iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/fs
History
Paul Moore 5bd2182d58 audit,io_uring,io-wq: add some basic audit support to io_uring 
This patch adds basic auditing to io_uring operations, regardless of
their context.  This is accomplished by allocating audit_context
structures for the io-wq worker and io_uring SQPOLL kernel threads
as well as explicitly auditing the io_uring operations in
io_issue_sqe().  Individual io_uring operations can bypass auditing
through the "audit_skip" field in the struct io_op_def definition for
the operation; although great care must be taken so that security
relevant io_uring operations do not bypass auditing; please contact
the audit mailing list (see the MAINTAINERS file) with any questions.

The io_uring operations are audited using a new AUDIT_URINGOP record,
an example is shown below:

  type=UNKNOWN[1336] msg=audit(1631800225.981:37289):
    uring_op=19 success=yes exit=0 items=0 ppid=15454 pid=15681
    uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
    subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
    key=(null)

Thanks to Richard Guy Briggs for review and feedback.

Signed-off-by: Paul Moore <paul@paul-moore.com>
2021-09-19 22:10:44 -04:00
..
9p
overlayfs update for 5.15
2021-09-02 09:21:27 -07:00
adfs
mm: require ->set_page_dirty to be explicitly wired up
2021-06-29 10:53:48 -07:00
affs
mm: require ->set_page_dirty to be explicitly wired up
2021-06-29 10:53:48 -07:00
afs
fs: remove mandatory file locking support
2021-08-23 06:15:36 -04:00
autofs
autofs: should_expire() argument is guaranteed to be positive
2021-03-24 14:14:27 -04:00
befs
isystem: ship and use stdarg.h
2021-08-19 09:02:55 +09:00
bfs
mm: require ->set_page_dirty to be explicitly wired up
2021-06-29 10:53:48 -07:00
btrfs
for-5.15-tag
2021-09-09 16:09:56 -07:00
cachefiles
cachefiles: Change %p in format strings to something else
2021-08-27 13:34:02 +01:00
ceph
We have:
2021-09-08 15:50:32 -07:00
cifs
cifs: properly invalidate cached root handle when closing it
2021-09-09 17:34:38 -05:00
coda
coda: fix reference counting in coda_file_mmap error path
2021-04-23 14:42:39 -07:00
configfs
configfs: fix a race in configfs_lookup()
2021-08-25 07:58:49 +02:00
cramfs
crypto
fscrypt: align Base64 encoding with RFC 4648 base64url
2021-07-25 20:47:05 -07:00
debugfs
debugfs: Return error during {full/open}_proxy_open() on rmmod
2021-08-05 14:42:40 +02:00
devpts
dlm
fs: dlm: avoid comms shutdown delay in release_lockspace
2021-09-01 11:29:14 -05:00
ecryptfs
mm: require ->set_page_dirty to be explicitly wired up
2021-06-29 10:53:48 -07:00
efivarfs
efivars: convert to fileattr
2021-04-12 15:04:29 +02:00
efs
erofs
libnvdimm for v5.15
2021-09-09 11:39:57 -07:00
exfat
Description for this pull request:
2021-07-06 11:06:04 -07:00
exportfs
ext2
libnvdimm for v5.15
2021-09-09 11:39:57 -07:00
ext4
libnvdimm for v5.15
2021-09-09 11:39:57 -07:00
f2fs
f2fs-for-5.15-rc1
2021-09-04 10:48:47 -07:00
fat
linux-kselftest-kunit-5.15-rc1
2021-09-02 12:32:12 -07:00
freevxfs
fscache
fscache: Use refcount_t for the cookie refcount instead of atomic_t
2021-08-27 13:34:03 +01:00
fuse
fuse update for 5.15
