On Tue, Aug 30, 2016 at 5:13 PM, Paul Moore <pmoore@xxxxxxxxxx> wrote: > From: Paul Moore <paul@xxxxxxxxxxxxxx> > > Unfortunately we record PIDs in audit records using a variety of > methods despite the correct way being the use of task_tgid_nr(). > This patch converts all of these callers, except for the case of > AUDIT_SET in audit_receive_msg() (see the comment in the code). > > Reported-by: Jeff Vander Stoep <jeffv@xxxxxxxxxx> > Signed-off-by: Paul Moore <paul@xxxxxxxxxxxxxx> > --- > kernel/audit.c | 8 +++++++- > kernel/auditsc.c | 12 ++++++------ > security/lsm_audit.c | 4 ++-- > 3 files changed, 15 insertions(+), 9 deletions(-) I forgot to tag this with "RFC". This patch compiles but I haven't had a chance to test it yet so it isn't going into audit#next just yet; if you have any concerns, now is the time to voice them. -- paul moore security @ redhat _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
