Hello,
On Friday, November 22, 2019 4:19:55 PM EST Paul Moore wrote:
> On Fri, Nov 22, 2019 at 2:24 PM Jiri Olsa wrote:
> > Paul,
> > would following output be ok:
> >
> > type=SYSCALL msg=audit(1574445211.897:28015): arch=c03e syscall=321
> > success=no exit=-13 a0=5 a1=7fff09ac6c60 a2=78 a
On Sat, Nov 23, 2019 at 10:03:40AM -0800, Jakub Kicinski wrote:
> On Sat, 23 Nov 2019 09:57:19 +0100, Jiri Olsa wrote:
> > Alexei already asked Dave to revert this in previous email,
> > so that should happen
>
> Reverted in net-next now.
>
> But this is not really how this should work. You shoul
On Sat, 23 Nov 2019 09:57:19 +0100, Jiri Olsa wrote:
> Alexei already asked Dave to revert this in previous email,
> so that should happen
Reverted in net-next now.
But this is not really how this should work. You should post a proper
revert patch to netdev for review, with an explanation in the
On Fri, Nov 22, 2019 at 04:19:55PM -0500, Paul Moore wrote:
> On Fri, Nov 22, 2019 at 2:24 PM Jiri Olsa wrote:
> > Paul,
> > would following output be ok:
> >
> > type=SYSCALL msg=audit(1574445211.897:28015): arch=c03e syscall=321
> > success=no exit=-13 a0=5 a1=7fff09ac6c60 a2=78 a3=6 it
On Fri, Nov 22, 2019 at 2:24 PM Jiri Olsa wrote:
> Paul,
> would following output be ok:
>
> type=SYSCALL msg=audit(1574445211.897:28015): arch=c03e syscall=321
> success=no exit=-13 a0=5 a1=7fff09ac6c60 a2=78 a3=6 items=0 ppid=1408
> pid=9266 auid=1001 uid=0 gid=0 euid=0 suid=0 fsuid=0
On Thu, Nov 21, 2019 at 07:36:29PM -0500, Paul Moore wrote:
> On Thu, Nov 21, 2019 at 7:23 PM Alexei Starovoitov
> wrote:
> > On Thu, Nov 21, 2019 at 06:41:31PM -0500, Paul Moore wrote:
> > > On Wed, Nov 20, 2019 at 4:49 PM Alexei Starovoitov
> > > wrote:
> > > > On Wed, Nov 20, 2019 at 1:46 PM D
On Thu, Nov 21, 2019 at 06:41:31PM -0500, Paul Moore wrote:
> On Wed, Nov 20, 2019 at 4:49 PM Alexei Starovoitov
> wrote:
> > On Wed, Nov 20, 2019 at 1:46 PM Daniel Borkmann
> > wrote:
> > > On 11/20/19 10:38 PM, Jiri Olsa wrote:
> > > > From: Daniel Borkmann
> > > >
> > > > Allow for audit mes
On Thu, Nov 21, 2019 at 06:41:31PM -0500, Paul Moore wrote:
SNIP
> a common requirement for new audit functionality (link below). I'm
> also fairly certain we don't want this new BPF record to look like how
> you've coded it up in bpf_audit_prog(); duplicating the fields with
> audit_log_task()
On Thu, Nov 21, 2019 at 06:41:31PM -0500, Paul Moore wrote:
> On Wed, Nov 20, 2019 at 4:49 PM Alexei Starovoitov
> wrote:
> > On Wed, Nov 20, 2019 at 1:46 PM Daniel Borkmann
> > wrote:
> > > On 11/20/19 10:38 PM, Jiri Olsa wrote:
> > > > From: Daniel Borkmann
> > > >
> > > > Allow for audit mes
On 11/22/19 12:41 AM, Paul Moore wrote:
On Wed, Nov 20, 2019 at 4:49 PM Alexei Starovoitov
wrote:
On Wed, Nov 20, 2019 at 1:46 PM Daniel Borkmann wrote:
On 11/20/19 10:38 PM, Jiri Olsa wrote:
From: Daniel Borkmann
Allow for audit messages to be emitted upon BPF program load and
unload for
On Thu, Nov 21, 2019 at 7:25 PM Daniel Borkmann wrote:
> On 11/22/19 12:41 AM, Paul Moore wrote:
> > On Wed, Nov 20, 2019 at 4:49 PM Alexei Starovoitov
> > wrote:
> >> On Wed, Nov 20, 2019 at 1:46 PM Daniel Borkmann
> >> wrote:
> >>> On 11/20/19 10:38 PM, Jiri Olsa wrote:
> From: Daniel Bo
On Thu, Nov 21, 2019 at 7:23 PM Alexei Starovoitov
wrote:
> On Thu, Nov 21, 2019 at 06:41:31PM -0500, Paul Moore wrote:
> > On Wed, Nov 20, 2019 at 4:49 PM Alexei Starovoitov
> > wrote:
> > > On Wed, Nov 20, 2019 at 1:46 PM Daniel Borkmann
> > > wrote:
> > > > On 11/20/19 10:38 PM, Jiri Olsa wr
On Wed, Nov 20, 2019 at 4:49 PM Alexei Starovoitov
wrote:
> On Wed, Nov 20, 2019 at 1:46 PM Daniel Borkmann wrote:
> > On 11/20/19 10:38 PM, Jiri Olsa wrote:
> > > From: Daniel Borkmann
> > >
> > > Allow for audit messages to be emitted upon BPF program load and
> > > unload for having a timelin
13 matches
Mail list logo
