per-netns
audit kernel side socket(audit_sock), it's pain to
depend on and get reference of netns for auditns.
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
---
kernel/audit.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/kernel/audit.c b/kernel/audit.c
index b62153a..2ac6212 100644
things easy and we needn't to
consider the complicate cases.
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
---
kernel/audit.c | 61 ++
kernel/audit.h | 4
2 files changed, 10 insertions(+), 55 deletions(-)
diff --git a/kernel/audit.c b
On 01/08/2014 08:53 AM, Andrew Morton wrote:
On Tue, 17 Dec 2013 11:10:41 +0800 Gao feng gaof...@cn.fujitsu.com wrote:
print the error message and then return -ENOMEM.
...
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -1083,12 +1083,11 @@ static int __net_init audit_net_init(struct net
On 12/21/2013 05:15 AM, Serge E. Hallyn wrote:
Quoting Gao feng (gaof...@cn.fujitsu.com):
On 12/11/2013 04:36 AM, Serge E. Hallyn wrote:
Quoting Eric Paris (epa...@redhat.com):
On Tue, 2013-12-10 at 10:51 -0600, Serge Hallyn wrote:
Quoting Gao feng (gaof...@cn.fujitsu.com):
On 12/10/2013 02
On 12/20/2013 02:40 AM, Eric Paris wrote:
On Thu, 2013-12-19 at 11:59 +0800, Gao feng wrote:
On 07/17/2013 04:32 AM, Richard Guy Briggs wrote:
Convert audit from only listening in init_net to use
register_pernet_subsys()
to dynamically manage the netlink socket list.
Signed-off-by: Richard
On 12/20/2013 09:19 AM, Richard Guy Briggs wrote:
On 13/12/19, Gao feng wrote:
On 12/19/2013 10:34 AM, Gao feng wrote:
kernel/capability.c: In function ‘SYSC_capset’:
kernel/capability.c:280:2: warning: passing argument 1 of
‘audit_log_capset’ makes integer from pointer without a cast
On 12/20/2013 09:40 AM, Richard Guy Briggs wrote:
On 13/12/20, Gao feng wrote:
On 12/20/2013 09:19 AM, Richard Guy Briggs wrote:
On 13/12/19, Gao feng wrote:
On 12/19/2013 10:34 AM, Gao feng wrote:
kernel/capability.c: In function ‘SYSC_capset’:
kernel/capability.c:280:2: warning: passing
On 12/20/2013 02:40 AM, Eric Paris wrote:
On Thu, 2013-12-19 at 11:59 +0800, Gao feng wrote:
On 07/17/2013 04:32 AM, Richard Guy Briggs wrote:
Convert audit from only listening in init_net to use
register_pernet_subsys()
to dynamically manage the netlink socket list.
Signed-off-by: Richard
On 12/20/2013 11:11 AM, Eric Paris wrote:
On Fri, 2013-12-20 at 10:46 +0800, Gao feng wrote:
On 12/20/2013 02:40 AM, Eric Paris wrote:
On Thu, 2013-12-19 at 11:59 +0800, Gao feng wrote:
On 07/17/2013 04:32 AM, Richard Guy Briggs wrote:
we have to store audit_sock
into auditns(auditns
On 12/19/2013 10:34 AM, Gao feng wrote:
kernel/capability.c: In function ‘SYSC_capset’:
kernel/capability.c:280:2: warning: passing argument 1 of ‘audit_log_capset’
makes integer from pointer without a cast [enabled by default]
audit_log_capset(new, current_cred());
^
In file included
());
^
In file included from kernel/capability.c:10:0:
include/linux/audit.h:400:20: note: declared here
static inline void audit_log_capset(pid_t pid, const struct cred *new,
^
make[1]: *** [kernel/capability.o] Error 1
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
---
include
, and no matter which netns the
user space audit netlink sockets belong to, they all
can find out and communicate with audit_sock.
