[GIT PULL] Audit patches for v4.15

From: Paul Moore
Date: Mon Nov 13 2017 - 15:37:16 EST

Next message: Linus Torvalds: "Re: [GIT PULL] locking changes for v4.15"
Previous message: Yonghong Song: "Re: [PATCH][v2] uprobes/x86: emulate push insns for uprobe on x86"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Linus,

Another relatively small pull request for audit, nine patches total.
The only real new bit of functionality is the patch from Richard which
adds the ability to filter records based on the filesystem type. The
remainder are bug fixes and cleanups; the bug fix highlights include:
ensuring that we properly audit init/PID-1 (me), and allowing the
audit daemon to shutdown the kernel/auditd connection cleanly by
setting the audit PID to zero (Steve).

Please merge for v4.14.

Thanks,
-Paul

---
The following changes since commit 196a5085592c62ffa4eb739d7ce49c040c2953a1:

audit: update the function comments (2017-09-05 09:46:59 -0400)

are available in the Git repository at:

git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git
tags/audit-pr-20171113

for you to fetch changes up to 42d5e37654e4cdb9fb2e2f3ab30045fee35c42d8:

audit: filter PATH records keyed on filesystem magic
(2017-11-10 16:08:56 -0500)

----------------------------------------------------------------
audit/stable-4.15 PR 20171113

----------------------------------------------------------------
Casey Schaufler (1):
Audit: remove unused audit_log_secctx function

Paul Moore (5):
audit: ensure that 'audit=1' actually enables audit for PID 1
audit: initialize the audit subsystem as early as possible
audit: don't use simple_strtol() anymore
audit: convert audit_ever_enabled to a boolean
audit: use audit_set_enabled() in audit_enable()

Richard Guy Briggs (1):
audit: filter PATH records keyed on filesystem magic

Steve Grubb (2):
audit: Add new syscalls to the perm=w filter
audit: Allow auditd to set pid to 0 to end auditing

include/asm-generic/audit_dir_write.h | 3 ++
include/asm-generic/audit_write.h | 3 ++
include/linux/audit.h | 8 ----
include/uapi/linux/audit.h | 8 +++-
kernel/audit.c | 76 +++++++++++--------------------
kernel/audit.h | 2 +-
kernel/auditfilter.c | 39 ++++++++++++++----
kernel/auditsc.c | 23 +++++++++++
8 files changed, 97 insertions(+), 65 deletions(-)

--
paul moore
www.paul-moore.com

Next message: Linus Torvalds: "Re: [GIT PULL] locking changes for v4.15"
Previous message: Yonghong Song: "Re: [PATCH][v2] uprobes/x86: emulate push insns for uprobe on x86"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]