linux/kernel
Dustin Kirkland 8c8570fb8f [PATCH] Capture selinux subject/object context information.
This patch extends existing audit records with subject/object context
information. Audit records associated with filesystem inodes, ipc, and
tasks now contain SELinux label information in the field "subj" if the
item is performing the action, or in "obj" if the item is the receiver
of an action.

These labels are collected via hooks in SELinux and appended to the
appropriate record in the audit code.

This additional information is required for Common Criteria Labeled
Security Protection Profile (LSPP).

[AV: fixed kmalloc flags use]
[folded leak fixes]
[folded cleanup from akpm (kfree(NULL)]
[folded audit_inode_context() leak fix]
[folded akpm's fix for audit_ipc_perm() definition in case of !CONFIG_AUDIT]

Signed-off-by: Dustin Kirkland <dustin.kirkland@us.ibm.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-03-20 14:08:54 -05:00
..
irq [PATCH] kernel/: small cleanups 2006-01-08 20:13:48 -08:00
power [PATCH] swsusp: fix breakage with swap on LVM 2006-02-17 13:59:27 -08:00
.gitignore gitignore: ignore more generated files 2006-01-03 11:35:26 +01:00
acct.c [PATCH] move capable() to capability.h 2006-01-11 18:42:13 -08:00
audit.c [PATCH] Capture selinux subject/object context information. 2006-03-20 14:08:54 -05:00
auditsc.c [PATCH] Capture selinux subject/object context information. 2006-03-20 14:08:54 -05:00
capability.c [PATCH] move capable() to capability.h 2006-01-11 18:42:13 -08:00
compat.c [PATCH] remove bogus asm/bug.h includes. 2006-02-07 20:56:35 -05:00
configs.c update the email address of Randy Dunlap 2006-01-03 13:37:51 +01:00
cpu.c [PATCH] clean up lock_cpu_hotplug() in cpufreq 2005-11-28 14:42:23 -08:00
cpuset.c [PATCH] cpuset: oops in exit on null cpuset fix 2006-02-15 15:32:21 -08:00
dma.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
exec_domain.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
exit.c [PATCH] kjournald keeps reference to namespace 2006-02-20 20:27:38 -08:00
extable.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
fork.c [PATCH] disable unshare(CLONE_VM) for now 2006-03-18 10:49:36 -08:00
futex.c [PATCH] FRV: Make futex code compilable on nommu [try #2] 2006-01-06 08:33:33 -08:00
hrtimer.c [PATCH] fix next_timer_interrupt() for hrtimer 2006-03-06 18:40:44 -08:00
intermodule.c [PATCH] missing license tag in intermodule 2006-02-05 11:06:52 -08:00
itimer.c [PATCH] hrtimers: fix oldvalue return in setitimer 2006-02-01 08:53:12 -08:00
kallsyms.c [PATCH] fix missing includes 2005-10-30 17:37:32 -08:00
Kconfig.hz [PATCH] i386: Selectable Frequency of the Timer Interrupt 2005-06-23 09:45:10 -07:00
Kconfig.preempt [PATCH] sched: voluntary kernel preemption 2005-06-25 16:24:45 -07:00
kexec.c [PATCH] move capable() to capability.h 2006-01-11 18:42:13 -08:00
kfifo.c [PATCH] gfp flags annotations - part 1 2005-10-08 15:00:57 -07:00
kmod.c [PATCH] Keys: Get rid of warning in kmod.c if keys disabled 2005-10-30 17:37:23 -08:00
kprobes.c [PATCH] Kprobes: Fix deadlock in function-return probes 2006-02-03 08:32:00 -08:00
ksysfs.c [PATCH] kdump: export per cpu crash notes pointer through sysfs 2006-01-10 08:01:26 -08:00
kthread.c [PATCH] Add kthread_stop_sem() 2005-10-30 17:37:17 -08:00
Makefile [PATCH] build kernel/intermodule.c only when required 2006-01-16 23:15:26 -08:00
module.c [PATCH] module: strlen_user() race fix 2006-02-07 16:12:32 -08:00
mutex-debug.c [PATCH] fix/simplify mutex debugging code 2006-01-11 08:14:16 -08:00
mutex-debug.h [PATCH] mutex subsystem, debugging code 2006-01-09 15:59:20 -08:00
mutex.c [PATCH] mutex: trivial whitespace cleanups 2006-01-10 14:27:59 -08:00
mutex.h [PATCH] mutex subsystem, core 2006-01-09 15:59:19 -08:00
panic.c [PATCH] prevent recursive panic from softlockup watchdog 2006-02-10 08:13:12 -08:00
params.c [PATCH] kernel/params.c: fix sysfs access with CONFIG_MODULES=n 2005-12-20 10:31:33 -08:00
pid.c [PATCH] RCU signal handling 2006-01-08 20:13:40 -08:00
posix-cpu-timers.c [PATCH] hrtimer: switch clock_nanosleep to hrtimer nanosleep API 2006-01-10 08:01:38 -08:00
posix-timers.c [PATCH] posix-timers: fix requeue accounting when signal is ignored 2006-03-17 07:51:25 -08:00
printk.c correct email address of Manfred Spraul 2006-01-15 02:43:54 +01:00
profile.c [PATCH] mostly_read data section 2005-07-07 18:23:46 -07:00
ptrace.c [PATCH] fix zap_thread's ptrace related problems 2006-02-15 11:05:43 -08:00
rcupdate.c [PATCH] rcu batch tuning 2006-03-08 14:14:01 -08:00
rcutorture.c [PATCH] rcu_torture_lock deadlock fix 2006-01-31 11:30:18 -08:00
resource.c [PATCH] kernel/resource.c: __check_region(): remove pointless __deprecated 2006-01-10 08:02:02 -08:00
sched.c [PATCH] remove __put_task_struct_cb export again 2006-03-11 09:19:34 -08:00
seccomp.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
signal.c [PATCH] do_sigaction: cleanup ->sa_mask manipulation 2006-02-09 16:17:36 -08:00
softirq.c [PATCH] cpu hoptlug: avoid usage of smp_processor_id() in preemptible code 2005-11-07 07:53:29 -08:00
softlockup.c [PATCH] quieten softlockup at boot 2005-11-09 07:55:50 -08:00
spinlock.c [PATCH] spinlock consolidation 2005-09-10 10:06:21 -07:00
stop_machine.c [PATCH] Remove set_fs() in stop_machine() 2006-01-10 08:01:25 -08:00
sys_ni.c [PATCH] Fix compile for CONFIG_SYSVIPC=n or CONFIG_SYSCTL=n 2006-02-20 20:00:11 -08:00
sys.c [PATCH] kernel/sys.c NULL noise removal 2006-02-07 20:57:47 -05:00
sysctl.c [PATCH] fix file counting 2006-03-08 14:14:01 -08:00
time.c [PATCH] Normalize timespec for negative values in ns_to_timespec 2006-02-03 08:32:06 -08:00
timer.c [PATCH] time_interpolator: add __read_mostly 2006-03-17 07:51:25 -08:00
uid16.c [PATCH] move capable() to capability.h 2006-01-11 18:42:13 -08:00
user.c [PATCH] "Fix uidhash_lock <-> RXU deadlock" fix 2006-01-31 16:49:43 -08:00
wait.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
workqueue.c [PATCH] Unlinline a bunch of other functions 2006-01-14 18:27:06 -08:00