iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/kernel
History
Peter Zijlstra bdf4c48af2 audit: rework execve audit 
The purpose of audit_bprm() is to log the argv array to a userspace daemon at
the end of the execve system call.  Since user-space hasn't had time to run,
this array is still in pristine state on the process' stack; so no need to
copy it, we can just grab it from there.

In order to minimize the damage to audit_log_*() copy each string into a
temporary kernel buffer first.

Currently the audit code requires that the full argument vector fits in a
single packet.  So currently it does clip the argv size to a (sysctl) limit,
but only when execve auditing is enabled.

If the audit protocol gets extended to allow for multiple packets this check
can be removed.

Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Signed-off-by: Ollie Wild <aaw@google.com>
Cc: <linux-audit@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-07-19 10:04:45 -07:00
..
irq
Improve behaviour of spurious IRQ detect
2007-07-16 09:05:46 -07:00
power
PM: Integrate beeping flag with existing acpi_sleep flags
2007-07-19 10:04:43 -07:00
time
kallsyms: make KSYM_NAME_LEN include space for trailing '\0'
2007-07-17 10:23:03 -07:00
.gitignore
gitignore: ignore more generated files
2006-01-03 11:35:26 +01:00
acct.c
[PATCH] kernel: change uses of f_{dentry, vfsmnt} to use f_path
2006-12-08 08:28:42 -08:00
audit.c
Freezer: make kernel threads nonfreezable by default
2007-07-17 10:23:02 -07:00
audit.h
Audit: add TTY input auditing
2007-07-16 09:05:47 -07:00
auditfilter.c
kernel/auditfilter: kill bogus uninit'd-var compiler warning
2007-07-17 16:17:59 -04:00
auditsc.c
audit: rework execve audit
2007-07-19 10:04:45 -07:00
capability.c
[PATCH] pid: replace do/while_each_task_pid with do/while_each_pid_task
2007-02-12 09:48:32 -08:00
compat.c
signal/timer/event: timerfd compat code
2007-05-11 08:29:36 -07:00
configs.c
use simple_read_from_buffer in kernel/
2007-05-09 12:30:49 -07:00
cpu.c
HOTPLUG: Add CPU_DYING notifier
2007-07-16 12:05:49 +03:00
cpuset.c
usermodehelper: Tidy up waiting
2007-07-18 08:47:40 -07:00
delayacct.c
sched: update delay-accounting to use CFS's precise stats
2007-07-09 18:52:00 +02:00
die_notifier.c
move die notifier handling to common code
2007-05-08 11:15:04 -07:00
dma.c
[PATCH] struct seq_operations and struct file_operations constification
2006-12-07 08:39:46 -08:00
exec_domain.c
Remove obsolete #include <linux/config.h>
2006-06-30 19:25:36 +02:00
exit.c
Freezer: avoid freezing kernel threads prematurely
2007-07-19 10:04:42 -07:00
extable.c
[PATCH] symbol_put_addr() locks kernel
2006-05-15 11:20:55 -07:00
fork.c
Freezer: make kernel threads nonfreezable by default
2007-07-17 10:23:02 -07:00
futex_compat.c
Revert "futex_requeue_pi optimization"
2007-06-18 09:48:41 -07:00
futex.c
mm: fault feedback #2
2007-07-19 10:04:41 -07:00
hrtimer.c
[HRTIMER] Fix cpu pointer arg to clockevents_notify()
2007-07-16 17:29:56 -07:00
itimer.c
The scheduled -EINVAL for invalid timevals in setitimer
2007-05-08 11:15:13 -07:00
kallsyms.c
kallsyms: make KSYM_NAME_LEN include space for trailing '\0'
2007-07-17 10:23:03 -07:00
Kconfig.hz
[PATCH] HZ: 300Hz support
2006-12-07 08:39:36 -08:00
Kconfig.preempt
Fix trivial typos in Kconfig* files
2007-05-09 07:12:20 +02:00
kexec.c
kdump/kexec: calculate note size at compile time
2007-05-08 11:15:07 -07:00
kfifo.c
is_power_of_2: kernel/kfifo.c
2007-07-16 09:05:50 -07:00
kmod.c
PM: prevent frozen user mode helpers from failing the freezing of tasks
2007-07-19 10:04:42 -07:00
kprobes.c
jprobes: make jprobes a little safer for users
2007-07-19 10:04:44 -07:00
ksysfs.c
remove "struct subsystem" as it is no longer needed
2007-05-02 18:57:59 -07:00
kthread.c
mm: fix improper .init-type section references
2007-07-16 09:05:36 -07:00
latency.c
[PATCH] severing module.h->sched.h
2006-12-04 02:00:22 -05:00
lockdep_internals.h
[PATCH] lockdep: more chains
2006-12-07 08:39:43 -08:00
lockdep_proc.c
[PATCH] remove many unneeded #includes of sched.h
2007-02-14 08:09:54 -08:00
lockdep.c
kallsyms: make KSYM_NAME_LEN include space for trailing '\0'
2007-07-17 10:23:03 -07:00
Makefile
user namespace: add the framework
2007-07-16 09:05:47 -07:00
module.c
kallsyms: make KSYM_NAME_LEN include space for trailing '\0'
