31 Jan, 2018

1 commit

• 155d33af7   audit: Avoid build failures on systems without renameat ... Browse Code »

  renameat has been deprecated in favor of renameat2 for new ports. This
  allows the audit tests to build on RISC-V.

  Reviewed-by: Christoph Hellwig
  Acked-by: Olof Johansson
  Signed-off-by: Palmer Dabbelt

  Palmer Dabbelt

  2018-01-31 11:07:54 +0800  

16 Nov, 2017

1 commit

• f9bab2677   Merge tag 'audit-pr-20171113' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit ... Browse Code »

  Pull audit updates from Paul Moore:
  "Another relatively small pull request for audit, nine patches total.

  The only real new bit of functionality is the patch from Richard which
  adds the ability to filter records based on the filesystem type.

  The remainder are bug fixes and cleanups; the bug fix highlights
  include:

  - ensuring that we properly audit init/PID-1 (me)

  - allowing the audit daemon to shutdown the kernel/auditd connection
  cleanly by setting the audit PID to zero (Steve)"

  * tag 'audit-pr-20171113' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit:
  audit: filter PATH records keyed on filesystem magic
  Audit: remove unused audit_log_secctx function
  audit: Allow auditd to set pid to 0 to end auditing
  audit: Add new syscalls to the perm=w filter
  audit: use audit_set_enabled() in audit_enable()
  audit: convert audit_ever_enabled to a boolean
  audit: don't use simple_strtol() anymore
  audit: initialize the audit subsystem as early as possible
  audit: ensure that 'audit=1' actually enables audit for PID 1

  Linus Torvalds

  2017-11-16 05:28:48 +0800  

11 Nov, 2017

1 commit

• 6e66ec3ca   audit: Add new syscalls to the perm=w filter ... Browse Code »

  The audit subsystem allows selecting audit events based on watches for
  a particular behavior like writing to a file. A lot of syscalls have
  been added without updating the list. This patch adds 2 syscalls to the
  write filters: fallocate and renameat2.

  Signed-off-by: Steve Grubb
  Reviewed-by: Richard Guy Briggs
  [PM: cleaned up some whitespace errors]
  Signed-off-by: Paul Moore

  Steve Grubb

  2017-11-11 05:08:28 +0800  

02 Nov, 2017

1 commit

• b24413180   License cleanup: add SPDX GPL-2.0 license identifier to files with no license ... Browse Code »

  Many source files in the tree are missing licensing information, which
  makes it harder for compliance tools to determine the correct license.

  By default all files without license information are under the default
  license of the kernel, which is GPL version 2.

  Update the files which contain no license information with the 'GPL-2.0'
  SPDX license identifier. The SPDX identifier is a legally binding
  shorthand, which can be used instead of the full boiler plate text.

  This patch is based on work done by Thomas Gleixner and Kate Stewart and
  Philippe Ombredanne.

  How this work was done:

  Patches were generated and checked against linux-4.14-rc6 for a subset of
  the use cases:
  - file had no licensing information it it.
  - file was a */uapi/* one with no licensing information in it,
  - file was a */uapi/* one with existing licensing information,

  Further patches will be generated in subsequent months to fix up cases
  where non-standard license headers were used, and references to license
  had to be inferred by heuristics based on keywords.

  The analysis to determine which SPDX License Identifier to be applied to
  a file was done in a spreadsheet of side by side results from of the
  output of two independent scanners (ScanCode & Windriver) producing SPDX
  tag:value files created by Philippe Ombredanne. Philippe prepared the
  base worksheet, and did an initial spot review of a few 1000 files.

  The 4.13 kernel was the starting point of the analysis with 60,537 files
  assessed. Kate Stewart did a file by file comparison of the scanner
  results in the spreadsheet to determine which SPDX license identifier(s)
  to be applied to the file. She confirmed any determination that was not
  immediately clear with lawyers working with the Linux Foundation.

  Criteria used to select files for SPDX license identifier tagging was:
  - Files considered eligible had to be source code files.
  - Make and config files were included as candidates if they contained >5
  lines of source
  - File already had some variant of a license header in it (even if
  Reviewed-by: Philippe Ombredanne
  Reviewed-by: Thomas Gleixner
  Signed-off-by: Greg Kroah-Hartman

  Greg Kroah-Hartman

  2017-11-02 18:10:55 +0800  

05 May, 2011

1 commit

• aaeb012fe   audit: support the "standard" <asm-generic/unistd.h> ... Browse Code »

  Many of the syscalls mentioned in the audit code are not present
  for architectures that implement only the "standard" set of
  Linux syscalls (e.g. openat, but not open, etc.). This change
  adds proper #ifdefs for all those syscalls.

  Acked-by: Arnd Bergmann
  Signed-off-by: Chris Metcalf

  Chris Metcalf

  2011-05-05 02:41:28 +0800  

23 Sep, 2006

1 commit

• a83fbf635   [PATCH] fix missing ifdefs in syscall classes hookup for generic targets ... Browse Code »

  several targets have no ....at() family and m32r calls its only chown variant
  chown32(), with __NR_chown being undefined. creat(2) is also absent in some
  targets.

  Signed-off-by: Al Viro
  Signed-off-by: Linus Torvalds

  Al Viro

  2006-09-23 08:48:56 +0800  

01 Jul, 2006

1 commit

• b915543b4   [PATCH] audit syscall classes ... Browse Code »

  Allow to tie upper bits of syscall bitmap in audit rules to kernel-defined
  sets of syscalls. Infrastructure, a couple of classes (with 32bit counterparts
  for biarch targets) and actual tie-in on i386, amd64 and ia64.

  Signed-off-by: Al Viro

  Al Viro

  2006-07-01 19:44:10 +0800