[RFC PATCH v2 02/14] lsm: Add audit_log_lsm_data() helper
Paul Moore
paul at paul-moore.com
Thu Oct 24 16:30:41 UTC 2024
On Tue, Oct 22, 2024 at 8:07 PM Paul Moore <paul at paul-moore.com> wrote:
>
> On Tue, Oct 22, 2024 at 12:10 PM Mickaël Salaün <mic at digikod.net> wrote:
> >
> > Extract code from dump_common_audit_data() into the audit_log_lsm_data()
> > helper. This helps reuse common LSM audit data while not abusing
> > AUDIT_AVC records because of the common_lsm_audit() helper.
> >
> > Cc: Casey Schaufler <casey at schaufler-ca.com>
> > Cc: James Morris <jmorris at namei.org>
> > Cc: Paul Moore <paul at paul-moore.com>
> > Cc: Serge E. Hallyn <serge at hallyn.com>
> > Signed-off-by: Mickaël Salaün <mic at digikod.net>
> > Link: https://lore.kernel.org/r/20241022161009.982584-3-mic@digikod.net
> > ---
> >
> > Changes since v1:
> > * Fix commit message (spotted by Paul).
> > * Constify dump_common_audit_data()'s and audit_log_lsm_data()'s "a"
> > argument.
> > * Fix build without CONFIG_NET: see previous patch.
> > ---
> > include/linux/lsm_audit.h | 8 ++++++++
> > security/lsm_audit.c | 27 ++++++++++++++++++---------
> > 2 files changed, 26 insertions(+), 9 deletions(-)
>
> While not a fix like 1/14, reducing AUDIT_AVC reuse is a reasonable
> goal. Merged into lsm/dev, thanks!
I'm also going to have to remove this patch from lsm/dev due to
problems uncovered by the kernel test robot.
--
paul-moore.com
More information about the Linux-security-module-archive
mailing list