Linux Kernel https://git.stealer.net/cgit.cgi/user/sven/linux.git/atom?h=v3.16 2014-06-04T06:32:12Z 2014-06-04T06:32:12Z David S. Miller davem@davemloft.net 2014-06-04T06:32:12Z urn:sha1:c99f7abf0e69987e4add567e155e042cb1f2a20b Conflicts: include/net/inetpeer.h net/ipv6/output_core.c Changes in net were fixing bugs in code removed in net-next. Signed-off-by: David S. Miller <davem@davemloft.net> 2014-05-24T04:32:30Z David S. Miller davem@davemloft.net 2014-05-24T04:32:30Z urn:sha1:54e5c4def0614ab540fbdf68e45342a4af141702 Conflicts: drivers/net/bonding/bond_alb.c drivers/net/ethernet/altera/altera_msgdma.c drivers/net/ethernet/altera/altera_sgdma.c net/ipv6/xfrm6_output.c Several cases of overlapping changes. The xfrm6_output.c has a bug fix which overlaps the renaming of skb->local_df to skb->ignore_df. In the Altera TSE driver cases, the register access cleanups in net-next overlapped with bug fixes done in net. Similarly a bug fix to send ALB packets in the bonding driver using the right source address overlaps with cleanups in net-next. Signed-off-by: David S. Miller <davem@davemloft.net> 2014-05-22T11:45:17Z Huacai Chen chenhc@lemote.com 2014-05-21T02:49:19Z urn:sha1:dc93f7b68a039fe7d918613163b1cdd21b279ec5 Missing a "|" in AUDIT_ARCH_MIPSEL64N32 macro definition. Signed-off-by: Huacai Chen <chenhc@lemote.com> Reviewed-by: Markos Chandras <markos.chandras@imgtec.com> Cc: John Crispin <john@phrozen.org> Cc: Steven J. Hill <Steven.Hill@imgtec.com> Cc: Aurelien Jarno <aurelien@aurel32.net> Cc: linux-mips@linux-mips.org Cc: Fuxin Zhang <zhangfx@lemote.com> Cc: Zhangjin Wu <wuzhangjin@gmail.com> Patchwork: https://patchwork.linux-mips.org/patch/6978/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org> 2014-05-13T23:39:54Z Markos Chandras markos.chandras@imgtec.com 2014-04-22T14:40:36Z urn:sha1:f2d0801f00b7aff0ac6b3666cbcdab499267418a A MIPS64 kernel may support ELF files for all 3 MIPS ABIs (O32, N32, N64). Furthermore, the AUDIT_ARCH_MIPS{,EL}64 token does not provide enough information about the ABI for the 64-bit process. As a result of which, userland needs to use complex seccomp filters to decide whether a syscall belongs to the o32 or n32 or n64 ABI. Therefore, a new arch token for MIPS64/n32 is added so it can be used by seccomp to explicitely set syscall filters for this ABI. Signed-off-by: Markos Chandras <markos.chandras@imgtec.com> Acked-by: Eric Paris <eparis@redhat.com> Acked-by: Paul Moore <pmoore@redhat.com> Cc: Andy Lutomirski <luto@amacapital.net> Cc: Ralf Baechle <ralf@linux-mips.org> Cc: Andy Lutomirski <luto@amacapital.net> Cc: linux-mips@linux-mips.org Link: http://sourceforge.net/p/libseccomp/mailman/message/32239040/ Patchwork: https://patchwork.linux-mips.org/patch/6818/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org> 2014-04-23T01:42:27Z Richard Guy Briggs rgb@redhat.com 2014-04-23T01:31:57Z urn:sha1:451f921639fea4600dfb9ab2889332bdcc7b48d3 Add a netlink multicast socket with one group to kaudit for "best-effort" delivery to read-only userspace clients such as systemd, in addition to the existing bidirectional unicast auditd userspace client. Currently, auditd is intended to use the CAP_AUDIT_CONTROL and CAP_AUDIT_WRITE capabilities, but actually uses CAP_NET_ADMIN. The CAP_AUDIT_READ capability is added for use by read-only AUDIT_NLGRP_READLOG netlink multicast group clients to the kaudit subsystem. This will safely give access to services such as systemd to consume audit logs while ensuring write access remains restricted for integrity. Signed-off-by: Richard Guy Briggs <rgb@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net> 2014-04-02T20:21:24Z Eric Paris eparis@redhat.com 2014-04-02T20:21:24Z urn:sha1:ab9705f34ce92b4f0da494859e69688e1e34e387 1000-1099 is for configuring things. So auditd ignored such messages. This is about actually logging what was configured. Move it into the range for such types of messages. Reported-by: Steve