This gets rid of the necessary to create per-netns
audit kernel side socket(audit_sock), it's pain to
depend on and get reference of netns for auditns.
Signed-off-by: Gao
print the error message and then return -ENOMEM.
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
---
kernel/audit.c | 9 -
1 file changed, 4 insertions(+), 5 deletions(-)
diff --git a/kernel/audit.c b/kernel/audit.c
index 2a0ed0b..041b951 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
be released anytime,
so the audit_sock may point to invalid socket.
this patch sets the audit_sock to the kernel side audit
netlink socket.
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
---
kernel/audit.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/audit.c b/kernel
On 12/11/2013 04:36 AM, Serge E. Hallyn wrote:
Quoting Eric Paris (epa...@redhat.com):
On Tue, 2013-12-10 at 10:51 -0600, Serge Hallyn wrote:
Quoting Gao feng (gaof...@cn.fujitsu.com):
On 12/10/2013 02:26 AM, Serge Hallyn wrote:
Quoting Gao feng (gaof...@cn.fujitsu.com):
On 12/07/2013 06:12
On 12/10/2013 02:26 AM, Serge Hallyn wrote:
Quoting Gao feng (gaof...@cn.fujitsu.com):
On 12/07/2013 06:12 AM, Serge E. Hallyn wrote:
Quoting Gao feng (gaof...@cn.fujitsu.com):
Hi
On 10/24/2013 03:31 PM, Gao feng wrote:
Here is the v1 patchset: http://lwn.net/Articles/549546/
The main
On 12/10/2013 01:53 AM, Serge Hallyn wrote:
Quoting Gao feng (gaof...@cn.fujitsu.com):
On 12/07/2013 06:10 AM, Serge E. Hallyn wrote:
Quoting Gao feng (gaof...@cn.fujitsu.com):
Since there is no more place for flags of clone system call.
we need to find a way to create audit namespace
On 12/07/2013 06:00 AM, Serge E. Hallyn wrote:
Quoting Gao feng (gaof...@cn.fujitsu.com):
1, remove the permission check of pid namespace. it's no reason
to deny un-init pid namespace to operate audit subsystem.
2, only allow init user namespace and init audit namespace to
operate list
On 12/07/2013 06:10 AM, Serge E. Hallyn wrote:
Quoting Gao feng (gaof...@cn.fujitsu.com):
Since there is no more place for flags of clone system call.
we need to find a way to create audit namespace.
this patch add a new type of message AUDIT_CREATE_NS.
user space can create new audit
On 12/07/2013 06:12 AM, Serge E. Hallyn wrote:
Quoting Gao feng (gaof...@cn.fujitsu.com):
Hi
On 10/24/2013 03:31 PM, Gao feng wrote:
Here is the v1 patchset: http://lwn.net/Articles/549546/
The main target of this patchset is allowing user in audit
namespace to generate the USER_MSG type
Hi Serge,
Thanks for your comments!
On 12/07/2013 05:31 AM, Serge E. Hallyn wrote:
Quoting Gao feng (gaof...@cn.fujitsu.com):
Here is the v1 patchset: http://lwn.net/Articles/549546/
The main target of this patchset is allowing user in audit
namespace to generate the USER_MSG type of audit
Hi
On 10/24/2013 03:31 PM, Gao feng wrote:
Here is the v1 patchset: http://lwn.net/Articles/549546/
The main target of this patchset is allowing user in audit
namespace to generate the USER_MSG type of audit message,
some userspace tools need to generate audit message, or
these tools
On 11/06/2013 03:14 AM, Richard Guy Briggs wrote:
On Tue, Nov 05, 2013 at 04:56:55PM +0800, Gao feng wrote:
On 11/05/2013 04:11 PM, Li Zefan wrote:
On 2013/11/5 15:52, Gao feng wrote:
On 11/05/2013 03:51 PM, Gao feng wrote:
Ping...
I want to catch up the merge window..
