Google Git
Sign in
android-kvm / linux / 02d86a568c6d2d335256864451ac8ce781bc5652
commit02d86a568c6d2d335256864451ac8ce781bc5652[log] [tgz]
authorEric Paris <eparis@redhat.com>Tue Jan 03 14:23:08 2012 -0500
committerAl Viro <viro@zeniv.linux.org.uk>Tue Jan 17 16:17:01 2012 -0500
tree3ef085bd96cc79733cff28993379dbbd4b855813
parent29ef73b7a823b77a7cd0bdd7d7cded3fb6c2587b [diff]
audit: allow interfield comparison in audit rules

We wish to be able to audit when a uid=500 task accesses a file which is
uid=0.  Or vice versa.  This patch introduces a new audit filter type
AUDIT_FIELD_COMPARE which takes as an 'enum' which indicates which fields
should be compared.  At this point we only define the task->uid vs
inode->uid, but other comparisons can be added.

Signed-off-by: Eric Paris <eparis@redhat.com>
3 files changed
tree: 3ef085bd96cc79733cff28993379dbbd4b855813
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. COPYING
  25. CREDITS
  26. Kbuild
  27. Kconfig
  28. MAINTAINERS
  29. Makefile
  30. README
  31. REPORTING-BUGS