2021-09-07 12:18:29 -07:00
gfs2
Merge branch 'work.gfs2' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2021-09-09 12:45:26 -07:00
hfs
hfs: add lock nesting notation to hfs_find_init
2021-07-15 10:13:49 -07:00
hfsplus
hfsplus: report create_date to kstat.btime
2021-07-01 11:06:06 -07:00
hostfs
hostfs: support splice_write
2021-08-26 22:28:02 +02:00
hpfs
hpfs: use iomap_fiemap to implement ->fiemap
2021-07-27 11:00:36 +02:00
hugetlbfs
hugetlbfs: fix mount mode command line processing
2021-07-23 17:43:28 -07:00
iomap
iomap: standardize tracepoint formatting and storage
2021-08-26 09:18:53 -07:00
isofs
isofs: joliet: Fix iocharset=utf8 mount option
2021-08-12 16:07:14 +02:00
jbd2
ext4: Support for checksumming from journal triggers
2021-08-30 23:36:50 -04:00
jffs2
vfs: add rcu argument to ->get_acl() callback
2021-08-18 22:08:24 +02:00
jfs
vfs: add rcu argument to ->get_acl() callback
2021-08-18 22:08:24 +02:00
kernfs
kernfs: dont call d_splice_alias() under kernfs node lock
2021-07-27 09:29:15 +02:00
ksmbd
ksmbd: fix control flow issues in sid_to_id()
2021-09-08 17:16:13 -05:00
lockd
NFS Client Updates for Linux 5.15
2021-09-04 10:25:26 -07:00
minix
mm: require ->set_page_dirty to be explicitly wired up
2021-06-29 10:53:48 -07:00
netfs
netfs: fix test for whether we can skip read when writing beyond EOF
2021-06-21 21:24:07 +01:00
nfs
NFS Client Updates for Linux 5.15
2021-09-04 10:25:26 -07:00
nfs_common
nfs_common: fix doc warning
2021-07-06 20:14:41 -04:00
nfsd
SCSI misc on 20210902
2021-09-02 15:09:46 -07:00
nilfs2
Merge branch 'akpm' (patches from Andrew)
2021-09-08 12:55:35 -07:00
nls
notify
fsnotify: fix sb_connectors leak
2021-09-10 09:46:48 -07:00
ntfs
Merge branch 'work.iov_iter' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2021-07-03 11:30:04 -07:00
ntfs3
Merge git://github.com/Paragon-Software-Group/linux-ntfs3
2021-09-04 11:15:50 -07:00
ocfs2
Merge branch 'akpm' (patches from Andrew)
2021-09-03 10:08:28 -07:00
omfs
mm: require ->set_page_dirty to be explicitly wired up
2021-06-29 10:53:48 -07:00
openpromfs
openpromfs: don't do unlock_new_inode() until the new inode is set up
2021-03-12 22:15:22 -05:00
orangefs
vfs: add rcu argument to ->get_acl() callback
2021-08-18 22:08:24 +02:00
overlayfs
ovl: enable RCU'd ->get_acl()
2021-08-18 22:08:24 +02:00
proc
Merge branch 'akpm' (patches from Andrew)
2021-09-08 12:55:35 -07:00
pstore
for-5.14/drivers-2021-06-29
2021-06-30 12:21:16 -07:00
qnx4
qnx6
quota
quota: remove unnecessary oom message
2021-06-22 10:40:52 +02:00
ramfs
fs: move ramfs_aops to libfs
2021-06-29 10:53:48 -07:00
reiserfs
Kbuild updates for v5.15
2021-09-03 15:33:47 -07:00
romfs
smbfs_common
cifs: move SMB FSCTL definitions to common code
2021-09-09 00:09:20 -05:00
squashfs
squashfs: use bvec_virt
2021-08-16 10:50:32 -06:00
sysfs
sysfs: Allow deferred execution of iomem_get_mapping()
2021-08-06 13:05:28 +02:00
sysv
mm: require ->set_page_dirty to be explicitly wired up
2021-06-29 10:53:48 -07:00
tracefs
tracing: Fix various typos in comments
2021-03-23 14:08:18 -04:00
ubifs
ubifs: report correct st_size for encrypted symlinks
2021-07-25 20:01:07 -07:00
udf
udf_get_extendedattr() had no boundary checks.
