- 03 May, 2005 1 commit
-
-
Jeff Dike authored
This patch is for -mm only. It should probably be included in git-audit, and should be forwarded to Linus iff git-audit is. It updates the audit-syscall-{entry,exit} calls to current -mm. Signed-off-by:Jeff Dike <jdike@addtoit.com> Cc: David Woodhouse <dwmw2@infradead.org> Signed-off-by:
Andrew Morton <akpm@osdl.org> Signed-off-by:
David Woodhouse <dwmw2@infradead.org>
-
- 30 Apr, 2005 1 commit
-
-
Andrew Morton authored
scumbags! net/netlink/af_netlink.c: In function `netlink_sendmsg': net/netlink/af_netlink.c:908: warning: implicit declaration of function `audit_get_loginuid' Signed-off-by:
-
- 29 Apr, 2005 38 commits
-
-
Steve Grubb authored
Attached is a new patch that solves the issue of getting valid credentials into the LOGIN message. The current code was assuming that the audit context had already been copied. This is not always the case for LOGIN messages. To solve the problem, the patch passes the task struct to the function that emits the message where it can get valid credentials. Signed-off-by:
Steve Grubb <sgrubb@redhat.com> Signed-off-by:
-
Chris Wright authored
If netlink_unicast() fails, requeue the skb back at the head of the queue it just came from, instead of the tail. And do so unless we've exceeded the audit_backlog limit; not according to some other arbitrary limit. From: Chris Wright <chrisw@osdl.org> Signed-off-by: -
Serge Hallyn authored
Most audit control messages are sent over netlink.In order to properly log the identity of the sender of audit control messages, we would like to add the loginuid to the netlink_creds structure, as per the attached patch. Signed-off-by:
Serge Hallyn <serue@us.ibm.com> Signed-off-by:
-
-
Yoichi Yuasa authored
arch/mips/kernel/ptrace.c:305: warning: function declaration isn't a prototype Signed-off-by:
Yoichi Yuasa <yuasa@hh.iij4u.or.jp> Signed-off-by:
-
Amy Griffis authored
Attached is a patch against David's audit.17 kernel that adds checks for the TIF_SYSCALL_AUDIT thread flag to the ia64 system call and signal handling code paths.The patch enables auditing of system calls set up via fsys_bubble_down, as well as ensuring that audit_syscall_exit() is called on return from sigreturn. Neglecting to check for TIF_SYSCALL_AUDIT at these points results in incorrect information in audit_context, causing frequent system panics when system call auditing is enabled on an ia64 system. Signed-off-by:
Amy Griffis <amy.griffis@hp.com> Signed-off-by:
-
Peter Martuccelli authored
They don't seem to work correctly (investigation ongoing), but we don't actually need to do it anyway. Patch from Peter Martuccelli <peterm@redhat.com> Signed-off-by: -
Steve Grubb authored
Attached is a patch that corrects a signed/unsigned warning. I also noticed that we needlessly init serial to 0. That only needs to occur if the kernel was compiled without the audit system. -Steve Grubb Signed-off-by: -
We were calling ptrace_notify() after auditing the syscall and arguments, but the debugger could have _changed_ them before the syscall was actually invoked. Reorder the calls to fix that. While we're touching ever call to audit_syscall_entry(), we also make it take an extra argument: the architecture of the syscall which was made, because some architectures allow more than one type of syscall. Also add an explicit success/failure flag to audit_syscall_exit(), for the benefit of architectures which return that in a condition register rather than only returning a single register. Change type of syscall return value to 'long' not 'int'. Signed-off-by: -
Prasanna Meda authored
Main change is in path_lookup: added a goto to do audit_inode instead of return statement, when emul_lookup_dentry for root is successful.The existing code does audit_inode only when lookup is done in normal root or cwd. Other changes: Some lookup routines are returning zero on success, and some are returning zero on failure. I documented the related function signatures in this code path, so that one can glance over abstract functions without understanding the entire code. Signed-off-by:
