diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2017-09-07 20:48:25 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2017-09-07 20:48:25 -0700 |
commit | 0fb02e718f5fd88b175387bc2a9313b27609f0da (patch) | |
tree | 645cc7209882f80325c7bfa78bc8c59b2aa7dd12 | |
parent | 828f4257d1d33aed0f9ef82982dcb8ace8b7fe86 (diff) | |
parent | 196a5085592c62ffa4eb739d7ce49c040c2953a1 (diff) | |
download | linux-0fb02e718f5fd88b175387bc2a9313b27609f0da.tar.gz linux-0fb02e718f5fd88b175387bc2a9313b27609f0da.tar.bz2 linux-0fb02e718f5fd88b175387bc2a9313b27609f0da.zip |
Merge tag 'audit-pr-20170907' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit
Pull audit updates from Paul Moore:
"A small pull request for audit this time, only four patches and only
two with any real code changes.
Those two changes are the removal of a pointless SELinux AVC
initialization audit event and a fix to improve the audit timestamp
overhead.
The other two patches are comment cleanup and administrative updates,
nothing very exciting.
Everything passes our tests"
* tag 'audit-pr-20170907' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit:
audit: update the function comments
selinux: remove AVC init audit log message
audit: update the audit info in MAINTAINERS
audit: Reduce overhead using a coarse clock
-rw-r--r-- | MAINTAINERS | 7 | ||||
-rw-r--r-- | kernel/audit.c | 4 | ||||
-rw-r--r-- | kernel/auditsc.c | 20 | ||||
-rw-r--r-- | security/selinux/avc.c | 2 |
4 files changed, 16 insertions, 17 deletions
diff --git a/MAINTAINERS b/MAINTAINERS index 8dc0e39997d2..259d32d8c84b 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -2413,9 +2413,10 @@ AUDIT SUBSYSTEM M: Paul Moore <paul@paul-moore.com> M: Eric Paris <eparis@redhat.com> L: linux-audit@redhat.com (moderated for non-subscribers) -W: http://people.redhat.com/sgrubb/audit/ -T: git git://git.infradead.org/users/pcmoore/audit -S: Maintained +W: https://github.com/linux-audit +W: https://people.redhat.com/sgrubb/audit +T: git git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git +S: Supported F: include/linux/audit.h F: include/uapi/linux/audit.h F: kernel/audit* diff --git a/kernel/audit.c b/kernel/audit.c index 6dd556931739..be1c28fd4d57 100644 --- a/kernel/audit.c +++ b/kernel/audit.c @@ -1662,7 +1662,7 @@ static inline void audit_get_stamp(struct audit_context *ctx, struct timespec64 *t, unsigned int *serial) { if (!ctx || !auditsc_get_stamp(ctx, t, serial)) { - ktime_get_real_ts64(t); + *t = current_kernel_time64(); *serial = audit_serial(); } } @@ -1833,7 +1833,7 @@ void audit_log_format(struct audit_buffer *ab, const char *fmt, ...) } /** - * audit_log_hex - convert a buffer to hex and append it to the audit skb + * audit_log_n_hex - convert a buffer to hex and append it to the audit skb * @ab: the audit_buffer * @buf: buffer to convert to hex * @len: length of @buf to be converted diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 3260ba2312a9..aac1a41f82bd 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -1462,7 +1462,7 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts } /** - * audit_free - free a per-task audit context + * __audit_free - free a per-task audit context * @tsk: task whose audit context block to free * * Called from copy_process and do_exit @@ -1489,7 +1489,7 @@ void __audit_free(struct task_struct *tsk) } /** - * audit_syscall_entry - fill in an audit record at syscall entry + * __audit_syscall_entry - fill in an audit record at syscall entry * @major: major syscall type (function) * @a1: additional syscall register 1 * @a2: additional syscall register 2 @@ -1536,14 +1536,14 @@ void __audit_syscall_entry(int major, unsigned long a1, unsigned long a2, return; context->serial = 0; - ktime_get_real_ts64(&context->ctime); + context->ctime = current_kernel_time64(); context->in_syscall = 1; context->current_state = state; context->ppid = 0; } /** - * audit_syscall_exit - deallocate audit context after a system call + * __audit_syscall_exit - deallocate audit context after a system call * @success: success value of the syscall * @return_code: return value of the syscall * @@ -1705,7 +1705,7 @@ static struct audit_names *audit_alloc_name(struct audit_context *context, } /** - * audit_reusename - fill out filename with info from existing entry + * __audit_reusename - fill out filename with info from existing entry * @uptr: userland ptr to pathname * * Search the audit_names list for the current audit context. If there is an @@ -1730,7 +1730,7 @@ __audit_reusename(const __user char *uptr) } /** - * audit_getname - add a name to the list + * __audit_getname - add a name to the list * @name: name to add * * Add a name to the list of audit names for this context. @@ -2135,7 +2135,7 @@ void __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat) } /** - * audit_ipc_obj - record audit data for ipc object + * __audit_ipc_obj - record audit data for ipc object * @ipcp: ipc permissions * */ @@ -2151,7 +2151,7 @@ void __audit_ipc_obj(struct kern_ipc_perm *ipcp) } /** - * audit_ipc_set_perm - record audit data for new ipc permissions + * __audit_ipc_set_perm - record audit data for new ipc permissions * @qbytes: msgq bytes * @uid: msgq user id * @gid: msgq group id @@ -2180,7 +2180,7 @@ void __audit_bprm(struct linux_binprm *bprm) /** - * audit_socketcall - record audit data for sys_socketcall + * __audit_socketcall - record audit data for sys_socketcall * @nargs: number of args, which should not be more than AUDITSC_ARGS. * @args: args array * @@ -2211,7 +2211,7 @@ void __audit_fd_pair(int fd1, int fd2) } /** - * audit_sockaddr - record audit data for sys_bind, sys_connect, sys_sendto + * __audit_sockaddr - record audit data for sys_bind, sys_connect, sys_sendto * @len: data length in user space * @a: data address in kernel space * diff --git a/security/selinux/avc.c b/security/selinux/avc.c index e60c79de13e1..4b4293194aee 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c @@ -197,8 +197,6 @@ void __init avc_init(void) avc_xperms_data_cachep = kmem_cache_create("avc_xperms_data", sizeof(struct extended_perms_data), 0, SLAB_PANIC, NULL); - - audit_log(current->audit_context, GFP_KERNEL, AUDIT_KERNEL, "AVC INITIALIZED\n"); } int avc_get_hash_stats(char *page) |