Porting audit: implement generic feature setting and retrieving to Android kernel
Nathaniel Husted
nhusted at gmail.com
Tue Jun 18 20:23:57 UTC 2013
Will, my sincere apologies, I was unaware Google had written one up ( I've
only ever been looking at Jellybean's external directory these days).
Where's the code for your audit port hanging out? I'm really glad to see
someone took the time and did it right. Thanks!
Cheers,
Nathaniel
On Tue, Jun 18, 2013 at 4:09 PM, William Roberts
<bill.c.roberts at gmail.com>wrote:
> Nathan,
>
> The "robust port that Google has" was done by me, so we can always use
> that :-P The newest features that i back-ported from the upstream kernel
> were for a separate feature need that came about when I was at Samsung,
> which was the need to send the kernel messages to both kmsg and a userspace
> auditd. Eric created a patch for a more generic feature setting
> and retrieval implementation on the kernel side, that I rebased my kernel
> patch for the "always send to kmsg feature" onto. They were tested on the
> desktop, seemed to be fine. I just haven't had the time to get back to the
> Android port to test it; likely it will be fine. I just wanted to keep
> Eric/community abreast of my porting activity.
>
> FYI I saw your port early on, the reason I wrote one from scratch was due
> to the license issues.
>
> Bill
>
>
> On Tue, Jun 18, 2013 at 1:19 PM, Nathaniel Husted <nhusted at gmail.com>wrote:
>
>> If you'd like to test your patch out I have a userland fork of audit you
>> can use (https://github.com/nwhusted/AuditdAndroid). For various reasons
>> we gutted the networking implementation in userland and shoved audisp's
>> AF_Unix plugin where auditd's networking should be (don't ask). Only auditd
>> and auditctl will compile (the other programs have certain GNU/libc stuff
>> that I didn't write bridge-code for), but that should be more then enough
>> to run through some logging on Android.
>>
>> At some point I'll have time to go back and make a robust port of audit
>> as Google has started (hopefully) getting there stuff together and turning
>> bionic from a piece of junk into something usable.
>>
>> Cheers,
>> Nathaniel
>>
>> On Mon, Jun 17, 2013 at 10:08 AM, William Roberts <
>> bill.c.roberts at gmail.com> wrote:
>>
>>> So I ported the initial "audit: implement generic feature setting and
>>> retrieving" to Android as well as rebased my patch ontop. Since I didn't
>>> author the original patch, I just wanted to keep you abreast of where it
>>> was going.
>>>
>>> https://android-review.googlesource.com/#/c/60880/
>>>
>>> --
>>> Respectfully,
>>>
>>> William C Roberts
>>>
>>>
>>> --
>>> Linux-audit mailing list
>>> Linux-audit at redhat.com
>>> https://www.redhat.com/mailman/listinfo/linux-audit
>>>
>>
>>
>
>
> --
> Respectfully,
>
> William C Roberts
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20130618/68ffb3a6/attachment.htm>
More information about the Linux-audit
mailing list