The pull request you sent on Mon, 15 Feb 2021 17:10:37 -0500:
> git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git
> tags/audit-pr-20210215
has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/23b6ba45f321bd5c4cddde4b8c85b3f71da3cdb8
Thank you!
--
Hi Linus,
Three very trivial patches for audit this time. All pass the
audit-testsuite and apply cleanly to your tree as of a few minutes
ago; please merge these for v5.12.
Thanks,
-Paul
--
The following changes since commit e71ba9452f0b5b2e8dc8aa5445198cd9214a6a62:
Linux 5.11-rc2
The pull request you sent on Mon, 14 Dec 2020 20:57:59 -0500:
> git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git
> tags/audit-pr-20201214
has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/3d5de2ddc6ba924d7c10460a1dc3aae8786b9d52
Thank you!
--
Hi Linus,
A small set of audit patches for v5.11 with four patches in total and
only one of any real significance. Richard's patch to trigger
accompanying records causes the kernel to emit additional related
records when an audit event occurs; helping provide some much needed
context to events
The pull request you sent on Mon, 12 Oct 2020 20:51:22 -0400:
> git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git stable-5.10
has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/01fb1e2f42d607ef5eb7a7ca54a0f0901fb5856c
Thank you!
--
Deet-doot-dot, I am a
On Mon, Oct 12, 2020 at 8:54 PM Paul Moore wrote:
> On Mon, Oct 12, 2020 at 8:51 PM Paul Moore wrote:
> >
> > Hi Linus,
> >
> > A small set of audit patches for v5.10. There are only three patches
> > in total, and all three are trivial fixes that don't really warrant
> > any explanations
On Mon, Oct 12, 2020 at 8:51 PM Paul Moore wrote:
>
> Hi Linus,
>
> A small set of audit patches for v5.10. There are only three patches
> in total, and all three are trivial fixes that don't really warrant
> any explanations beyond their descriptions. As usual, all three
> patches pass our
Hi Linus,
A small set of audit patches for v5.10. There are only three patches
in total, and all three are trivial fixes that don't really warrant
any explanations beyond their descriptions. As usual, all three
patches pass our test suite and as of a few minutes ago they applied
cleanly to your
The pull request you sent on Mon, 3 Aug 2020 21:00:01 -0400:
> git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git
> tags/audit-pr-20200803
has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/fd76a74d940ae3d6b8b2395cd12914630c7e1739
Thank you!
--
Hi Linus,
Here are the audit patches for the v5.9 merge window. All of the
patches in this pull request pass our test suite and merged cleanly
with your tree from a few hours ago.
Aside from some smaller bug fixes, here are the highlights:
- Add a new backlog wait metric to the audit status
The pull request you sent on Mon, 1 Jun 2020 20:48:59 -0400:
> git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git
> tags/audit-pr-20200601
has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/9d99b1647fa56805c1cfef2d81ee7b9855359b62
Thank you!
--
On Mon, Jun 1, 2020 at 5:49 PM Paul Moore wrote:
>
> Unfortunately I just noticed
> that one of the commit subject lines is truncated - sorry about that,
> it's my fault not Richard's - but since the important part is there
> ("add subj creds to NETFILTER_CFG") I opted to leave it as-is and
Hi Linus,
Here is the set of audit patches for the v5.8 merge window, all
patches pass our test suite and as of a few minutes ago they also
merge cleanly with the top of your tree. Unfortunately I just noticed
that one of the commit subject lines is truncated - sorry about that,
it's my fault
The pull request you sent on Tue, 2 Jul 2019 13:28:33 -0400:
> git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git
> tags/audit-pr-20190702
has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/61fc5771f5e729a2ce235af42f69c8506725e84a
Thank you!
--
The pull request you sent on Tue, 7 May 2019 13:23:05 -0400:
> git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git
> tags/audit-pr-20190507
has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/02aff8db6438ce29371fd9cd54c57213f4bb4536
Thank you!
--
Hi Linus,
We've got a reasonably broad set of audit patches for the v5.2 merge
window, the highlights are below:
- The biggest change, and the source of all the arch/* changes, is the
patchset from Dmitry to help enable some of the work he is doing
around PTRACE_GET_SYSCALL_INFO. To be honest,
The pull request you sent on Tue, 5 Mar 2019 17:35:35 -0500:
> git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git
> tags/audit-pr-20190305
has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/be37f21a08ce65c7632c7f45e1755a4b07f278a0
Thank you!
