microsoft
/
WSL2-Linux-Kernel
зеркало из https://github.com/microsoft/WSL2-Linux-Kernel.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
WSL2-Linux-Kernel/include
История
Anton Blanchard cdee3904b4 audit: Syscall rules are not applied to existing processes on non-x86 
Commit b05d8447e7 (audit: inline audit_syscall_entry to reduce
burden on archs) changed audit_syscall_entry to check for a dummy
context before calling __audit_syscall_entry. Unfortunately the dummy
context state is maintained in __audit_syscall_entry so once set it
never gets cleared, even if the audit rules change.

As a result, if there are no auditing rules when a process starts
then it will never be subject to any rules added later. x86 doesn't
see this because it has an assembly fast path that calls directly into
__audit_syscall_entry.

I noticed this issue when working on audit performance optimisations.
I wrote a set of simple test cases available at:

http://ozlabs.org/~anton/junkcode/audit_tests.tar.gz

02_new_rule.py fails without the patch and passes with it. The
test case clears all rules, starts a process, adds a rule then
verifies the process produces a syscall audit record.

Signed-off-by: Anton Blanchard <anton@samba.org>
Cc: <stable@kernel.org> # 3.3+
Signed-off-by: Eric Paris <eparis@redhat.com>
 		2013-04-10 12:48:34 -04:00
..
acpi PCI changes for the v3.8 merge window: 2012-12-13 12:14:47 -08:00
asm-generic Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/geert/linux-m68k 2013-01-23 13:31:15 -08:00
clocksource
crypto crypto: cast5/cast6 - move lookup tables to shared module 2012-12-06 17:16:26 +08:00
drm Merge branch 'drm-intel-fixes' of git://people.freedesktop.org/~danvet/drm-intel 2013-01-11 07:52:48 +10:00
keys
linux audit: Syscall rules are not applied to existing processes on non-x86 2013-04-10 12:48:34 -04:00
math-emu
media [media] V4L: Add driver for S3C24XX/S3C64XX SoC series camera interface 2012-11-28 09:43:34 -02:00
memory
misc
net ipv6: rename datagram_send_ctl and datagram_recv_ctl 2013-01-31 13:53:08 -05:00
pcmcia
ras
rdma UAPI: Remove empty Kbuild files 2013-01-02 17:36:10 -08:00
rxrpc
scsi SCSI misc on 20121212 2012-12-13 19:20:31 -08:00
sound Merge remote-tracking branch 'asoc/fix/cs4271' into tmp 2013-01-10 12:22:11 +00:00
target target: Introduce TCM_NO_SENSE 2013-01-10 20:06:08 -08:00
trace Various bug fixes for ext4. Perhaps the most serious bug fixed is one 2013-01-02 09:57:34 -08:00
uapi unbreak automounter support on 64-bit kernel with 32-bit userspace (v2) 2013-02-08 20:42:18 +01:00
video Merge branch 'omap-for-v3.8/fixes-for-merge-window' into omap-for-v3.8/fixes-for-merge-window-v2 2012-12-16 11:28:10 -08:00
xen Bugfixes: 2012-12-18 12:26:54 -08:00
Kbuild UAPI: Remove empty Kbuild files 2013-01-02 17:36:10 -08:00