Received: by 2002:a05:6a10:a852:0:0:0:0 with SMTP id d18csp541974pxy; Fri, 30 Apr 2021 10:36:39 -0700 (PDT) X-Google-Smtp-Source: ABdhPJygJ3Q8tFgd/RF0QlunTM2Ep5gtF6qN9EmTMzNOiC1RyNzuGxGGmEllua8wh/FNMBC89tPe X-Received: by 2002:a17:907:3f06:: with SMTP id hq6mr4055414ejc.46.1619804199242; Fri, 30 Apr 2021 10:36:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1619804199; cv=none; d=google.com; s=arc-20160816; b=a35TVF6ijwT2/+WMBu0jr+prKP7tP5It/4tpFlMlKVvQsMK/NMbOsdh4L07OdleHLB vMxGIom+eha0Vkf2pL5Tcqyld2VaOEuPUtYHp2bzN0jxiQMpwnS8+5TGexbU32rGMYEf qa25fuWJhOto6ZZHHDRWcEXyaiZbsiJMsI4lVKe0kSme3giT4Pyol6dgB/xRtdCYTGlP JG/FXX1Ds5A0aFZ3vTcB/3HLR7EaZz0WdteXxFmaLFhjW08WDmMjGeFI/YsxdvuZdD/m aWX4vI04HHFN9+pF2Qbf9O9w90fT6mc5wrGpITt2IJOE4qPZjq9alwLr8ugWKcJ3h3i4 lyAw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=rnOgPKZjZy0onTXRBA27q6w7KxyfRvenQEgxZ63aGEE=; b=SgESRIkL6VkyLd2Q9CzJkax64zqbJo4QrCRnVu9nWuOKnA7hIw8r7lzE4kANoxfiZ/ 78uQPzGEe5bqd75nD5e6LRokdwjb1xDMNXQ0FtXMpi2TYw1gVWdvy564ss08iBNoNA1b vXZWbGxQwTT4oR51gbf/va3c4pECTdMPX6+OBEiIu/mXlrwvtrkRmnXcB+DuUyzgWIUx yXxPLgOWdKy/8lX8K8wkelmLVkGo2YA7ecQSu1hs0itx5UxogjpS+XG9zrH80W7Aym63 9z8JmqWURaHxZ4dab/MGCq2FRWIRdfu7ATJpyzcE2XuFqRTZuH7jtgtKwlIxd6/mcsiH GjkA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=QwxO8Ygi; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id y9si2304904edq.93.2021.04.30.10.36.15; Fri, 30 Apr 2021 10:36:39 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=QwxO8Ygi; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231150AbhD3RgB (ORCPT + 99 others); Fri, 30 Apr 2021 13:36:01 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]:57748 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231160AbhD3Rf4 (ORCPT ); Fri, 30 Apr 2021 13:35:56 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1619804107; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=rnOgPKZjZy0onTXRBA27q6w7KxyfRvenQEgxZ63aGEE=; b=QwxO8YgiP3jNaXNS8rmLRFCnBxktdRfoM3/sMu/yNbLONjCKapaNz2f6+5eEy6Ts4jrmuR IAzCPxFvJItRPR6ciTkVPp/ezLlIe1F1jFjoYpf3OD6QmA5hc/fzawtImAlPgbNlX2k9j+ IyrBte7lRvHu7D/ywhpVzXCcxLuVwKk= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-470-6zgAS2f6Nnmac7MOH3zjHQ-1; Fri, 30 Apr 2021 13:35:00 -0400 X-MC-Unique: 6zgAS2f6Nnmac7MOH3zjHQ-1 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 1F69F501ED; Fri, 30 Apr 2021 17:34:58 +0000 (UTC) Received: from madcap2.tricolour.ca (unknown [10.3.128.45]) by smtp.corp.redhat.com (Postfix) with ESMTP id 79AB136DE; Fri, 30 Apr 2021 17:34:48 +0000 (UTC) From: Richard Guy Briggs To: Linux-Audit Mailing List , LKML , linux-fsdevel@vger.kernel.org Cc: Paul Moore , Eric Paris , Steve Grubb , Richard Guy Briggs , Alexander Viro , Eric Paris , x86@kernel.org, linux-alpha@vger.kernel.org, linux-ia64@vger.kernel.org, linux-parisc@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, linux-s390@vger.kernel.org, sparclinux@vger.kernel.org, Aleksa Sarai Subject: [PATCH v2 0/3] audit: add support for openat2 Date: Fri, 30 Apr 2021 13:29:34 -0400 Message-Id: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The openat2(2) syscall was added in v5.6. Add support for openat2 to the audit syscall classifier and for recording openat2 parameters that cannot be captured in the syscall parameters of the SYSCALL record. Supporting userspace code can be found in https://github.com/rgbriggs/audit-userspace/tree/ghau-openat2 Supporting test case can be found in https://github.com/linux-audit/audit-testsuite/pull/103 Richard Guy Briggs (3): audit: replace magic audit syscall class numbers with macros audit: add support for the openat2 syscall audit: add OPENAT2 record to list how arch/alpha/kernel/audit.c | 10 ++++++---- arch/ia64/kernel/audit.c | 10 ++++++---- arch/parisc/kernel/audit.c | 10 ++++++---- arch/parisc/kernel/compat_audit.c | 11 +++++++---- arch/powerpc/kernel/audit.c | 12 +++++++----- arch/powerpc/kernel/compat_audit.c | 13 ++++++++----- arch/s390/kernel/audit.c | 12 +++++++----- arch/s390/kernel/compat_audit.c | 13 ++++++++----- arch/sparc/kernel/audit.c | 12 +++++++----- arch/sparc/kernel/compat_audit.c | 13 ++++++++----- arch/x86/ia32/audit.c | 13 ++++++++----- arch/x86/kernel/audit_64.c | 10 ++++++---- fs/open.c | 2 ++ include/linux/audit.h | 11 +++++++++++ include/linux/auditscm.h | 24 +++++++++++++++++++++++ include/uapi/linux/audit.h | 1 + kernel/audit.h | 2 ++ kernel/auditsc.c | 31 ++++++++++++++++++++++++------ lib/audit.c | 14 +++++++++----- lib/compat_audit.c | 15 ++++++++++----- 20 files changed, 168 insertions(+), 71 deletions(-) create mode 100644 include/linux/auditscm.h -- 2.27.0