--
Hi Linus,
A lucky 13 audit patches for v5.1. Despite the rather large diffstat,
most of the changes are from two bug fix patches that move code from
one Kconfig option to another. Beyond that bit of churn, the
remaining changes are largely cleanups and bug-fixes as we slowly
march towards
The pull request you sent on Mon, 24 Dec 2018 11:26:40 -0500:
> git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git
> tags/audit-pr-20181224
has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/047ce6d380e8e66cfb6cbc22e873af89dd0c216c
Thank you!
--
Hi Linus,
In the finest of holiday of traditions, I have a number of gifts to
share today. While most of them are re-gifts from others, unlike the
typical re-gift, these are things you will want in and around your
tree; I promise.
This pull request is perhaps a bit larger than our typical PR,
Hi Linus,
We didn't have anything to send for v4.16, but we're back with a
little more than usual for v4.17. Eleven patches in total, most fall
into the small fix category, but there are three non-trivial changes
worth calling out: the audit entry filter is being removed after
deprecating it for
Hi Linus,
We didn't have anything to send for v4.16, but we're back with a
little more than usual for v4.17. Eleven patches in total, most fall
into the small fix category, but there are three non-trivial changes
worth calling out: the audit entry filter is being removed after
deprecating it for
Hi Linus,
Another relatively small pull request for audit, nine patches total.
The only real new bit of functionality is the patch from Richard which
adds the ability to filter records based on the filesystem type. The
remainder are bug fixes and cleanups; the bug fix highlights include:
Hi Linus,
Another relatively small pull request for audit, nine patches total.
The only real new bit of functionality is the patch from Richard which
adds the ability to filter records based on the filesystem type. The
remainder are bug fixes and cleanups; the bug fix highlights include:
Hi Linus,
A small pull request for audit this time, only four patches and only
two with any real code changes. Those two changes are the removal of
a pointless SELinux AVC initialization audit event and a fix to
improve the audit timestamp overhead. The other two patches are
comment cleanup and
Hi Linus,
A small pull request for audit this time, only four patches and only
two with any real code changes. Those two changes are the removal of
a pointless SELinux AVC initialization audit event and a fix to
improve the audit timestamp overhead. The other two patches are
comment cleanup and
Hi Linus,
Things are relatively quiet on the audit front for v4.13, just five
patches for a total diffstat of 102 lines. There are two patches from
Richard to consistently record the POSIX capabilities and add the
ambient capability information as well. I also chipped in two patches
to fix a
Hi Linus,
Things are relatively quiet on the audit front for v4.13, just five
patches for a total diffstat of 102 lines. There are two patches from
Richard to consistently record the POSIX capabilities and add the
ambient capability information as well. I also chipped in two patches
to fix a
Hi Linus,
Fourteen audit patches for v4.12 that span the full range of fixes,
new features, and internal cleanups. We have a patches to move to
64-bit timestamps, convert refcounts from atomic_t to refcount_t,
track PIDs using the pid struct instead of pid_t, convert our own
private audit buffer
Hi Linus,
Fourteen audit patches for v4.12 that span the full range of fixes,
new features, and internal cleanups. We have a patches to move to
64-bit timestamps, convert refcounts from atomic_t to refcount_t,
track PIDs using the pid struct instead of pid_t, convert our own
private audit buffer
Hi Linux,
The audit changes for v4.11 are relatively small compared to what we
did for v4.10, both in terms of size and impact. The two patches from
Steve tweak the formatting for some of the audit records to make them
more consistent with other audit records. The three patches from
Richard
Hi Linux,
The audit changes for v4.11 are relatively small compared to what we
did for v4.10, both in terms of size and impact. The two patches from
Steve tweak the formatting for some of the audit records to make them
more consistent with other audit records. The three patches from
Richard
Hi Linus,
After the small number of patches for v4.9, we've got a much bigger pile for
v4.10.
The bulk of these patches involve a rework of the audit backlog queue to
enable us to move the netlink multicasting out of the task/thread that
generates the audit record and into the kernel thread
Hi Linus,
After the small number of patches for v4.9, we've got a much bigger pile for
v4.10.
