Re: [PATCH ghak103 V1] audit: add support for fcaps v3
On Wed, Jan 23, 2019 at 9:37 PM Richard Guy Briggs <rgb(a)redhat.com> wrote:
V3 namespaced file capabilities were introduced in
commit 8db6c34f1dbc ("Introduce v3 namespaced file capabilities")
Add support for these by adding the "frootid" field to the existing
fcaps fields in the NAME and BPRM_FCAPS records.
Please see github issue
https://github.com/linux-audit/audit-kernel/issues/103
Signed-off-by: Richard Guy Briggs <rgb(a)redhat.com>
---
Passes audit-testsuite.
include/linux/capability.h | 5 +++--
kernel/audit.c | 6 ++++--
kernel/audit.h | 1 +
kernel/auditsc.c | 4 ++++
security/commoncap.c | 2 ++
5 files changed, 14 insertions(+), 4 deletions(-)
diff --git a/include/linux/capability.h b/include/linux/capability.h
index f640dcbc880c..f6bb691547fd 100644
--- a/include/linux/capability.h
+++ b/include/linux/capability.h
@@ -14,7 +14,7 @@
#define _LINUX_CAPABILITY_H
#include <uapi/linux/capability.h>
-
+#include <linux/uidgid.h>
#define _KERNEL_CAPABILITY_VERSION _LINUX_CAPABILITY_VERSION_3
#define _KERNEL_CAPABILITY_U32S _LINUX_CAPABILITY_U32S_3
@@ -25,11 +25,12 @@
__u32 cap[_KERNEL_CAPABILITY_U32S];
} kernel_cap_t;
-/* exact same as vfs_cap_data but in cpu endian and always filled completely */
+/* exact same as vfs_ns_cap_data but in cpu endian and always filled completely */
Removed "exact" from the comment above so it fits an 80 char line
width. Please watch for this in your patches, I care a lot about line
widths.
Otherwise as long as Serge is happy with the capabilities bits, I'm
happy with the audit bits; merged.
--
paul moore
www.paul-moore.com