Re: [PATCH v2 0/3] audit: add support for openat2
On 2021-04-30 13:29, Richard Guy Briggs wrote:
The openat2(2) syscall was added in v5.6. Add support for openat2 to
the
audit syscall classifier and for recording openat2 parameters that cannot
be captured in the syscall parameters of the SYSCALL record.
Well, that was a bit premature... Commit descriptions in each of the
patches might be a good idea... Somehow they got dropped from V1. I
guess they seemed obvious to me. :-) Changelog might be a nice
addition too... Sorry for the noise.
Supporting userspace code can be found in
https://github.com/rgbriggs/audit-userspace/tree/ghau-openat2
Supporting test case can be found in
https://github.com/linux-audit/audit-testsuite/pull/103
Richard Guy Briggs (3):
audit: replace magic audit syscall class numbers with macros
audit: add support for the openat2 syscall
audit: add OPENAT2 record to list how
arch/alpha/kernel/audit.c | 10 ++++++----
arch/ia64/kernel/audit.c | 10 ++++++----
arch/parisc/kernel/audit.c | 10 ++++++----
arch/parisc/kernel/compat_audit.c | 11 +++++++----
arch/powerpc/kernel/audit.c | 12 +++++++-----
arch/powerpc/kernel/compat_audit.c | 13 ++++++++-----
arch/s390/kernel/audit.c | 12 +++++++-----
arch/s390/kernel/compat_audit.c | 13 ++++++++-----
arch/sparc/kernel/audit.c | 12 +++++++-----
arch/sparc/kernel/compat_audit.c | 13 ++++++++-----
arch/x86/ia32/audit.c | 13 ++++++++-----
arch/x86/kernel/audit_64.c | 10 ++++++----
fs/open.c | 2 ++
include/linux/audit.h | 11 +++++++++++
include/linux/auditscm.h | 24 +++++++++++++++++++++++
include/uapi/linux/audit.h | 1 +
kernel/audit.h | 2 ++
kernel/auditsc.c | 31 ++++++++++++++++++++++++------
lib/audit.c | 14 +++++++++-----
lib/compat_audit.c | 15 ++++++++++-----
20 files changed, 168 insertions(+), 71 deletions(-)
create mode 100644 include/linux/auditscm.h
--
2.27.0
- RGB
--
Richard Guy Briggs <rgb(a)redhat.com>
Sr. S/W Engineer, Kernel Security, Base Operating Systems
Remote, Ottawa, Red Hat Canada
IRC: rgb, SunRaycer
Voice: +1.647.777.2635, Internal: (81) 32635