The Linux audit system includes LSM based security "context" information in its events. Historically, only one LSM that uses security contexts can be active on a system. One of the few obsticles to allowing multiple LSM support is the inability to report more than one security context in an audit event. This patchset provides a mechanism to provide supplimental records containing more than one security context for subjects and objects. The mechanism for reporting multiple security contexts inspired considerable discussion. It would have been possible to add multiple contexts to existing records using sophisticated formatting. This would have significant backward compatibility issues, and require additional parsing in user space code. Adding new records for an event that contain the contexts is more in keeping with the way audit events have been constructed in the past. Only audit events associated with system calls have required multiple records prior to this. Mechanism has been added allowing any event to be composed of multiple records. This should make it easier to add information to existing audit events without breaking backward compatability. https://github.com/cschaufler/lsm-stacking#audit-record-6.13-rc1-v1 Casey Schaufler (6): Audit: Create audit_stamp structure Audit: Allow multiple records in an audit_buffer LSM: security_lsmblob_to_secctx module selection Audit: Add record for multiple task security contexts Audit: multiple subject lsm values for netlabel Audit: Add record for multiple object contexts include/linux/audit.h | 13 ++ include/linux/lsm_hooks.h | 1 + include/linux/security.h | 7 +- include/uapi/linux/audit.h | 2 + kernel/audit.c | 233 +++++++++++++++++++++++++++++------ kernel/audit.h | 13 +- kernel/auditsc.c | 105 ++++++---------- net/netlabel/netlabel_user.c | 8 +- security/apparmor/lsm.c | 1 + security/bpf/hooks.c | 1 + security/security.c | 16 ++- security/selinux/hooks.c | 1 + security/smack/smack_lsm.c | 1 + 13 files changed, 278 insertions(+), 124 deletions(-) -- 2.47.0
