Re: [GIT PULL] Audit patches for v5.15

The pull request you sent on Mon, 30 Aug 2021 12:46:55 -0400: > git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git > tags/audit-pr-20210830 has been merged into torvalds/linux.git: https://git.kernel.org/torvalds/c/8e0cd9525ca7ab8ba87135d85b10596e61b10e63 Thank you! --

[PATCH v3 1/3] dm: introduce audit event module for device mapper

To be able to send auditing events to user space, we introduce a generic dm-audit module. It provides helper functions to emit audit events through the kernel audit subsystem. We claim the AUDIT_DM_CTRL type=1336 and AUDIT_DM_EVENT type=1337 out of the audit event messages range in the

[PATCH v3 2/3] dm integrity: log audit events for dm-integrity target

dm-integrity signals integrity violations by returning I/O errors to user space. To identify integrity violations by a controlling instance, the kernel audit subsystem can be used to emit audit events to user space. We use the new dm-audit submodule allowing to emit audit events on relevant I/O

[PATCH v3 3/3] dm crypt: log aead integrity violations to audit subsystem

Since dm-crypt target can be stacked on dm-integrity targets to provide authenticated encryption, integrity violations are recognized here during aead computation. We use the dm-audit submodule to signal those events to user space, too. The construction and destruction of crypt device mappings

[PATCH v3 0/3] dm: audit event logging

dm integrity and also stacked dm crypt devices track integrity violations internally. Thus, integrity violations could be polled from user space, e.g., by 'integritysetup status'. >From an auditing perspective, we only could see that there were a number of integrity violations, but not when and

Re: [RFC PATCH v2 9/9] Smack: Brutalist io_uring support with debug

On Tue, Aug 31, 2021 at 11:03 AM Casey Schaufler wrote: > On 8/31/2021 7:44 AM, Paul Moore wrote: > > > > Casey, with the idea of posting a v3 towards the end of the merge > > window next week, without the RFC tag and with the intention of > > merging it into -next during the first/second week of

Re: [RFC PATCH v2 9/9] Smack: Brutalist io_uring support with debug

On 8/31/2021 7:44 AM, Paul Moore wrote: > On Wed, Aug 11, 2021 at 4:49 PM Paul Moore wrote: >> From: Casey Schaufler >> >> Add Smack privilege checks for io_uring. Use CAP_MAC_OVERRIDE >> for the override_creds case and CAP_MAC_ADMIN for creating a >> polling thread. These choices are based on

Re: [RFC PATCH v2 9/9] Smack: Brutalist io_uring support with debug

On Wed, Aug 11, 2021 at 4:49 PM Paul Moore wrote: > > From: Casey Schaufler > > Add Smack privilege checks for io_uring. Use CAP_MAC_OVERRIDE > for the override_creds case and CAP_MAC_ADMIN for creating a > polling thread. These choices are based on conjecture regarding > the intent of the