2021-08-23 13:35:19 +02:00
ufs
isystem: ship and use stdarg.h
2021-08-19 09:02:55 +09:00
unicode
.gitignore: prefix local generated files with a slash
2021-05-02 00:43:35 +09:00
vboxsf
vboxsf: Add support for the atomic_open directory-inode op
2021-06-23 14:36:52 +02:00
verity
fsverity: relax build time dependency on CRYPTO_SHA256
2021-04-22 17:31:32 +10:00
xfs
libnvdimm for v5.15
2021-09-09 11:39:57 -07:00
zonefs
\n
2021-08-30 10:24:50 -07:00
aio.c
eventfd: Make signal recursion protection a task bit
2021-08-28 01:33:02 +02:00
anon_inodes.c
attr.c
fs: Move notify_change permission checks into may_setattr
2021-08-13 00:41:05 -04:00
bad_inode.c
vfs: add rcu argument to ->get_acl() callback
2021-08-18 22:08:24 +02:00
binfmt_aout.c
binfmt: a.out: Fix bogus semicolon
2021-09-05 10:15:05 -07:00
binfmt_elf_fdpic.c
binfmt: remove in-tree usage of MAP_DENYWRITE
2021-09-03 18:42:01 +02:00
binfmt_elf.c
binfmt: remove in-tree usage of MAP_DENYWRITE
2021-09-03 18:42:01 +02:00
binfmt_flat.c
binfmt: remove in-tree usage of MAP_EXECUTABLE
2021-06-29 10:53:50 -07:00
binfmt_misc.c
binfmt_misc: fix possible deadlock in bm_register_write
2021-03-13 11:27:30 -08:00
binfmt_script.c
buffer.c
Merge branch 'exit-cleanups-for-v5.15' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
2021-09-01 14:52:05 -07:00
char_dev.c
compat_binfmt_elf.c
coredump.c
coredump: fix memleak in dump_vma_snapshot()
2021-09-08 11:50:27 -07:00
d_path.c
d_path: make 'prepend()' fill up the buffer exactly on overflow
2021-09-02 10:07:29 -07:00
dax.c
New code for 5.15:
2021-08-31 11:13:35 -07:00
dcache.c
useful constants: struct qstr for ".."
2021-04-15 22:36:45 -04:00
direct-io.c
fs: direct-io: fix missing sdio->boundary
2021-04-09 14:54:23 -07:00
drop_caches.c
fs: drop_caches: fix skipping over shadow cache inodes
2021-09-03 09:58:10 -07:00
eventfd.c
eventfd: Export eventfd_wake_count to modules
2021-09-06 07:20:56 -04:00
eventpoll.c
ARM development updates for 5.15:
2021-09-09 13:25:49 -07:00
exec.c
Merge tag 'denywrite-for-5.15' of git://github.com/davidhildenbrand/linux
2021-09-04 11:35:47 -07:00
fcntl.c
Merge branch 'akpm' (patches from Andrew)
2021-09-03 10:08:28 -07:00
fhandle.c
switch file_open_root() to struct path
2021-04-07 13:56:43 -04:00
file_table.c
file.c
virtio,vdpa,vhost: features, fixes
2021-09-11 14:48:42 -07:00
filesystems.c
fs: simplify get_filesystem_list / get_all_fs_names
2021-08-23 01:25:40 -04:00
fs_context.c
memcg: charge fs_context and legacy_fs_context
2021-09-03 09:58:12 -07:00
fs_parser.c
namei: Standardize callers of filename_lookup()
2021-09-07 16:07:47 -04:00
fs_pin.c
fs_struct.c
fs_types.c
fs-writeback.c
Merge branch 'akpm' (patches from Andrew)
2021-09-03 10:08:28 -07:00
fsopen.c
init.c
inode.c
Merge branch 'akpm' (patches from Andrew)
2021-09-03 10:08:28 -07:00
internal.h
block: move fs/block_dev.c to block/bdev.c
2021-09-07 08:39:40 -06:00
io_uring.c
audit,io_uring,io-wq: add some basic audit support to io_uring
