[PATCH][RFC] V1 Remove SELinux dependencies from linux-audit via LSM
Casey Schaufler
casey at schaufler-ca.com
Fri Aug 3 03:57:36 UTC 2007
--- Casey Schaufler <casey at schaufler-ca.com> wrote:
> From: Casey Schaufler <casey at schaufler-ca.com>
>
> This patch removes SELinux specific code from the kernel auditing
> system, replacing it with LSM hook invocations that perform the
> functions appropriate to those behaviors.
>
> The LSM interface is extended to provide interfaces for a module
> to add audit filters. Interfaces are added to get secids from
> inodes and ipcs.
>
> The audit code is revised to call these hooks instead of the SELinux
> functions. This requires some structure definitions to change header
> files.
>
> The SELinux code is changed to export the old interfaces as LSM hooks
> instead of doing so directly. The SELinux specific audit filter code
> has been moved into the SELinux module.
>
> Signed-off-by: Casey Schaufler <casey at schaufler-ca.com>
>
> ---
Forgot to include: The patch is relative to 2.6.22.
Casey Schaufler
casey at schaufler-ca.com
More information about the Linux-audit
mailing list