Even if your
On 11/06/2013 03:14 AM, Richard Guy Briggs wrote:
On Tue, Nov 05, 2013 at 04:56:55PM +0800, Gao feng wrote:
On 11/05/2013 04:11 PM, Li Zefan wrote:
On 2013/11/5 15:52, Gao feng wrote:
On 11/05/2013 03:51 PM, Gao feng wrote:
Ping...
I want to catch up the merge window..
Even if your
On 11/05/2013 03:51 PM, Gao feng wrote:
Ping...
I want to catch up the merge window..
On 10/31/2013 11:52 AM, Gao feng wrote:
Hi Eric Paris,
Can you give me some comments?
You think the tying audit namespace to user namespace is a bad idea,
so this patchset doesn't assign auditns
Ping...
On 10/31/2013 11:52 AM, Gao feng wrote:
Hi Eric Paris,
Can you give me some comments?
You think the tying audit namespace to user namespace is a bad idea,
so this patchset doesn't assign auditns to userns and introduce an
new audit netlink type to help to create audit namespace
On 11/05/2013 04:11 PM, Li Zefan wrote:
On 2013/11/5 15:52, Gao feng wrote:
On 11/05/2013 03:51 PM, Gao feng wrote:
Ping...
I want to catch up the merge window..
Even if your patches are accepted by a certain maintainer immediately,
he will in no doubt queue them for 3.14.
Yes, you
On 11/02/2013 01:00 PM, Richard Guy Briggs wrote:
On Fri, Nov 01, 2013 at 07:34:46PM +0800, Gao feng wrote:
The type of oldloginuid should be unsigned long.
Can you say why unsigned long rather than int returned from
audit_get_sessionid() or unsigned int expected by
audit_log_set_loginuid
The type of task-sessionid is unsigned int, the return
type of audit_get_sessionid should be consistent with it.
And this patch also changes the type of oldsessionid to
unsigned int.
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
---
include/linux/audit.h | 4 ++--
kernel/auditsc.c | 3
The order of new feature and old feature is incorrect,
this patch fix it.
Acked-by: Eric Paris epa...@redhat.com
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
---
kernel/audit.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/audit.c b/kernel/audit.c
index 7c7c028
If audit is disabled,we shouldn't generate the audit log.
Acked-by: Eric Paris epa...@redhat.com
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
---
kernel/audit.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/kernel/audit.c b/kernel/audit.c
index f16f835..c307786 100644
--- a/kernel
If audit is disabled, we shouldn't generate loginuid audit
log.
Acked-by: Eric Paris epa...@redhat.com
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
---
kernel/auditsc.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 065c7a1..ceb396f 100644
The type of oldloginuid should be unsigned long.
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
---
kernel/auditsc.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index ceb396f..9f871ad 100644
--- a/kernel/auditsc.c
+++ b/kernel
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
---
kernel/audit.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/audit.c b/kernel/audit.c
index 7c7c028..f16f835 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -664,7 +664,7 @@ static void audit_log_feature_change
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
---
kernel/auditsc.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 065c7a1..92d0e92 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -1990,6 +1990,9 @@ static void audit_log_set_loginuid
of net namespaces have ability to send/
receive audit netlink message.
I may miss some points, if you find there are some shortage or loophole,
please let me know.
Thanks!
On 10/24/2013 03:31 PM, Gao feng wrote:
Here is the v1 patchset: http://lwn.net/Articles/549546/
The main target
Hi Eric Richard,
On 10/31/2013 11:49 PM, Eric Paris wrote:
On Thu, 2013-10-31 at 11:39 -0400, Richard Guy Briggs wrote:
On Thu, Oct 31, 2013 at 04:27:56PM +0800, Gao feng wrote:
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
Gao,
Could you provide some description, justification
On 10/31/2013 10:50 PM, Steve Grubb wrote:
On Thursday, October 31, 2013 04:52:22 PM Gao feng wrote:
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
---
kernel/auditsc.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 065c7a1..92d0e92 100644
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
---
kernel/audit.c | 34 +-
1 file changed, 17 insertions(+), 17 deletions(-)
diff --git a/kernel/audit.c b/kernel/audit.c
index 5524deb..b203017 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -338,11 +338,11
now in order to get more comments, so
I can keep on improving namespace support for audit.
