Hi everybody, A series of 9 patches to let Audit be LSM netural. This is done for proper future audit<->SMACK integration which will also be useful for any future LSM.
Basically, patches add below new LSM hooks: 1- secid extraction: inode_getsecid(inode, secid) ipc_getsecid(ipcp, secid) 2- LSM-specific Audit rules manipulation: audit_rule_init(field, op, rulestr, lsmrule) audit_rule_known(krule) audit_rule_match(secid, field, op, rule, actx) audit_rule_free(rule) and remove ,now redundant, equivalent SELinux exported interfaces. Initial work and idea by: Casey Schaufler <[EMAIL PROTECTED]> Thanks to Paul Moore <[EMAIL PROTECTED]> for his deep review of first version. include/linux/audit.h | 29 ++++++++ include/linux/security.h | 102 +++++++++++++++++++++++++++++ include/linux/selinux.h | 134 --------------------------------------- kernel/audit.c | 24 ++---- kernel/audit.h | 25 ------- kernel/auditfilter.c | 99 ++++++++++------------------ kernel/auditsc.c | 74 +++++++++++---------- net/netlink/af_netlink.c | 3 +- security/dummy.c | 47 +++++++++++++ security/security.c | 35 ++++++++++ security/selinux/exports.c | 42 ------------ security/selinux/hooks.c | 27 +++++++ security/selinux/include/audit.h | 65 ++++++++++++++++++ security/selinux/ss/services.c | 45 +++++++++---- 14 files changed, 420 insertions(+), 331 deletions(-) Regards, -- "Better to light a candle, than curse the darkness" Ahmed S. Darwish Homepage: http://darwish.07.googlepages.com Blog: http://darwish-07.blogspot.com -- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
