github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-23 14:41:52 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
326bee0286
linux/include
History
Tyler Hicks 326bee0286 seccomp: Don't special case audited processes when logging 
Seccomp logging for "handled" actions such as RET_TRAP, RET_TRACE, or
RET_ERRNO can be very noisy for processes that are being audited. This
patch modifies the seccomp logging behavior to treat processes that are
being inspected via the audit subsystem the same as processes that
aren't under inspection. Handled actions will no longer be logged just
because the process is being inspected. Since v4.14, applications have
the ability to request logging of handled actions by using the
SECCOMP_FILTER_FLAG_LOG flag when loading seccomp filters.

With this patch, the logic for deciding if an action will be logged is:

  if action == RET_ALLOW:
    do not log
  else if action not in actions_logged:
    do not log
  else if action == RET_KILL:
    log
  else if action == RET_LOG:
    log
  else if filter-requests-logging:
    log
  else:
    do not log

Reported-by: Steve Grubb <sgrubb@redhat.com>
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Acked-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Paul Moore <paul@paul-moore.com>
2018-05-08 02:04:23 -04:00
..
acpi xen: fixes for 4.17-rc1 2018-04-12 11:04:35 -07:00
asm-generic asm-generic fixes for v4.17-rc1 2018-04-12 09:15:48 -07:00
clocksource ARM: SoC platform updates for 4.17 2018-04-05 21:21:08 -07:00
crypto crypto: api - Remove unused crypto_type lookup function 2018-03-31 01:32:57 +08:00
drm Linux 4.16-rc7 2018-03-28 14:30:41 +10:00
dt-bindings The large diff this time around is from the addition of a new clk driver 2018-04-13 15:51:06 -07:00
keys
kvm
linux seccomp: Don't special case audited processes when logging 2018-05-08 02:04:23 -04:00
math-emu
media media updates for v4.17-rc1 2018-04-10 10:10:30 -07:00
memory
misc
net slip: Check if rstate is initialized before uncompressing 2018-04-11 10:33:46 -04:00
pcmcia
ras
rdma Merge candidates for 4.17 merge window 2018-04-06 17:35:43 -07:00
scsi SCSI for-linus on 20180404 2018-04-05 15:05:53 -07:00
soc ARM: SoC driver updates for 4.17 2018-04-05 21:29:35 -07:00
sound sound updates for 4.17-rc1 2018-04-05 10:42:07 -07:00
target
trace NFS client updates for Linux 4.17 2018-04-12 12:55:50 -07:00
uapi Merge branch 'parisc-4.17-2' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux 2018-04-12 17:07:04 -07:00
video
xen xen/pvh: Indicate XENFEAT_linux_rsdp_unrestricted to Xen 2018-04-10 09:22:22 -04:00