Prasanna Meda <pmeda@akamai.com> Signed-off-by:
-
Andrew Morton authored
kernel/audit.c: In function `audit_log_untrustedstring': kernel/audit.c:736: warning: comparison is always false due to limited range of data type Signed-off-by:
-
We log strings from userspace, such as arguments to open(). These could be formatted to contain \n followed by fake audit log entries. Provide a function for logging such strings, which gives a hex dump when the string contains anything but basic printable ASCII characters. Use it for logging filenames. Signed-off-by: -
Roland McGrath authored
The addition of the PT_NOTE didn't take in the x86_64 version of the i386 vDSO, because I forgot the linker script bit in that copy. Signed-off-by:
Roland McGrath <roland@redhat.com> Signed-off-by:
Linus Torvalds <torvalds@osdl.org>
-
Steve French authored
.. since it can be due to pending kill. Update readme information to better describe cifs umount Signed-off-by: Steve French (sfrench@us.ibm.com) Signed-off-by: -
Steve French authored
if cifsd thread is no longer running to demultixplex responses. Do not send FindClose request when FindFirst failed without reaching end of search. Signed-off-by: Steve French (sfrench@us.ibm.com) Signed-off-by: -
Steve French authored
Signed-off-by: Steve French (sfrench@us.ibm.com) Signed-off-by: -
Steve French authored
Signed-off-by: Steve French (sfrench@us.ibm.com) Signed-off-by: -
Steve French authored
Signed-off-by: Steve French (sfrench@us.ibm.com) Signed-off-by: -
Steve French authored
Signed-off-by: Steve French (sfrench@us.ibm.com) Signed-off-by: -
Steve French authored
Signed-off-by: Steve French (sfrench@us.ibm.com) Signed-off-by: -
Steve French authored
Signed-off-by: Steve French (sfrench@us.ibm.com) Signed-off-by: -
Steve French authored
Signed-off-by: Steve French (sfrench@us.ibm.com) Signed-off-by: -
Steve French authored
Signed-off-by: Steve French (sfrench@us.ibm.com) Signed-off-by: -
Steve French authored
Signed-off-by: Steve French (sfrench@us.ibm.com) Signed-off-by: -
Steve French authored
pointed out by Dave Stahl and Vince Negri in which cifs can update the last modify time on a server modified file without invalidating the local cached data due to an intervening readdir. Signed-off-by: Steve French (sfrench@us.ibm.com) Signed-off-by: -
Steve French authored
Suggested by: Adrian Bunk and Dave Miller Signed-off-by: Steve French (sfrench@us.ibm.com) Signed-off-by: -
Steve French authored
Signed-off-by: Steve French (sfrench@us.ibm.com) Signed-off-by: -
Steve French authored
unless response is larger than 256 bytes. This cuts more than 1/3 of the large memory allocations that cifs does and should be a huge help to memory pressure under stress. Signed-off-by: Steve French (sfrench@us.ibm.com) Signed-off-by: -
Steve French authored
And fix to not needlessly send new POSIX QFSInfo when server does not explicitly claim support for the new protocol extensions. Signed-off-by: Steve French (sfrench@us.ibm.com) Signed-off-by: -
Steve French authored
Signed-off-by: Steve French (sfrench@us.ibm.com) Signed-off-by: -
Steve French authored
.. even if the multiplex ids match. Signed-off-by: Steve French (sfrench@us.ibm.com) Signed-off-by: -
Steve French authored
.. and do not double endian convert the special characters whem mounted with mapchars mount parm. Signed-off-by: Steve French (sfrench@us.ibm.com) Signed-off-by: -
Steve French authored
Signed-off-by: Steve French (sfrench@us.ibm.com) Signed-off-by: -
Steve French authored
Signed-off-by: Steve French (sfrench@us.ibm.com) Signed-off-by: -
Steve French authored
Mostly suggested by Jesper Juhl Signed-off-by: Steve French (sfrench@us.ibm.com) Signed-off-by: -
Steve French authored
For handling seven special characters that shells use for filenames. This first parts implements conversions from Unicode. Signed-off-by: Steve French Signed-off-by: -
Steve French authored
Protect access to cifs file list in cifs_close path Signed-off-by: Steve French (sfrench@us.ibm.com) Signed-off-by: -
Steve French authored
Signed-off-by: Steve French (sfrench@us.ibm.com) Signed-off-by:
-