2021-09-19 22:10:44 -04:00
io-wq.c
audit,io_uring,io-wq: add some basic audit support to io_uring
2021-09-19 22:10:44 -04:00
io-wq.h
io-wq: provide a way to limit max number of workers
2021-08-29 07:55:55 -06:00
ioctl.c
New code for 5.15:
2021-08-31 11:06:32 -07:00
Kconfig
4 cifs/smb3 fixes, one for DFS reconnect, and one to begin creating common headers for server and client and the other two to rename the cifs_common directory to smbfs_common to be more consistent ie change use of the name cifs to smb which is more accurate
2021-09-12 10:10:21 -07:00
Kconfig.binfmt
binfmt: remove support for em86 (alpha only)
2021-07-25 22:33:03 -07:00
kernel_read_file.c
switch file_open_root() to struct path
2021-04-07 13:56:43 -04:00
libfs.c
fs: remove noop_set_page_dirty()
2021-06-29 10:53:48 -07:00
locks.c
Revert "memcg: enable accounting for file lock caches"
2021-09-07 11:21:48 -07:00
Makefile
4 cifs/smb3 fixes, one for DFS reconnect, and one to begin creating common headers for server and client and the other two to rename the cifs_common directory to smbfs_common to be more consistent ie change use of the name cifs to smb which is more accurate
2021-09-12 10:10:21 -07:00
mbcache.c
mount.h
mpage.c
block: rename BIO_MAX_PAGES to BIO_MAX_VECS
2021-03-11 07:47:48 -07:00
namei.c
putname(): IS_ERR_OR_NULL() is wrong here
2021-09-07 16:14:05 -04:00
namespace.c
Merge branch 'akpm' (patches from Andrew)
2021-09-03 10:08:28 -07:00
no-block.c
nsfs.c
open.c
fs: remove mandatory file locking support
2021-08-23 06:15:36 -04:00
pipe.c
Revert "mm/gup: remove try_get_page(), call try_get_compound_head() directly"
2021-09-07 11:03:45 -07:00
pnode.c
pnode.h
mount: fix mounting of detached mounts onto targets that reside on shared mounts
2021-03-08 15:18:43 +01:00
posix_acl.c
ovl: enable RCU'd ->get_acl()
2021-08-18 22:08:24 +02:00
proc_namespace.c
read_write.c
fs: clean up after mandatory file locking support removal
2021-08-24 07:52:45 -04:00
readdir.c
readdir: make sure to verify directory entry for legacy interfaces too
2021-04-17 11:39:49 -07:00
remap_range.c
fs: remove mandatory file locking support
2021-08-23 06:15:36 -04:00
select.c
Revert "memcg: enable accounting for pollfd and select bits arrays"
2021-09-07 11:26:23 -07:00
seq_file.c
seq_file: disallow extremely large seq buffer allocations
2021-07-19 17:18:48 -07:00
signalfd.c
signal: Rename SIL_PERF_EVENT SIL_FAULT_PERF_EVENT for consistency
2021-07-23 13:16:43 -05:00
splice.c
for-5.12/block-2021-02-17
2021-02-21 11:02:48 -08:00
stack.c
stat.c
fs: add generic helper for filling statx attribute flags
2021-08-17 11:47:43 +02:00
statfs.c
super.c
block: remove the bd_bdi in struct block_device
2021-08-09 11:53:26 -06:00
sync.c
timerfd.c
timerfd: Provide timerfd_resume()
2021-08-10 17:57:22 +02:00
userfaultfd.c
userfaultfd: prevent concurrent API initialization
2021-09-03 09:58:16 -07:00
utimes.c
xattr.c
xattr: fix kernel-doc for mnt_userns and vfs xattr helpers
2021-03-23 11:20:26 +01:00