mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-13 14:14:37 +00:00
Code Issues Releases Wiki Activity
linux-stable/include
History
Amy Griffis f368c07d72 [PATCH] audit: path-based rules 
In this implementation, audit registers inotify watches on the parent
directories of paths specified in audit rules.  When audit's inotify
event handler is called, it updates any affected rules based on the
filesystem event.  If the parent directory is renamed, removed, or its
filesystem is unmounted, audit removes all rules referencing that
inotify watch.

To keep things simple, this implementation limits location-based
auditing to the directory entries in an existing directory.  Given
a path-based rule for /foo/bar/passwd, the following table applies:

    passwd modified -- audit event logged
    passwd replaced -- audit event logged, rules list updated
    bar renamed     -- rule removed
    foo renamed     -- untracked, meaning that the rule now applies to
		       the new location

Audit users typically want to have many rules referencing filesystem
objects, which can significantly impact filtering performance.  This
patch also adds an inode-number-based rule hash to mitigate this
situation.

The patch is relative to the audit git tree:
http://kernel.org/git/?p=linux/kernel/git/viro/audit-current.git;a=summary
and uses the inotify kernel API:
http://lkml.org/lkml/2006/6/1/145

Signed-off-by: Amy Griffis <amy.griffis@hp.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-06-20 05:25:27 -04:00
..
acpi
asm-alpha [PATCH] alpha: SMP IRQ routing fix 2006-06-05 12:29:16 -07:00
asm-arm [ARM] 3547/1: PXA-OHCI: Allow platforms to specify a power budget 2006-06-08 22:44:07 +01:00
asm-arm26
asm-cris [PATCH] sys_kexec_load() naming fixups 2006-04-11 06:18:42 -07:00
asm-frv [PATCH] sys_kexec_load() naming fixups 2006-04-11 06:18:42 -07:00
asm-generic [SPARC64]: Fix D-cache corruption in mremap 2006-06-01 17:47:25 -07:00
asm-h8300 [PATCH] sys_kexec_load() naming fixups 2006-04-11 06:18:42 -07:00
asm-i386 [PATCH] x86_64: avoid IRQ0 ioapic pin collision 2006-05-08 09:34:56 -07:00
asm-ia64 [IA64] remove asm-ia64/bitops.h self-inclusion 2006-05-05 11:37:15 -07:00
asm-m32r [PATCH] m32r: update switch_to macro for tuning 2006-04-19 09:13:51 -07:00
asm-m68k
asm-m68knommu
asm-mips [MIPS] Fix sparsemem support. 2006-06-06 00:15:20 +01:00
asm-parisc [PARISC] Make ioremap default to _nocache 2006-04-21 22:20:35 +00:00
asm-powerpc [PATCH] powerpc: enable CPU_FTR_CI_LARGE_PAGE for cell 2006-06-17 10:56:24 -07:00
asm-ppc powerpc/32: Define an is_kernel_addr() to fix ARCH=ppc compilation 2006-05-09 16:00:59 +10:00
asm-s390 [PATCH] s390: fix in-user atomic futex operation. 2006-06-08 15:15:30 -07:00
asm-sh [PATCH] sys_kexec_load() naming fixups 2006-04-11 06:18:42 -07:00
asm-sh64 [PATCH] sys_kexec_load() naming fixups 2006-04-11 06:18:42 -07:00
asm-sparc [SPARC]: Add robust futex syscall entries. 2006-05-21 21:22:53 -07:00
asm-sparc64 [SPARC64]: Fix D-cache corruption in mremap 2006-06-01 17:47:25 -07:00
asm-um [PATCH] uml: more __user annotations 2006-06-05 12:29:17 -07:00
asm-v850 [PATCH] Remove unused prepare_to_switch macro 2006-04-11 06:18:34 -07:00
asm-x86_64 [PATCH] x86_64: Fix stack/mmap randomization for compat tasks 2006-05-30 20:31:05 -07:00
asm-xtensa [PATCH] request_irq(): remove warnings from irq probing 2006-04-28 08:33:46 -07:00
keys
linux [PATCH] audit: path-based rules 2006-06-20 05:25:27 -04:00
math-emu
media V4L/DVB (3702): Make msp3400 routing defines more consistent 2006-04-02 04:56:11 -03:00
mtd
net [PATCH] net/compat.h build fix 2006-05-31 16:27:11 -07:00
pcmcia [PATCH] pcmcia: declare pccard_iodyn_ops (fix m8xx_pcmcia.c compilation error) 2006-03-31 21:49:51 +02:00
rdma IB: simplify static rate encoding 2006-04-10 09:43:47 -07:00
rxrpc
scsi [SCSI] srp.h: avoid padding of structs 2006-04-28 10:14:15 -05:00
sound [ALSA] Fix Oops at rmmod with CONFIG_SND_VERBOSE_PROCFS=n 2006-04-27 21:10:42 +02:00
video