The bulk of these patches involve a rework of the audit backlog queue to
enable us to move the netlink multicasting out of the task/thread that
generates the audit record and into the kernel thread
Hi Linus,
Another relatively small pull request for v4.9 with just two patches. The
patch from Richard updates the list of features we support and report back to
userspace; this should of been sent earlier with the rest of the v4.8 patches
but it got lost in my inbox. The second patch fixes
Hi Linus,
Another relatively small pull request for v4.9 with just two patches. The
patch from Richard updates the list of features we support and report back to
userspace; this should of been sent earlier with the rest of the v4.8 patches
but it got lost in my inbox. The second patch fixes
Hi Linus,
Six audit patches for 4.8. There are a couple of style and minor whitespace
tweaks for the logs, as well as a minor fixup to catch errors on user filter
rules, however the major improvements are a fix to the s390 syscall argument
masking code (reviewed by the nice s390 folks), some
Hi Linus,
Six audit patches for 4.8. There are a couple of style and minor whitespace
tweaks for the logs, as well as a minor fixup to catch errors on user filter
rules, however the major improvements are a fix to the s390 syscall argument
masking code (reviewed by the nice s390 folks), some
Hi Linus,
Four small audit patches for 4.7; two are simple cleanups around the audit
thread management code, one adds a tty field to AUDIT_LOGIN events, and the
final patch makes tty_name() usable regardless of CONFIG_TTY. Nothing
controversial, and it all passes our regression test. Please
Hi Linus,
Four small audit patches for 4.7; two are simple cleanups around the audit
thread management code, one adds a tty field to AUDIT_LOGIN events, and the
final patch makes tty_name() usable regardless of CONFIG_TTY. Nothing
controversial, and it all passes our regression test. Please
Hi Linus,
A small set of patches for audit this time; just three in total and one is a
spelling fix. The two patches with actual content are designed to help
prevent new instances of auditd from displacing an existing, functioning
auditd and to generate a log of the attempt. Not to worry,
Hi Linus,
A small set of patches for audit this time; just three in total and one is a
spelling fix. The two patches with actual content are designed to help
prevent new instances of auditd from displacing an existing, functioning
auditd and to generate a log of the attempt. Not to worry,
Hi Linus,
Seven audit patches for 4.4, but really only one of any significant value, the
remainder are trivial cleanups that are described well enough in the patch
descriptions. The one significant patch is an attempt to make communication
between the kernel's audit subsystem and the
Hi Linus,
Seven audit patches for 4.4, but really only one of any significant value, the
remainder are trivial cleanups that are described well enough in the patch
descriptions. The one significant patch is an attempt to make communication
between the kernel's audit subsystem and the
Hi Linus,
This is one of the larger audit patchsets in recent history, consisting of
eight patches and almost 400 lines of changes. The bulk of the patchset is
the new "audit by executable" functionality which allows admins to set an
audit watch based on the executable on disk. Prior to
Hi Linus,
This is one of the larger audit patchsets in recent history, consisting of
eight patches and almost 400 lines of changes. The bulk of the patchset is
the new "audit by executable" functionality which allows admins to set an
audit watch based on the executable on disk. Prior to
Hi Linus,
Four small audit patches for v4.2, all bug fixes. Only 10 lines of change
this time so very unremarkable, the patch subject lines pretty much tell the
whole story. Please pull.
Thanks,
-Paul
---
The following changes since commit 39a8804455fb23f09157341d3ba7db6d7ae6ee76:
Linux
Hi Linus,
Four small audit patches for v4.2, all bug fixes. Only 10 lines of change
this time so very unremarkable, the patch subject lines pretty much tell the
whole story. Please pull.
Thanks,
-Paul
---
The following changes since commit 39a8804455fb23f09157341d3ba7db6d7ae6ee76:
Linux
Hi Linus,
Seven audit patches for v4.1, all bug fixes. The largest, and perhaps most
significant commit helps resolve some memory pressure issues related to the
inode cache and audit, there are also a few small commits which help resolve
some timing issues with the audit log queue, and the
Hi Linus,
Seven audit patches for v4.1, all bug fixes. The largest, and perhaps most
significant commit helps resolve some memory pressure issues related to the
inode cache and audit, there are also a few small commits which help resolve
some timing issues with the audit log queue, and the
Hi Linus,
Two small patches from the audit next branch; only one of which has any real
significant code changes, the other is simply a MAINTAINERS update for audit.
