This series of patches cleans up some usages of the audit subsystem's API by IMA and extends the audit subsystem's API with API calls for adding new fields to the audit_buffer. Besides that we extend the existing audit records created while parsing IMA policy rules with fields that are common for audit records produced by IMA. Besides that we introduce a new record type that IMA creates while parsing policy rules. Stefan Stefan Berger (8): ima: Call audit_log_string() rather than logging it untrusted ima: Use audit_log_format() rather than audit_log_string() audit: Implement audit_log_tty() audit: Allow others to call audit_log_d_path_exe() integrity: Add exe= and tty= before res= to integrity audits integrity: Factor out common part of integrity_audit_msg() ima: Do not audit if CONFIG_INTEGRITY_AUDIT is not set ima: Differentiate auditing policy rules from "audit" actions include/linux/audit.h | 10 ++++++++++ include/uapi/linux/audit.h | 3 ++- kernel/audit.c | 8 ++++++++ security/integrity/ima/Kconfig | 1 + security/integrity/ima/ima_policy.c | 12 ++++++++---- security/integrity/integrity.h | 26 ++++++++++++++++++++++++++ security/integrity/integrity_audit.c | 32 +++++++++++++++++++------------- 7 files changed, 74 insertions(+), 18 deletions(-) -- 2.13.6