Grubb <sgrubb@redhat.com> Signed-off-by: Eric Paris <eparis@redhat.com> 2014-03-24T16:13:48Z Eric Paris eparis@redhat.com 2014-03-24T16:13:48Z urn:sha1:356750e35e86485c464704c0a32c1d8dc77590d7 We were exposing a function based on kernel config options to userspace. This is wrong. Move it to the audit internal header. Suggested-by: Chris Metcalf <cmetcalf@tilera.com> Signed-off-by: Eric Paris <eparis@redhat.com> 2014-03-20T14:11:35Z AKASHI Takahiro takahiro.akashi@linaro.org 2014-03-15T05:48:00Z urn:sha1:4b58841149dcaa500ceba1d5378ae70622fe4899 lib/audit.c provides a generic function for auditing system calls. This patch extends it for compat syscall support on bi-architectures (32/64-bit) by adding lib/compat_audit.c. What is required to support this feature are: * add asm/unistd32.h for compat system call names * select CONFIG_AUDIT_ARCH_COMPAT_GENERIC Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Acked-by: Richard Guy Briggs <rgb@redhat.com> Signed-off-by: Eric Paris <eparis@redhat.com> 2014-03-20T14:10:52Z William Roberts bill.c.roberts@gmail.com 2014-02-11T18:12:01Z urn:sha1:3f1c82502c299da08b7b7f08b435212e51166ed9 During an audit event, cache and print the value of the process's proctitle value (proc/<pid>/cmdline). This is useful in situations where processes are started via fork'd virtual machines where the comm field is incorrect. Often times, setting the comm field still is insufficient as the comm width is not very wide and most virtual machine "package names" do not fit. Also, during execution, many threads have their comm field set as well. By tying it back to the global cmdline value for the process, audit records will be more complete in systems with these properties. An example of where this is useful and applicable is in the realm of Android. With Android, their is no fork/exec for VM instances. The bare, preloaded Dalvik VM listens for a fork and specialize request. When this request comes in, the VM forks, and the loads the specific application (specializing). This was done to take advantage of COW and to not require a load of basic packages by the VM on very app spawn. When this spawn occurs, the package name is set via setproctitle() and shows up in procfs. Many of these package names are longer then 16 bytes, the historical width of task->comm. Having the cmdline in the audit records will couple the application back to the record directly. Also, on my Debian development box, some audit records were more useful then what was printed under comm. The cached proctitle is tied to the life-cycle of the audit_context structure and is built on demand. Proctitle is controllable by userspace, and thus should not be trusted. It is meant as an aid to assist in debugging. The proctitle event is emitted during syscall audits, and can be filtered with auditctl. Example: type=AVC msg=audit(1391217013.924:386): avc: denied { getattr } for pid=1971 comm="mkdir" name="/" dev="selinuxfs" ino=1 scontext=system_u:system_r:consolekit_t:s0-s0:c0.c255 tcontext=system_u:object_r:security_t:s0 tclass=filesystem type=SYSCALL msg=audit(1391217013.924:386): arch=c000003e syscall=137 success=yes exit=0 a0=7f019dfc8bd7 a1=7fffa6aed2c0 a2=fffffffffff4bd25 a3=7fffa6aed050 items=0 ppid=1967 pid=1971 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="mkdir" exe="/bin/mkdir" subj=system_u:system_r:consolekit_t:s0-s0:c0.c255 key=(null) type=UNKNOWN[1327] msg=audit(1391217013.924:386): proctitle=6D6B646972002D70002F7661722F72756E2F636F6E736F6C65 Acked-by: Steve Grubb <sgrubb@redhat.com> (wrt record formating) Signed-off-by: William Roberts <wroberts@tresys.com> Signed-off-by: Eric Paris <eparis@redhat.com> 2014-03-07T16:41:32Z Eric Paris eparis@redhat.com 2014-03-07T16:41:32Z urn:sha1:b7d3622a39fde7658170b7f3cf6c6889bb8db30d Linux 3.13 Conflicts: include/net/xfrm.h Simple merge where v3.13 removed 'extern' from definitions and the audit tree did s/u32/unsigned int/ to the same definitions.