Merge tag 'audit-pr-20190507' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit
Pull audit updates from Paul Moore:
"We've got a reasonably broad set of audit patches for the v5.2 merge
window, the highlights are below:
- The biggest change, and the source of all the arch/* changes, is
the patchset from Dmitry to help enable some of the work he is
doing around PTRACE_GET_SYSCALL_INFO.
To be honest, including this in the audit tree is a bit of a
stretch, but it does help move audit a little further along towards
proper syscall auditing for all arches, and everyone else seemed to
agree that audit was a "good" spot for this to land (or maybe they
just didn't want to merge it? dunno.).
- We can now audit time/NTP adjustments.
- We continue the work to connect associated audit records into a
single event"
* tag 'audit-pr-20190507' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit: (21 commits)
audit: fix a memory leak bug
ntp: Audit NTP parameters adjustment
timekeeping: Audit clock adjustments
audit: purge unnecessary list_empty calls
audit: link integrity evm_write_xattrs record to syscall event
syscall_get_arch: add "struct task_struct *" argument
unicore32: define syscall_get_arch()
Move EM_UNICORE to uapi/linux/elf-em.h
nios2: define syscall_get_arch()
nds32: define syscall_get_arch()
Move EM_NDS32 to uapi/linux/elf-em.h
m68k: define syscall_get_arch()
hexagon: define syscall_get_arch()
Move EM_HEXAGON to uapi/linux/elf-em.h
h8300: define syscall_get_arch()
c6x: define syscall_get_arch()
arc: define syscall_get_arch()
Move EM_ARCOMPACT and EM_ARCV2 to uapi/linux/elf-em.h
audit: Make audit_log_cap and audit_copy_inode static
audit: connect LOGIN record to its syscall record
...
This commit is contained in:
Linus Torvalds
@@ -114,6 +114,8 @@
|
||||
#define AUDIT_REPLACE 1329 /* Replace auditd if this packet unanswerd */
|
||||
#define AUDIT_KERN_MODULE 1330 /* Kernel Module events */
|
||||
#define AUDIT_FANOTIFY 1331 /* Fanotify access decision */
|
||||
#define AUDIT_TIME_INJOFFSET 1332 /* Timekeeping offset injected */
|
||||
#define AUDIT_TIME_ADJNTPVAL 1333 /* NTP value adjustment */
|
||||
|
||||
#define AUDIT_AVC 1400 /* SE Linux avc denial or grant */
|
||||
#define AUDIT_SELINUX_ERR 1401 /* Internal SE Linux Errors */
|
||||
@@ -375,11 +377,19 @@ enum {
|
||||
|
||||
#define AUDIT_ARCH_AARCH64 (EM_AARCH64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
|
||||
#define AUDIT_ARCH_ALPHA (EM_ALPHA|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
|
||||
#define AUDIT_ARCH_ARCOMPACT (EM_ARCOMPACT|__AUDIT_ARCH_LE)
|
||||
#define AUDIT_ARCH_ARCOMPACTBE (EM_ARCOMPACT)
|
||||
#define AUDIT_ARCH_ARCV2 (EM_ARCV2|__AUDIT_ARCH_LE)
|
||||
#define AUDIT_ARCH_ARCV2BE (EM_ARCV2)
|
||||
#define AUDIT_ARCH_ARM (EM_ARM|__AUDIT_ARCH_LE)
|
||||