Gao feng (20):
Audit: make audit netlink socket net namespace unaware
audit: introduce configure option CONFIG_AUDIT_NS
audit: make audit_skb_queue per audit namespace
audit: make
This patch makes audit_skb_hold_queue per audit namespace.
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
---
include/linux/audit_namespace.h | 3 +++
kernel/audit.c | 12 +---
2 files changed, 8 insertions(+), 7 deletions(-)
diff --git a/include/linux
The audit log that generated in audit namespace should be
received by the auditd running in this audit namespace.
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
---
kernel/audit.c | 21 +++--
1 file changed, 11 insertions(+), 10 deletions(-)
diff --git a/kernel/audit.c b/kernel
audit moudule will use create_new_namespaces to
create new nsproxy.
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
---
include/linux/nsproxy.h | 4
kernel/nsproxy.c| 2 +-
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/include/linux/nsproxy.h b/include/linux/nsproxy.h
through create user namespace and then create audit
namespace.
Inder to keep the consistent behavior as before, for init
audit namespace, the backlog_limit can be changed only
through netlink interface.
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
---
fs/proc/base.c | 53
-by: Gao feng gaof...@cn.fujitsu.com
---
include/linux/audit_namespace.h | 2 ++
kernel/audit.c | 43 ++---
kernel/audit.h | 5 ++---
kernel/auditsc.c| 6 +++---
4 files changed, 39 insertions(+), 17 deletions
, the audit_backlog_limit will be per
audit namesapace, but only the privileged user has rights to
modify it. and the default value of audit_backlog_limit for
uninit audit namespace will be set to 0.
And the audit_rate_limit will be limited too.
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
-off-by: Gao feng gaof...@cn.fujitsu.com
---
include/linux/audit_namespace.h | 51 +
include/linux/nsproxy.h | 11 +
init/Kconfig| 10
kernel/Makefile | 2 +-
kernel/audit_namespace.c| 8
per-netns
audit kernel side socket(audit_sock), it's pain to
depend on and get reference of netns for auditns.
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
---
kernel/audit.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/kernel/audit.c b/kernel/audit.c
index 7b0e23a..468950b 100644
We should use audit_nlk_portid to decide to send
audit netlink message to which auditd processes.
it should be per audit namespace too.
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
---
include/linux/audit_namespace.h | 2 ++
kernel/audit.c | 14 --
2 files changed
configuration, send
userspace audit message.
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
---
kernel/audit.c | 13 ++---
1 file changed, 6 insertions(+), 7 deletions(-)
diff --git a/kernel/audit.c b/kernel/audit.c
index 095f54d..c4d4291 100644
--- a/kernel/audit.c
+++ b/kernel
This patch makes audit_skb_queue per audit namespace,
Since we haven't finished the preparations, only
allow user to attach/detach skb to the queue of
init_audit_ns.
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
---
include/linux/audit_namespace.h | 3 +++
kernel/audit.c | 18
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
---
kernel/audit.c | 10 +-
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/kernel/audit.c b/kernel/audit.c
index 2132929..5524deb 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -662,11 +662,11 @@ static int
kauditd_task is added to the wait queue kaudit_wait when
there is no audit message being generated in audit namespace,
so the kaudit_wait should be per audit namespace too.
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
---
include/linux/audit_namespace.h | 2 ++
kernel/audit.c
On 10/24/2013 03:20 AM, Richard Guy Briggs wrote:
On Wed, Oct 23, 2013 at 07:25:23PM +0800, Gao feng wrote:
The pid is not a suitable name for netlink port,
change it to portid.
That is already in the works:
https://www.redhat.com/archives/linux-audit/2013-August/msg00023.html
Since kernel parameter is operated before
initcall, so the audit_initialized must be
AUDIT_UNINITIALIZED or DISABLED in audit_enable.
