[PATCH 0/2] Provide matching audit timestamp in the SELinux AVC trace event
Ondrej Mosnacek
omosnace at redhat.com
Mon Dec 19 17:54:47 UTC 2022
This series allows to match the SELinux AVC trace events to the
corresponding audit events via the audit event timestamp. This
will help with troubleshooting SELinux denials.
Ondrej Mosnacek (2):
audit: introduce a struct to represent an audit timestamp
selinux: provide matching audit timestamp in the AVC trace event
include/linux/audit.h | 13 +++++++++++++
include/trace/events/avc.h | 25 +++++++++++++++++--------
kernel/audit.c | 23 +++++++++++++++--------
kernel/audit.h | 4 ++--
kernel/auditsc.c | 9 ++++-----
security/selinux/avc.c | 4 +++-
6 files changed, 54 insertions(+), 24 deletions(-)
--
2.38.1
More information about the Linux-security-module-archive
mailing list