#define AUDIT_ARCH_ARMEB (EM_ARM)
|
||||
#define AUDIT_ARCH_C6X (EM_TI_C6000|__AUDIT_ARCH_LE)
|
||||
#define AUDIT_ARCH_C6XBE (EM_TI_C6000)
|
||||
#define AUDIT_ARCH_CRIS (EM_CRIS|__AUDIT_ARCH_LE)
|
||||
#define AUDIT_ARCH_CSKY (EM_CSKY|__AUDIT_ARCH_LE)
|
||||
#define AUDIT_ARCH_FRV (EM_FRV)
|
||||
#define AUDIT_ARCH_H8300 (EM_H8_300)
|
||||
#define AUDIT_ARCH_HEXAGON (EM_HEXAGON)
|
||||
#define AUDIT_ARCH_I386 (EM_386|__AUDIT_ARCH_LE)
|
||||
#define AUDIT_ARCH_IA64 (EM_IA_64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
|
||||
#define AUDIT_ARCH_M32R (EM_M32R)
|
||||
@@ -393,6 +403,9 @@ enum {
|
||||
#define AUDIT_ARCH_MIPSEL64 (EM_MIPS|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
|
||||
#define AUDIT_ARCH_MIPSEL64N32 (EM_MIPS|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE|\
|
||||
__AUDIT_ARCH_CONVENTION_MIPS64_N32)
|
||||
#define AUDIT_ARCH_NDS32 (EM_NDS32|__AUDIT_ARCH_LE)
|
||||
#define AUDIT_ARCH_NDS32BE (EM_NDS32)
|
||||
#define AUDIT_ARCH_NIOS2 (EM_ALTERA_NIOS2|__AUDIT_ARCH_LE)
|
||||
#define AUDIT_ARCH_OPENRISC (EM_OPENRISC)
|
||||
#define AUDIT_ARCH_PARISC (EM_PARISC)
|
||||
#define AUDIT_ARCH_PARISC64 (EM_PARISC|__AUDIT_ARCH_64BIT)
|
||||
@@ -413,6 +426,7 @@ enum {
|
||||
#define AUDIT_ARCH_TILEGX (EM_TILEGX|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
|
||||
#define AUDIT_ARCH_TILEGX32 (EM_TILEGX|__AUDIT_ARCH_LE)
|
||||
#define AUDIT_ARCH_TILEPRO (EM_TILEPRO|__AUDIT_ARCH_LE)
|
||||
#define AUDIT_ARCH_UNICORE (EM_UNICORE|__AUDIT_ARCH_LE)
|
||||
#define AUDIT_ARCH_X86_64 (EM_X86_64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
|
||||
#define AUDIT_ARCH_XTENSA (EM_XTENSA)
|
||||
|
||||
|
||||
@@ -34,14 +34,20 @@
|
||||
#define EM_M32R 88 /* Renesas M32R */
|
||||
#define EM_MN10300 89 /* Panasonic/MEI MN10300, AM33 */
|
||||
#define EM_OPENRISC 92 /* OpenRISC 32-bit embedded processor */
|
||||
#define EM_ARCOMPACT 93 /* ARCompact processor */
|
||||
#define EM_XTENSA 94 /* Tensilica Xtensa Architecture */
|
||||
#define EM_BLACKFIN 106 /* ADI Blackfin Processor */
|
||||
#define EM_UNICORE 110 /* UniCore-32 */
|
||||
#define EM_ALTERA_NIOS2 113 /* Altera Nios II soft-core processor */
|
||||
#define EM_TI_C6000 140 /* TI C6X DSPs */
|
||||
#define EM_HEXAGON 164 /* QUALCOMM Hexagon */
|
||||
#define EM_NDS32 167 /* Andes Technology compact code size
|
||||
embedded RISC processor family */
|
||||
#define EM_AARCH64 183 /* ARM 64 bit */
|
||||
#define EM_TILEPRO 188 /* Tilera TILEPro */
|
||||
#define EM_MICROBLAZE 189 /* Xilinx MicroBlaze */
|
||||
#define EM_TILEGX 191 /* Tilera TILE-Gx */
|
||||
#define EM_ARCV2 195 /* ARCv2 Cores */
|
||||
#define EM_RISCV 243 /* RISC-V */
|
||||
#define EM_BPF 247 /* Linux BPF - in-kernel virtual machine */
|
||||
#define EM_CSKY 252 /* C-SKY */
|
||||
|
||||
Reference in New Issue
Block a user