Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-12-03 17:41:22 +00:00
Code Issues Packages Projects Releases Wiki Activity
c4dad0aab3
linux/net
History
Richard Guy Briggs c4dad0aab3 audit: tidy and extend netfilter_cfg x_tables 
NETFILTER_CFG record generation was inconsistent for x_tables and
ebtables configuration changes.  The call was needlessly messy and there
were supporting records missing at times while they were produced when
not requested.  Simplify the logging call into a new audit_log_nfcfg
call.  Honour the audit_enabled setting while more consistently
recording information including supporting records by tidying up dummy
checks.

Add an op= field that indicates the operation being performed (register
or replace).

Here is the enhanced sample record:
  type=NETFILTER_CFG msg=audit(1580905834.919:82970): table=filter family=2 entries=83 op=replace

Generate audit NETFILTER_CFG records on ebtables table registration.
Previously this was being done for x_tables registration and replacement
operations and ebtables table replacement only.

See: https://github.com/linux-audit/audit-kernel/issues/25
See: https://github.com/linux-audit/audit-kernel/issues/35
See: https://github.com/linux-audit/audit-kernel/issues/43

Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
2020-04-28 17:52:42 -04:00
..
6lowpan
9p 9pnet: allow making incomplete read requests 2020-03-27 09:29:56 +00:00
802 net: 802: psnap.c: Use built-in RCU list checking 2020-02-24 13:02:53 -08:00
8021q net: vlan: suppress "failed to kill vid" warnings 2020-02-17 14:30:54 -08:00
appletalk
atm proc: convert everything to "struct proc_ops" 2020-02-04 03:05:26 +00:00
ax25 net: Make sock protocol value checks more specific 2020-01-09 18:41:40 -08:00
batman-adv Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2020-03-12 22:34:48 -07:00
bluetooth Bluetooth: L2CAP: Use DEFER_SETUP to group ECRED connections 2020-03-25 22:16:08 +01:00
bpf bpf: Fix build warning regarding missing prototypes 2020-03-28 18:13:18 +01:00
bpfilter SPDX patches for 5.7-rc1. 2020-04-03 13:12:26 -07:00
bridge audit: tidy and extend netfilter_cfg x_tables 2020-04-28 17:52:42 -04:00
caif net: caif: Add lockdep expression to RCU traversal primitive 2020-03-11 22:55:25 -07:00
can
ceph libceph: directly skip to the end of redirect reply 2020-03-30 12:42:41 +02:00
core neigh: support smaller retrans_time settting 2020-04-02 17:55:26 -07:00
dcb
dccp Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next 2020-02-29 15:53:35 -08:00
decnet Remove DST_HOST 2020-03-23 21:57:44 -07:00
dns_resolver KEYS: Don't write out to userspace while holding key semaphore 2020-03-29 12:40:41 +01:00
dsa net: dsa: dsa_bridge_mtu_normalization() can be static 2020-04-02 06:51:56 -07:00
ethernet net: remove eth_change_mtu 2020-01-27 11:09:31 +01:00
ethtool ethtool: provide timestamping information with TSINFO_GET request 2020-03-29 22:32:37 -07:00
hsr Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2020-03-25 18:58:11 -07:00
ieee802154 nl802154: add missing attribute validation for dev_type 2020-03-03 13:28:48 -08:00
ife
ipv4 Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next 2020-03-31 17:29:33 -07:00
ipv6 ipv6: rpl: fix loop iteration 2020-04-06 10:05:42 -07:00
iucv treewide: Use sizeof_field() macro 2019-12-09 10:36:44 -08:00
kcm net: kcm: kcmproc.c: Fix RCU list suspicious usage warning 2020-03-16 17:14:02 -07:00
key
l2tp l2tp: Replace zero-length array with flexible-array member 2020-02-28 12:08:37 -08:00
l3mdev
lapb
llc af_llc: fix if-statement empty body warning 2020-02-26 20:38:13 -08:00
mac80211 Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2020-03-30 20:48:43 -07:00
mac802154
mpls net: add net available in build_state 2020-03-29 22:30:57 -07:00
mptcp mptcp: add some missing pr_fmt defines 2020-04-03 16:06:32 -07:00
ncsi net/ncsi: Support for multi host mellanox card 2020-01-09 18:36:22 -08:00
netfilter audit: tidy and extend netfilter_cfg x_tables 2020-04-28 17:52:42 -04:00
netlabel netlabel_domainhash.c: Use built-in RCU list checking 2020-02-18 12:44:23 -08:00
netlink Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2020-03-25 18:58:11 -07:00
netrom net: netrom: Add missing annotation for nr_neigh_stop() 2020-02-24 13:26:49 -08:00
nfc Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2020-03-12 22:34:48 -07:00
nsh
openvswitch net: openvswitch: use hlist_for_each_entry_rcu instead of hlist_for_each_entry 2020-04-02 17:48:12 -07:00
packet net/packet: tpacket_rcv: avoid a producer race condition 2020-03-15 00:25:25 -07:00
phonet net: Remove redundant BUG_ON() check in phonet_pernet 2020-01-03 12:25:50 -08:00
psample
qrtr net: qrtr: Fix FIXME related to qrtr_ns_init() 2020-03-03 17:52:21 -08:00
rds net/rds: Track user mapped pages through special API 2020-02-16 18:37:09 -08:00
rfkill rfkill: Fix incorrect check to avoid NULL pointer dereference 2019-12-16 10:15:49 +01:00
rose Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2020-01-26 10:40:21 +01:00
rxrpc KEYS: Don't write out to userspace while holding key semaphore 2020-03-29 12:40:41 +01:00
sched net_sched: fix a missing refcnt in tcindex_init() 2020-04-03 16:00:08 -07:00
sctp Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2020-03-30 20:48:43 -07:00
smc Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2020-03-12 22:34:48 -07:00
strparser
sunrpc NFS client updates for Linux 5.7 2020-04-07 13:51:39 -07:00
switchdev net: switchdev: do not propagate bridge updates across bridges 2020-02-26 20:58:33 -08:00
tipc tipc: Add a missing case of TIPC_DIRECT_MSG type 2020-03-26 11:21:02 -07:00
tls net/tls: Annotate access to sk_prot with READ_ONCE/WRITE_ONCE 2020-03-21 20:08:17 -07:00
unix net: datagram: drop 'destructor' argument from several helpers 2020-02-28 12:12:53 -08:00
vmw_vsock Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2020-02-27 18:31:39 -08:00
wimax
wireless SPDX patches for 5.7-rc1. 2020-04-03 13:12:26 -07:00
x25 net: x25: convert to list_for_each_entry_safe() 2020-02-16 18:59:42 -08:00
xdp xdp: Replace zero-length array with flexible-array member 2020-02-28 12:08:37 -08:00
xfrm Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next 2020-03-30 10:59:20 -07:00
compat.c net: abstract out normal and compat msghdr import 2020-03-10 09:12:49 -06:00
Kconfig net: Fix CONFIG_NET_CLS_ACT=n and CONFIG_NFT_FWD_NETDEV={y, m} build 2020-03-25 12:24:33 -07:00
Makefile mptcp: Add MPTCP socket stubs 2020-01-24 13:44:07 +01:00
socket.c for-5.7/io_uring-2020-03-29 2020-03-30 12:18:49 -07:00
sysctl_net.c