2007-07-17 10:23:03 -07:00
mutex-debug.c
[PATCH] remove many unneeded #includes of sched.h
2007-02-14 08:09:54 -08:00
mutex-debug.h
[PATCH] lockdep: better lock debugging
2006-07-03 15:27:01 -07:00
mutex.c
wrap access to thread_info
2007-05-09 12:30:56 -07:00
mutex.h
[PATCH] lockdep: prove mutex locking correctness
2006-07-03 15:27:04 -07:00
nsproxy.c
namespace: ensure clone_flags are always stored in an unsigned long
2007-07-16 09:05:48 -07:00
panic.c
Report that kernel is tainted if there was an OOPS
2007-07-17 10:23:02 -07:00
params.c
sysfs: kill unnecessary attribute->owner
2007-07-11 16:09:06 -07:00
pid.c
namespace: ensure clone_flags are always stored in an unsigned long
2007-07-16 09:05:48 -07:00
posix-cpu-timers.c
sched: make posix-cpu-timers use CFS's accounting information
2007-07-09 18:51:58 +02:00
posix-timers.c
posix-timers: Prevent softirq starvation by small intervals and SIG_IGN
2007-06-21 15:57:04 -07:00
printk.c
kernel/printk.c: document possible deadlock against scheduler
2007-07-16 09:05:52 -07:00
profile.c
Detach sched.h from mm.h
2007-05-21 09:18:19 -07:00
ptrace.c
PTRACE_POKEDATA consolidation
2007-07-17 10:23:03 -07:00
rcupdate.c
Add suspend-related notifications for CPU hotplug
2007-05-09 12:30:56 -07:00
rcutorture.c
Freezer: make kernel threads nonfreezable by default
2007-07-17 10:23:02 -07:00
relay.c
relay: fixup kerneldoc comment
2007-07-13 14:14:28 +02:00
resource.c
libata/IDE: remove combined mode quirk
2007-04-28 14:15:59 -04:00
rtmutex_common.h
FUTEX: Tidy up the code
2007-07-16 09:05:49 -07:00
rtmutex-debug.c
FUTEX: Tidy up the code
2007-07-16 09:05:49 -07:00
rtmutex-debug.h
[PATCH] lockdep: better lock debugging
2006-07-03 15:27:01 -07:00
rtmutex-tester.c
Freezer: make kernel threads nonfreezable by default
2007-07-17 10:23:02 -07:00
rtmutex.c
FUTEX: Tidy up the code
2007-07-16 09:05:49 -07:00
rtmutex.h
[PATCH] lockdep: better lock debugging
2006-07-03 15:27:01 -07:00
rwsem.c
Lockdep treats down_write_trylock like regular down_write
2007-05-08 11:15:09 -07:00
sched_debug.c
[PATCH] sched: remove stale version info from kernel/sched_debug.c
2007-07-13 10:10:41 -07:00
sched_fair.c
sched: cfs core, kernel/sched_fair.c
2007-07-09 18:51:58 +02:00
sched_idletask.c
sched: cfs core, kernel/sched_idletask.c
2007-07-09 18:51:58 +02:00
sched_rt.c
sched: cfs core, kernel/sched_rt.c
2007-07-09 18:51:58 +02:00
sched_stats.h
sched: update delay-accounting to use CFS's precise stats
2007-07-09 18:52:00 +02:00
sched.c
use the new percpu interface for shared data
2007-07-19 10:04:45 -07:00
seccomp.c
make seccomp zerocost in schedule
2007-07-16 09:05:50 -07:00
signal.c
vdso: print fatal signals
2007-07-16 09:05:43 -07:00
softirq.c
Freezer: make kernel threads nonfreezable by default
2007-07-17 10:23:02 -07:00
softlockup.c
Freezer: make kernel threads nonfreezable by default
2007-07-17 10:23:02 -07:00
spinlock.c
[PATCH] lockdep: spin_lock_irqsave_nested()
2006-11-25 13:28:34 -08:00
srcu.c
[PATCH] SRCU: report out-of-memory errors
2006-10-04 07:55:30 -07:00
stacktrace.c
[PATCH] lockdep: stacktrace subsystem, core
2006-07-03 15:27:02 -07:00
stop_machine.c
Fix stop_machine_run problem with naughty real time process
2007-07-16 09:05:41 -07:00
sys_ni.c
diskquota: 32bit quota tools on 64bit architectures
2007-07-16 09:05:48 -07:00
sys.c
PM: Introduce pm_power_off_prepare
2007-07-19 10:04:42 -07:00
sysctl.c
audit: rework execve audit
2007-07-19 10:04:45 -07:00
taskstats.c
taskstats: add context-switch counters
2007-07-16 09:05:46 -07:00
time.c
sys_time() speedup
2007-07-16 09:05:48 -07:00
timer.c
Slab allocators: Replace explicit zeroing with __GFP_ZERO
2007-07-17 10:23:02 -07:00
tsacct.c
[PATCH] time: x86_64: split x86_64/kernel/time.c up
2007-02-16 08:14:00 -08:00
uid16.c
header cleaning: don't include smp_lock.h when not used
2007-05-08 11:15:07 -07:00
user_namespace.c
fix create_new_namespaces() return value
2007-07-16 09:05:47 -07:00
user.c
user namespace: add the framework
2007-07-16 09:05:47 -07:00
utsname_sysctl.c
remove CONFIG_UTS_NS and CONFIG_IPC_NS
2007-07-16 09:05:47 -07:00
utsname.c
namespace: ensure clone_flags are always stored in an unsigned long
2007-07-16 09:05:48 -07:00
wait.c
Fix occurrences of "the the "
2007-05-09 08:57:56 +02:00
workqueue.c
destroy_workqueue() can livelock
2007-07-17 10:23:03 -07:00