patch.Signed-off-by: Thomas Liu
Acked-by: Stephen Smalley
Signed-off-by: James Morris
14 Apr, 2009
1 commit
-
This patch creates auditing functions usable by LSM to audit security
events. It provides standard dumping of FS, NET, task etc ... events
(code borrowed from SELinux)
and provides 2 callbacks to define LSM specific auditing, which should be
flexible enough to convert SELinux too.Signed-off-by: Etienne Basset
Acked-by: Casey Schaufler
cked-by: Eric Paris
Signed-off-by: James Morris
