pm24.git/security/apparmor/audit.c, branch rust-6.8

apparmor: add io_uring mediation

2023-10-18T22:58:49Z

For now, the io_uring mediation is limited to sqpoll and override_creds. Signed-off-by: Georgia Garcia Signed-off-by: John Johansen

apparmor: add user namespace creation mediation

2023-10-18T22:49:02Z

Unprivileged user namespace creation is often used as a first step in privilege escalation attacks. Instead of disabling it at the sysrq level, which blocks its legitimate use as for setting up a sandbox, allow control on a per domain basis. This allows an admin to quickly lock down a system while also still allowing legitimate use. Reviewed-by: Georgia Garcia Signed-off-by: John Johansen

apparmor: rename audit_data->label to audit_data->subj_label

2023-10-18T22:30:34Z

rename audit_data's label field to subj_label to better reflect its use. Also at the same time drop unneeded assignments to ->subj_label as the later call to aa_check_perms will do the assignment if needed. Reviewed-by: Georgia Garcia Signed-off-by: John Johansen

apparmor: combine common_audit_data and apparmor_audit_data

2023-10-18T22:30:29Z

Everywhere where common_audit_data is used apparmor audit_data is also used. We can simplify the code and drop the use of the aad macro everywhere by combining the two structures. Reviewed-by: Georgia Garcia Signed-off-by: John Johansen

apparmor: Fix kernel-doc warnings in apparmor/audit.c

2023-07-10T08:05:25Z

Fix kernel-doc warnings: security/apparmor/audit.c:150: warning: Function parameter or member 'type' not described in 'aa_audit_msg' Signed-off-by: Gaosheng Cui Signed-off-by: John Johansen

AppArmor: Fix kernel-doc

2022-10-25T07:15:18Z

security/apparmor/audit.c:93: warning: expecting prototype for audit_base(). Prototype was for audit_pre() instead. Link: https://bugzilla.openanolis.cn/show_bug.cgi?id=2339 Reported-by: Abaci Robot Signed-off-by: Jiapeng Chong Signed-off-by: John Johansen

apparmor: fix aa_class_names[] to match reserved classes

2022-10-03T21:49:04Z

The class name map did not have the reserved names added. Fix this Signed-off-by: John Johansen

apparmor: add mediation class information to auditing

2022-10-03T21:49:03Z

Audit messages currently don't contain the mediation class which can make them less clear than they should be in some circumstances. With newer mediation classes coming this potential confusion will become worse. Fix this by adding the mediatin class to the messages. Signed-off-by: John Johansen

apparmor: fix quiet_denied for file rules

2022-07-09T22:13:59Z

Global quieting of denied AppArmor generated file events is not handled correctly. Unfortunately the is checking if quieting of all audit events is set instead of just denied events. Fixes: 67012e8209df ("AppArmor: basic auditing infrastructure.") Signed-off-by: John Johansen

audit: purge audit_log_string from the intra-kernel audit API

2020-07-21T15:12:31Z

audit_log_string() was inteded to be an internal audit function and since there are only two internal uses, remove them. Purge all external uses of it by restructuring code to use an existing audit_log_format() or using audit_log_format(). Please see the upstream issue https://github.com/linux-audit/audit-kernel/issues/84 Signed-off-by: Richard Guy Briggs Signed-off-by: Paul Moore