OpenSDV
/
linux-stable-rt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
linux-stable-rt/kernel
History
Al Viro 74c3cbe33b [PATCH] audit: watching subtrees 
New kind of audit rule predicates: "object is visible in given subtree".
The part that can be sanely implemented, that is.  Limitations:
	* if you have hardlink from outside of tree, you'd better watch
it too (or just watch the object itself, obviously)
	* if you mount something under a watched tree, tell audit
that new chunk should be added to watched subtrees
	* if you umount something in a watched tree and it's still mounted
elsewhere, you will get matches on events happening there.  New command
tells audit to recalculate the trees, trimming such sources of false
positives.

Note that it's _not_ about path - if something mounted in several places
(multiple mount, bindings, different namespaces, etc.), the match does
_not_ depend on which one we are using for access.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
 		2007-10-21 02:37:45 -04:00
..
irq
power trivial copy_data_pages() tidy up 2007-10-20 02:26:04 +02:00
time Merge branch 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/lenb/linux-acpi-2.6 2007-10-19 13:12:46 -07:00
.gitignore
Kconfig.hz
Kconfig.instrumentation Linux Kernel Markers 2007-10-19 11:53:54 -07:00
Kconfig.preempt
Makefile [PATCH] audit: watching subtrees 2007-10-21 02:37:45 -04:00
acct.c
audit.c [PATCH] audit: watching subtrees 2007-10-21 02:37:45 -04:00
audit.h [PATCH] audit: watching subtrees 2007-10-21 02:37:45 -04:00
audit_tree.c [PATCH] audit: watching subtrees 2007-10-21 02:37:45 -04:00
auditfilter.c [PATCH] audit: watching subtrees 2007-10-21 02:37:45 -04:00
auditsc.c [PATCH] audit: watching subtrees 2007-10-21 02:37:45 -04:00
capability.c Uninline find_pid etc set of functions 2007-10-19 11:53:41 -07:00
cgroup.c Control groups: Replace "cont" with "cgrp" and other misc renaming 2007-10-19 11:53:43 -07:00
cgroup_debug.c Task Control Groups: simple task cgroup debug info subsystem 2007-10-19 11:53:36 -07:00
compat.c Merge ssh://master.kernel.org/pub/scm/linux/kernel/git/tglx/linux-2.6-hrt 2007-10-18 15:12:41 -07:00
configs.c
cpu.c CPU HOTPLUG: avoid hotadd when proper possible_map isn't specified 2007-10-19 11:53:44 -07:00
cpu_acct.c Task Control Groups: example CPU accounting subsystem 2007-10-19 11:53:36 -07:00
cpuset.c hotplug cpu: migrate a task within its cpuset 2007-10-19 11:53:44 -07:00
delayacct.c Add scaled time to taskstats based process accounting 2007-10-18 14:37:28 -07:00
dma.c
exec_domain.c whitespace fixes: execution domains 2007-10-18 14:37:26 -07:00
exit.c Uninline fork.c/exit.c 2007-10-19 11:53:56 -07:00
extable.c
fork.c Uninline fork.c/exit.c 2007-10-19 11:53:56 -07:00
futex.c Uninline find_task_by_xxx set of functions 2007-10-19 11:53:40 -07:00
futex_compat.c Uninline find_task_by_xxx set of functions 2007-10-19 11:53:40 -07:00
hrtimer.c fix comment: unlock_hrtimer_base is the counterpart of lock_hrtimer_base 2007-10-20 01:56:53 +02:00
itimer.c whitespace fixes: interval timers 2007-10-18 14:37:26 -07:00
kallsyms.c
kexec.c Extended crashkernel command line 2007-10-19 11:53:49 -07:00
kfifo.c
kmod.c
kprobes.c
ksysfs.c
kthread.c
latency.c
lockdep.c Use helpers to obtain task pid in printks 2007-10-19 11:53:43 -07:00
lockdep_internals.h
lockdep_proc.c
marker.c Linux Kernel Markers 2007-10-19 11:53:54 -07:00
module.c Linux Kernel Markers 2007-10-19 11:53:54 -07:00
mutex-debug.c
mutex-debug.h
mutex.c
mutex.h
notifier.c Add kernel/notifier.c 2007-10-19 11:53:34 -07:00
ns_cgroup.c cgroups: implement namespace tracking subsystem 2007-10-19 11:53:37 -07:00
nsproxy.c pid namespaces: allow cloning of new namespace 2007-10-19 11:53:39 -07:00
panic.c trivial comment wording/typo fix regarding taint flags 2007-10-20 00:30:06 +02:00
params.c
pid.c Uninline the task_xid_nr_ns() calls 2007-10-19 11:53:41 -07:00
posix-cpu-timers.c Isolate some explicit usage of task->tgid 2007-10-19 11:53:40 -07:00
posix-timers.c Isolate some explicit usage of task->tgid 2007-10-19 11:53:40 -07:00
printk.c
profile.c
ptrace.c Isolate some explicit usage of task->tgid 2007-10-19 11:53:40 -07:00
rcupdate.c
rcutorture.c
relay.c
resource.c
rtmutex-debug.c Use helpers to obtain task pid in printks 2007-10-19 11:53:43 -07:00
rtmutex-debug.h
rtmutex-tester.c
rtmutex.c Use helpers to obtain task pid in printks 2007-10-19 11:53:43 -07:00
rtmutex.h
rtmutex_common.h
rwsem.c
sched.c kernel/sched.c: remove bogus comment from account_user_time 2007-10-20 01:41:05 +02:00
sched_debug.c
sched_fair.c
sched_idletask.c
sched_rt.c
sched_stats.h
seccomp.c
signal.c Use helpers to obtain task pid in printks 2007-10-19 11:53:43 -07:00
softirq.c
softlockup.c Use helpers to obtain task pid in printks 2007-10-19 11:53:43 -07:00
spinlock.c
srcu.c
stacktrace.c
stop_machine.c
sys.c Isolate the explicit usage of signal->pgrp 2007-10-19 11:53:43 -07:00
sys_ni.c
sysctl.c pid namespaces: changes to show virtual ids to user 2007-10-19 11:53:40 -07:00
sysctl_check.c
taskstats.c Fix misspellings of "system", "controller", "interrupt" and "necessary". 2007-10-19 23:10:43 +02:00
time.c
timer.c pid namespaces: changes to show virtual ids to user 2007-10-19 11:53:40 -07:00
tsacct.c Add scaled time to taskstats based process accounting 2007-10-18 14:37:28 -07:00
uid16.c
user.c
user_namespace.c
utsname.c
utsname_sysctl.c
wait.c
workqueue.c Use helpers to obtain task pid in printks 2007-10-19 11:53:43 -07:00