On Fri, Mar 16, 2018 at 5:00 AM, Richard Guy Briggs wrote:
> Add container ID auxiliary record(s) to NETFILTER_PKT event standalone
> records. Iterate through all potential container IDs associated with a
> network namespace.
>
> Signed-off-by: Richard Guy Briggs
> ---
> kernel/audit.c
On Fri, Mar 16, 2018 at 5:00 AM, Richard Guy Briggs wrote:
> Audit events could happen in a network namespace outside of a task
> context due to packets received from the net that trigger an auditing
> rule prior to being associated with a running task. The network
> namespace could in use by mul
On Fri, Mar 16, 2018 at 5:00 AM, Richard Guy Briggs wrote:
> Add container ID auxiliary records to secure computing and abnormal end
> standalone records.
>
> Signed-off-by: Richard Guy Briggs
> ---
> kernel/auditsc.c | 10 --
> 1 file changed, 8 insertions(+), 2 deletions(-)
>
> diff --
On Fri, Mar 16, 2018 at 5:00 AM, Richard Guy Briggs wrote:
> Add container ID auxiliary records to configuration change, feature set change
> and user generated standalone records.
>
> Signed-off-by: Richard Guy Briggs
> ---
> kernel/audit.c | 50 ---
On 4/18/2018 5:46 PM, Paul Moore wrote:
> On Wed, Apr 18, 2018 at 8:41 PM, Casey Schaufler
> wrote:
>> On 4/18/2018 4:47 PM, Paul Moore wrote:
>>> On Fri, Mar 16, 2018 at 5:00 AM, Richard Guy Briggs wrote:
Implement the proc fs write to set the audit container ID of a process,
emitting
On Wed, Apr 18, 2018 at 8:41 PM, Casey Schaufler wrote:
> On 4/18/2018 4:47 PM, Paul Moore wrote:
>> On Fri, Mar 16, 2018 at 5:00 AM, Richard Guy Briggs wrote:
>>> Implement the proc fs write to set the audit container ID of a process,
>>> emitting an AUDIT_CONTAINER record to document the event.
On Fri, Mar 16, 2018 at 5:00 AM, Richard Guy Briggs wrote:
> Add container ID auxiliary record to mark, watch and tree rule
> configuration standalone records.
>
> Signed-off-by: Richard Guy Briggs
> ---
> kernel/audit_fsnotify.c | 5 -
> kernel/audit_tree.c | 5 -
> kernel/audit_w
On 4/18/2018 4:47 PM, Paul Moore wrote:
> On Fri, Mar 16, 2018 at 5:00 AM, Richard Guy Briggs wrote:
>> Implement the proc fs write to set the audit container ID of a process,
>> emitting an AUDIT_CONTAINER record to document the event.
>> ...
>>
>> diff --git a/include/linux/sched.h b/include/lin
On Fri, Mar 16, 2018 at 5:00 AM, Richard Guy Briggs wrote:
> Standalone audit records have the timestamp and serial number generated
> on the fly and as such are unique, making them standalone. This new
> function audit_alloc_local() generates a local audit context that will
> be used only for a
On Fri, Mar 16, 2018 at 5:00 AM, Richard Guy Briggs wrote:
> Add container ID support to ptrace and signals. In particular, the "op"
> field provides a way to label the auxiliary record to which it is
> associated.
>
> Signed-off-by: Richard Guy Briggs
> ---
> include/linux/audit.h | 16 +++
On Fri, Mar 16, 2018 at 5:00 AM, Richard Guy Briggs wrote:
> Implement container ID filtering using the AUDIT_CONTAINERID field name
> to send an 8-character string representing a u64 since the value field
> is only u32.
>
> Sending it as two u32 was considered, but gathering and comparing two
> f
On Fri, Mar 16, 2018 at 5:00 AM, Richard Guy Briggs wrote:
> Check if a task has existing children or co-threads and refuse to set
> the container ID if either are present. Failure to check this could
> permit games where a child scratches its parent's back to work around
> inheritance and double
On Fri, Mar 16, 2018 at 5:00 AM, Richard Guy Briggs wrote:
> Implement the proc fs write to set the audit container ID of a process,
> emitting an AUDIT_CONTAINER record to document the event.
>
> This is a write from the container orchestrator task to a proc entry of
> the form /proc/PID/containe
On 04/18/2018 03:23 PM, Richard Guy Briggs wrote:
On 2018-04-18 14:45, Stefan Berger wrote:
On 03/15/2018 11:58 PM, Richard Guy Briggs wrote:
On 2018-03-15 16:27, Stefan Berger wrote:
On 03/01/2018 02:41 PM, Richard Guy Briggs wrote:
Implement the proc fs write to set the audit container ID o
On 2018-04-18 15:39, Stefan Berger wrote:
> On 04/18/2018 03:23 PM, Richard Guy Briggs wrote:
> > On 2018-04-18 14:45, Stefan Berger wrote:
> > > On 03/15/2018 11:58 PM, Richard Guy Briggs wrote:
> > > > On 2018-03-15 16:27, Stefan Berger wrote:
> > > > > On 03/01/2018 02:41 PM, Richard Guy Briggs
On 2018-04-18 14:45, Stefan Berger wrote:
> On 03/15/2018 11:58 PM, Richard Guy Briggs wrote:
> > On 2018-03-15 16:27, Stefan Berger wrote:
> > > On 03/01/2018 02:41 PM, Richard Guy Briggs wrote:
> > > > Implement the proc fs write to set the audit container ID of a process,
> > > > emitting an AUD
On 03/15/2018 11:58 PM, Richard Guy Briggs wrote:
On 2018-03-15 16:27, Stefan Berger wrote:
On 03/01/2018 02:41 PM, Richard Guy Briggs wrote:
Implement the proc fs write to set the audit container ID of a process,
emitting an AUDIT_CONTAINER record to document the event.
This is a write from t
17 matches
Mail list logo
