aboutsummaryrefslogtreecommitdiff
path: root/security/lsm_audit.c
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2016-10-04 14:48:27 -0700
committerLinus Torvalds <torvalds@linux-foundation.org>2016-10-04 14:48:27 -0700
commita3443cda5588985a2724d6d0f4a5f04e625be6eb (patch)
treee6ce34ee3f8a887906f3a589dd9d2d2fc516953b /security/lsm_audit.c
parent3cd013ab79e8e5c58fbd50fc09fceb6260a92a68 (diff)
parent1306d8e1c09fdc8ecb9ef235e2116352f810f9c5 (diff)
download96b-common-a3443cda5588985a2724d6d0f4a5f04e625be6eb.tar.gz
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem updates from James Morris: SELinux/LSM: - overlayfs support, necessary for container filesystems LSM: - finally remove the kernel_module_from_file hook Smack: - treat signal delivery as an 'append' operation TPM: - lots of bugfixes & updates Audit: - new audit data type: LSM_AUDIT_DATA_FILE * 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (47 commits) Revert "tpm/tpm_crb: implement tpm crb idle state" Revert "tmp/tpm_crb: fix Intel PTT hw bug during idle state" Revert "tpm/tpm_crb: open code the crb_init into acpi_add" Revert "tmp/tpm_crb: implement runtime pm for tpm_crb" lsm,audit,selinux: Introduce a new audit data type LSM_AUDIT_DATA_FILE tmp/tpm_crb: implement runtime pm for tpm_crb tpm/tpm_crb: open code the crb_init into acpi_add tmp/tpm_crb: fix Intel PTT hw bug during idle state tpm/tpm_crb: implement tpm crb idle state tpm: add check for minimum buffer size in tpm_transmit() tpm: constify TPM 1.x header structures tpm/tpm_crb: fix the over 80 characters checkpatch warring tpm/tpm_crb: drop useless cpu_to_le32 when writing to registers tpm/tpm_crb: cache cmd_size register value. tmp/tpm_crb: drop include to platform_device tpm/tpm_tis: remove unused itpm variable tpm_crb: fix incorrect values of cmdReady and goIdle bits tpm_crb: refine the naming of constants tpm_crb: remove wmb()'s tpm_crb: fix crb_req_canceled behavior ...
Diffstat (limited to 'security/lsm_audit.c')
-rw-r--r--security/lsm_audit.c17
1 files changed, 15 insertions, 2 deletions
diff --git a/security/lsm_audit.c b/security/lsm_audit.c
index 45d927ab807d..37f04dadc8d6 100644
--- a/security/lsm_audit.c
+++ b/security/lsm_audit.c
@@ -99,7 +99,7 @@ int ipv4_skb_to_auditdata(struct sk_buff *skb,
}
return ret;
}
-#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
+#if IS_ENABLED(CONFIG_IPV6)
/**
* ipv6_skb_to_auditdata : fill auditdata from skb
* @skb : the skb
@@ -245,6 +245,19 @@ static void dump_common_audit_data(struct audit_buffer *ab,
}
break;
}
+ case LSM_AUDIT_DATA_FILE: {
+ struct inode *inode;
+
+ audit_log_d_path(ab, " path=", &a->u.file->f_path);
+
+ inode = file_inode(a->u.file);
+ if (inode) {
+ audit_log_format(ab, " dev=");
+ audit_log_untrustedstring(ab, inode->i_sb->s_id);
+ audit_log_format(ab, " ino=%lu", inode->i_ino);
+ }
+ break;
+ }
case LSM_AUDIT_DATA_IOCTL_OP: {
struct inode *inode;
@@ -257,7 +270,7 @@ static void dump_common_audit_data(struct audit_buffer *ab,
audit_log_format(ab, " ino=%lu", inode->i_ino);
}
- audit_log_format(ab, " ioctlcmd=%hx", a->u.op->cmd);
+ audit_log_format(ab, " ioctlcmd=0x%hx", a->u.op->cmd);
break;
}
case LSM_AUDIT_DATA_DENTRY: {