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
---
kernel/audit.c | 13 ++---
1 file changed, 2 insertions(+), 11 deletions(-)
diff --git a/kernel
On 10/24/2013 03:55 AM, Richard Guy Briggs wrote:
On Tue, Oct 15, 2013 at 02:30:34PM +0800, Gao feng wrote:
Hi Toshiyuki-san,
Toshiuki and Gao,
On 10/15/2013 12:43 PM, Toshiyuki Okajima wrote:
The backlog cannot be consumed when audit_log_start is running on auditd
even
On 10/23/2013 01:59 AM, Richard Guy Briggs wrote:
On Mon, Oct 21, 2013 at 04:01:40PM +0800, Gao feng wrote:
As the man page of auditctl said:
-b backlog
Set max number of outstanding audit buffers allowed (Kernel
Default=64)
If all buffers are full, the failure
On 10/11/2013 09:36 AM, Toshiyuki Okajima wrote:
Hi.
The following reproducer causes auditd daemon hang up.
(But the hang up is released after the audit_backlog_wait_time passes.)
# auditctl -a exit,always -S all
# reboot
I reproduced the hangup on KVM, and then got a crash dump.
Remove it.
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
---
kernel/audit.c | 7 ---
1 file changed, 7 deletions(-)
diff --git a/kernel/audit.c b/kernel/audit.c
index 91e53d0..f94db2a 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -1067,13 +1067,6 @@ static void wait_for_auditd
On 08/02/2013 01:57 AM, Eric Paris wrote:
On Tue, 2013-07-30 at 13:22 -0400, Richard Guy Briggs wrote:
On Mon, Jul 22, 2013 at 11:20:57AM +0800, Gao feng wrote:
On 07/20/2013 05:15 AM, Richard Guy Briggs wrote:
On Wed, Jul 17, 2013 at 11:54:21AM +0800, Gao feng wrote:
Hi, Richard
On 07/17
On 07/20/2013 05:15 AM, Richard Guy Briggs wrote:
On Wed, Jul 17, 2013 at 11:54:21AM +0800, Gao feng wrote:
Hi, Richard
On 07/17/2013 04:32 AM, Richard Guy Briggs wrote:
Convert audit from only listening in init_net to use
register_pernet_subsys()
to dynamically manage the netlink socket
Hi, Richard
On 07/17/2013 04:32 AM, Richard Guy Briggs wrote:
Convert audit from only listening in init_net to use register_pernet_subsys()
to dynamically manage the netlink socket list.
Signed-off-by: Richard Guy Briggs r...@redhat.com
---
Right now audit still can't be used in uninit
On 06/21/2013 11:48 AM, Gao feng wrote:
On 06/20/2013 09:02 PM, Eric Paris wrote:
On Thu, 2013-06-20 at 11:02 +0800, Gao feng wrote:
On 06/20/2013 04:51 AM, Eric Paris wrote:
On Wed, 2013-06-19 at 16:49 -0400, Aristeu Rozanski wrote:
On Wed, Jun 19, 2013 at 09:53:32AM +0800, Gao feng wrote
make
user audit message namespace aware.
This patchset is based on linus' linux tree.
You can pull this patchset from:
git://github.com/gao-feng/auditns.git
The following changes since commit 8177a9d79c0e942dcac3312f15585d0344d505a5
lseek(fd, n, SEEK_END) does *not* go to eof - n
On 06/20/2013 09:02 PM, Eric Paris wrote:
On Thu, 2013-06-20 at 11:02 +0800, Gao feng wrote:
On 06/20/2013 04:51 AM, Eric Paris wrote:
On Wed, 2013-06-19 at 16:49 -0400, Aristeu Rozanski wrote:
On Wed, Jun 19, 2013 at 09:53:32AM +0800, Gao feng wrote:
This patchset is first part of namespace
On 06/21/2013 06:01 AM, Eric W. Biederman wrote:
Gao feng gaof...@cn.fujitsu.com writes:
On 06/20/2013 11:02 AM, Gao feng wrote:
If we don't tie audit to user namespace, there is still one problem.
