Doug / smarc-fsl-linux-kernel

21 Mar, 2006

6 commits

  • 5a0bbce58   [PATCH] sem2mutex: audit_netlink_sem ... Browse Code »

    Semaphore to mutex conversion.

    The conversion was generated via scripts, and the result was validated
    automatically via a script as well.

    Signed-off-by: Ingo Molnar
    Cc: David Woodhouse
    Signed-off-by: Andrew Morton
    Signed-off-by: Al Viro

    Ingo Molnar
     
  • d9d9ec6e2   [PATCH] Fix audit operators ... Browse Code »

    Darrel Goeddel initiated a discussion on IRC regarding the possibility
    of audit_comparator() returning -EINVAL signaling an invalid operator.

    It is possible when creating the rule to assure that the operator is one
    of the 6 sane values. Here's a snip from include/linux/audit.h Note
    that 0 (nonsense) and 7 (all operators) are not valid values for an
    operator.

    ...

    /* These are the supported operators.
    * 4 2 1
    * = > <
    * -------
    * 0 0 0 0 nonsense
    * 0 0 1 1 <
    * 0 1 0 2 >
    * 0 1 1 3 !=
    * 1 0 0 4 =
    * 1 0 1 5 =
    * 1 1 1 7 all operators
    */
    ...

    Furthermore, prior to adding these extended operators, flagging the
    AUDIT_NEGATE bit implied !=, and otherwise == was assumed.

    The following code forces the operator to be != if the AUDIT_NEGATE bit
    was flipped on. And if no operator was specified, == is assumed. The
    only invalid condition is if the AUDIT_NEGATE bit is off and all of the
    AUDIT_EQUAL, AUDIT_LESS_THAN, and AUDIT_GREATER_THAN bits are
    on--clearly a nonsensical operator.

    Now that this is handled at rule insertion time, the default -EINVAL
    return of audit_comparator() is eliminated such that the function can
    only return 1 or 0.

    If this is acceptable, let's get this applied to the current tree.

    :-Dustin

    --

    Signed-off-by: Al Viro
    (cherry picked from 9bf0a8e137040f87d1b563336d4194e38fb2ba1a commit)

    Dustin Kirkland
     
  • 5d3301088   [PATCH] add/remove rule update ... Browse Code »

    Hi,

    The following patch adds a little more information to the add/remove rule message emitted
    by the kernel.

    Signed-off-by: Steve Grubb
    Signed-off-by: Al Viro

    Steve Grubb
     
  • 93315ed6d   [PATCH] audit string fields interface + consumer ... Browse Code »

    Updated patch to dynamically allocate audit rule fields in kernel's
    internal representation. Added unlikely() calls for testing memory
    allocation result.

    Amy Griffis wrote: [Wed Jan 11 2006, 02:02:31PM EST]
    > Modify audit's kernel-userspace interface to allow the specification
    > of string fields in audit rules.
    >
    > Signed-off-by: Amy Griffis

    Signed-off-by: Al Viro
    (cherry picked from 5ffc4a863f92351b720fe3e9c5cd647accff9e03 commit)

    Amy Griffis
     
  • d884596f4   [PATCH] Minor cosmetic cleanups to the code moved into auditfilter.c ... Browse Code »

    Signed-off-by: David Woodhouse

    David Woodhouse
     
  • fe7752bab   [PATCH] Fix audit record filtering with !CONFIG_AUDITSYSCALL ... Browse Code »

    This fixes the per-user and per-message-type filtering when syscall
    auditing isn't enabled.

    [AV: folded followup fix from the same author]

    Signed-off-by: David Woodhouse
    Signed-off-by: Al Viro

    David Woodhouse