The single code patch is pretty small and rather straightforward, it changes
the audit "version" number reported to userspace
Hi Linus,
Two small patches from the audit next branch; only one of which has any real
significant code changes, the other is simply a MAINTAINERS update for audit.
The single code patch is pretty small and rather straightforward, it changes
the audit version number reported to userspace from
Adds new predicate ("event happened in subtree under ").
audit-subtree stuff; sat in -mm for several months.
Please, pull from
git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current.git/ audit.b42
Al Viro <[EMAIL PROTECTED]>
[PATCH] audit: watching subtrees
[PATCH] new helper -
Adds new predicate (event happened in subtree under pathname).
audit-subtree stuff; sat in -mm for several months.
Please, pull from
git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current.git/ audit.b42
Al Viro [EMAIL PROTECTED]
[PATCH] audit: watching subtrees
[PATCH] new
On Thu, 2007-02-22 at 13:19 -0800, Andrew Morton wrote:
> > On Thu, 22 Feb 2007 08:22:47 -0500 Stephen Smalley <[EMAIL PROTECTED]>
> > wrote:
> > On Wed, 2007-02-21 at 16:03 -0800, Andrew Morton wrote:
> > >
> > > Looking at the changes to audit_receive_msg():
> > >
> > >
> > >
On Thu, 2007-02-22 at 13:19 -0800, Andrew Morton wrote:
On Thu, 22 Feb 2007 08:22:47 -0500 Stephen Smalley [EMAIL PROTECTED]
wrote:
On Wed, 2007-02-21 at 16:03 -0800, Andrew Morton wrote:
Looking at the changes to audit_receive_msg():
if (sid) {
> On Thu, 22 Feb 2007 08:22:47 -0500 Stephen Smalley <[EMAIL PROTECTED]> wrote:
> On Wed, 2007-02-21 at 16:03 -0800, Andrew Morton wrote:
> >
> > Looking at the changes to audit_receive_msg():
> >
> >
> > if (sid) {
> > if
On Wed, 2007-02-21 at 16:03 -0800, Andrew Morton wrote:
> On Sun, 18 Feb 2007 04:01:27 + Al Viro <[EMAIL PROTECTED]> wrote:
>
> > Misc audit patches (resend again...); the most intrusive one is
> > AUDIT_FD_PAIR,
> > allowing to log descriptor numbers from syscalls that do not return them in
On Wed, 2007-02-21 at 16:03 -0800, Andrew Morton wrote:
On Sun, 18 Feb 2007 04:01:27 + Al Viro [EMAIL PROTECTED] wrote:
Misc audit patches (resend again...); the most intrusive one is
AUDIT_FD_PAIR,
allowing to log descriptor numbers from syscalls that do not return them in
usual
On Thu, 22 Feb 2007 08:22:47 -0500 Stephen Smalley [EMAIL PROTECTED] wrote:
On Wed, 2007-02-21 at 16:03 -0800, Andrew Morton wrote:
Looking at the changes to audit_receive_msg():
if (sid) {
if (selinux_sid_to_string(
On Sun, 18 Feb 2007 04:01:27 + Al Viro <[EMAIL PROTECTED]> wrote:
> Misc audit patches (resend again...); the most intrusive one is AUDIT_FD_PAIR,
> allowing to log descriptor numbers from syscalls that do not return them in
> usual way (i.e. pipe() and socketpair()). It took some massage of
On Sun, 18 Feb 2007 04:01:27 + Al Viro [EMAIL PROTECTED] wrote:
Misc audit patches (resend again...); the most intrusive one is AUDIT_FD_PAIR,
allowing to log descriptor numbers from syscalls that do not return them in
usual way (i.e. pipe() and socketpair()). It took some massage of
the
Misc audit patches (resend again...); the most intrusive one is AUDIT_FD_PAIR,
allowing to log descriptor numbers from syscalls that do not return them in
usual way (i.e. pipe() and socketpair()). It took some massage of
the failure exits in sys_socketpair(); the rest is absolutely trivial.
Misc audit patches (resend again...); the most intrusive one is AUDIT_FD_PAIR,
allowing to log descriptor numbers from syscalls that do not return them in
usual way (i.e. pipe() and socketpair()). It took some massage of
the failure exits in sys_socketpair(); the rest is absolutely trivial.
64 matches
Mail list logo