One more problem. some audit messages are generated by some net subsystem
such as netfilter
On 06/20/2013 11:02 AM, Gao feng wrote:
If we don't tie audit to user namespace, there is still one problem.
One more problem. some audit messages are generated by some net subsystem
such as netfilter. If we don't tie audit to user namespace, we have no
idea where these audit messages should go
On 06/20/2013 05:03 AM, Eric W. Biederman wrote:
Eric Paris epa...@redhat.com writes:
On Wed, 2013-06-19 at 16:49 -0400, Aristeu Rozanski wrote:
On Wed, Jun 19, 2013 at 09:53:32AM +0800, Gao feng wrote:
This patchset is first part of namespace support for audit.
in this patchset, the mainly
On 06/11/2013 09:49 PM, Eric Paris wrote:
On Tue, 2013-06-11 at 13:59 +0800, Gao feng wrote:
On 06/11/2013 05:24 AM, Serge E. Hallyn wrote:
Quoting Gao feng (gaof...@cn.fujitsu.com):
On 06/07/2013 06:47 AM, Serge Hallyn wrote:
Quoting Serge Hallyn (serge.hal...@ubuntu.com):
Quoting Gao feng
On 06/11/2013 05:24 AM, Serge E. Hallyn wrote:
Quoting Gao feng (gaof...@cn.fujitsu.com):
On 06/07/2013 06:47 AM, Serge Hallyn wrote:
Quoting Serge Hallyn (serge.hal...@ubuntu.com):
Quoting Gao feng (gaof...@cn.fujitsu.com):
On 05/07/2013 10:20 AM, Gao feng wrote:
This patchset try to add
It's better to define audit_ever_enabled as bool.
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
---
kernel/audit.c | 2 +-
kernel/audit.h | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/kernel/audit.c b/kernel/audit.c
index 21c7fa6..3a5d3f5 100644
--- a/kernel/audit.c
On 05/07/2013 10:20 AM, Gao feng wrote:
+ if (ns-audit.kauditd_task)
+ kthread_stop(ns-audit.kauditd_task);
This is buggy,will trigger warning scheduling while atomic:
I will take care this problem.
--
Linux-audit mailing list
Linux-audit@redhat.com
https://www.redhat.com
On 05/07/2013 10:20 AM, Gao feng wrote:
This patchset try to add namespace support for audit.
I choose to assign audit to the user namespace.
Right now,there are six kinds of namespaces, such as
net, mount, ipc, pid, uts and user. the first five
namespaces have special usage. the audit
],
the kernel side audit netlink socket is created only when we create
the first netns for the userns, and this userns will hold the netns
until we destroy this userns.
The other patches just make the audit related resources per
user namespace.
This patchset is sent as an RFC,any comments are welcome.
Gao
On 05/09/2013 12:55 AM, Eric Paris wrote:
What kernel are these patches against?
This patchset is based on linus's tree.
The last commit is d7ab7302f970a254997687a1cdede421a5635c68
(Merge tag 'mfd-3.10-1' of git://git.kernel.org/pub/scm/linux/kernel/git/same)
Thanks
Gao
--
Linux-audit
The files include kernel/audit.h are complied only
when CONFIG_AUDIT is set.
Just like audit_pid,there is no need to surround
audit_ever_enabled with CONFIG_AUDIT.
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
---
kernel/audit.h | 2 --
1 file changed, 2 deletions(-)
diff --git a/kernel
We only need to check if kauditd is valid after we start
it, if kauditd is invalid, we will set kauditd_task to NULL.
So next time, we will start kauditd again.
It means if kauditd_task is not NULL,it must be valid.
Signed-off-by: Gao feng gaof...@cn.fujitsu.com
---
kernel/audit.c | 11
77 matches
Mail list logo