On 2020-12-21 12:14, Paul Moore wrote: > On Mon, Dec 21, 2020 at 11:57 AM Richard Guy Briggs <rgb@xxxxxxxxxx> wrote: > > > > The audit-related parameters in struct task_struct should ideally be > > collected together and accessed through a standard audit API and the audit > > structures made opaque to other kernel subsystems. > > > > Collect the existing loginuid, sessionid and audit_context together in a > > new opaque struct audit_task_info called "audit" in struct task_struct. > > > > Use kmem_cache to manage this pool of memory. > > Un-inline audit_free() to be able to always recover that memory. > > > > Please see the upstream github issues > > https://github.com/linux-audit/audit-kernel/issues/81 > > https://github.com/linux-audit/audit-kernel/issues/90 > > > > Signed-off-by: Richard Guy Briggs <rgb@xxxxxxxxxx> > > Acked-by: Neil Horman <nhorman@xxxxxxxxxxxxx> > > Reviewed-by: Ondrej Mosnacek <omosnace@xxxxxxxxxx> > > Did Neil and Ondrej really ACK/Review the changes that you made here > in v10 or are you just carrying over the ACK/Review? I'm hopeful it > is the former, because I'm going to be a little upset if it is the > latter. It is the latter, sorry. So, this needs to be reposted without their ACK/Review lines. > > --- > > fs/io-wq.c | 8 +-- > > fs/io_uring.c | 16 ++--- > > include/linux/audit.h | 49 +++++--------- > > include/linux/sched.h | 7 +- > > init/init_task.c | 3 +- > > init/main.c | 2 + > > kernel/audit.c | 154 +++++++++++++++++++++++++++++++++++++++++- > > kernel/audit.h | 7 ++ > > kernel/auditsc.c | 24 ++++--- > > kernel/fork.c | 1 - > > 10 files changed, 205 insertions(+), 66 deletions(-) > > -- > paul moore > www.paul-moore.com > - RGB -- Richard Guy Briggs <rgb@xxxxxxxxxx> Sr. S/W Engineer, Kernel Security, Base Operating Systems Remote, Ottawa, Red Hat Canada IRC: rgb, SunRaycer Voice: +1.647.777.2635, Internal: (81) 32635
