Re: [PATCH ghak90 v10 01/11] audit: collect audit task parameters
On Mon, Dec 21, 2020 at 11:57 AM Richard Guy Briggs <rgb(a)redhat.com> wrote:
The audit-related parameters in struct task_struct should ideally be
collected together and accessed through a standard audit API and the audit
structures made opaque to other kernel subsystems.
Collect the existing loginuid, sessionid and audit_context together in a
new opaque struct audit_task_info called "audit" in struct task_struct.
Use kmem_cache to manage this pool of memory.
Un-inline audit_free() to be able to always recover that memory.
Please see the upstream github issues
https://github.com/linux-audit/audit-kernel/issues/81
https://github.com/linux-audit/audit-kernel/issues/90
Signed-off-by: Richard Guy Briggs <rgb(a)redhat.com>
Acked-by: Neil Horman <nhorman(a)tuxdriver.com>
Reviewed-by: Ondrej Mosnacek <omosnace(a)redhat.com>
Did Neil and Ondrej really ACK/Review the changes that you made here
in v10 or are you just carrying over the ACK/Review? I'm hopeful it
is the former, because I'm going to be a little upset if it is the
latter.
---
fs/io-wq.c | 8 +--
fs/io_uring.c | 16 ++---
include/linux/audit.h | 49 +++++---------
include/linux/sched.h | 7 +-
init/init_task.c | 3 +-
init/main.c | 2 +
kernel/audit.c | 154 +++++++++++++++++++++++++++++++++++++++++-
kernel/audit.h | 7 ++
kernel/auditsc.c | 24 ++++---
kernel/fork.c | 1 -
10 files changed, 205 insertions(+), 66 deletions(-)
--
paul moore
www.paul-moore.com