From: Linus Torvalds <torvalds@g5.osdl.org>
Date: Sat, 25 Mar 2006 17:24:53 +0000 (-0800)
Subject: Merge branch 'audit.b3' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit... 
X-Git-Tag: v2.6.17-rc1~665
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=1b9a3917366028cc451a98dd22e3bcd537d4e5c1;p=platform%2Fkernel%2Flinux-3.10.git

Merge branch 'audit.b3' of git://git./linux/kernel/git/viro/audit-current

* 'audit.b3' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current: (22 commits)
  [PATCH] fix audit_init failure path
  [PATCH] EXPORT_SYMBOL patch for audit_log, audit_log_start, audit_log_end and audit_format
  [PATCH] sem2mutex: audit_netlink_sem
  [PATCH] simplify audit_free() locking
  [PATCH] Fix audit operators
  [PATCH] promiscuous mode
  [PATCH] Add tty to syscall audit records
  [PATCH] add/remove rule update
  [PATCH] audit string fields interface + consumer
  [PATCH] SE Linux audit events
  [PATCH] Minor cosmetic cleanups to the code moved into auditfilter.c
  [PATCH] Fix audit record filtering with !CONFIG_AUDITSYSCALL
  [PATCH] Fix IA64 success/failure indication in syscall auditing.
  [PATCH] Miscellaneous bug and warning fixes
  [PATCH] Capture selinux subject/object context information.
  [PATCH] Exclude messages by message type
  [PATCH] Collect more inode information during syscall processing.
  [PATCH] Pass dentry, not just name, in fsnotify creation hooks.
  [PATCH] Define new range of userspace messages.
  [PATCH] Filter rule comparators
  ...

Fixed trivial conflict in security/selinux/hooks.c
---

1b9a3917366028cc451a98dd22e3bcd537d4e5c1
diff --cc include/linux/fsnotify.h
index f7e517c,94919c3..11438ef
--- a/include/linux/fsnotify.h
+++ b/include/linux/fsnotify.h
@@@ -15,27 -15,9 +15,28 @@@
  
  #include <linux/dnotify.h>
  #include <linux/inotify.h>
+ #include <linux/audit.h>
  
  /*
 + * fsnotify_d_instantiate - instantiate a dentry for inode
 + * Called with dcache_lock held.
 + */
 +static inline void fsnotify_d_instantiate(struct dentry *entry,
 +						struct inode *inode)
 +{
 +	inotify_d_instantiate(entry, inode);
 +}
 +
 +/*
 + * fsnotify_d_move - entry has been moved
 + * Called with dcache_lock and entry->d_lock held.
 + */
 +static inline void fsnotify_d_move(struct dentry *entry)
 +{
 +	inotify_d_move(entry);
 +}
 +
 +/*
   * fsnotify_move - file old_name at old_dir was moved to new_name at new_dir
   */
  static inline void fsnotify_move(struct inode *old_dir, struct inode *new_dir,
diff --cc net/core/dev.c
index e0489ca,e9f84a6..8e1dc30
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@@ -111,9 -110,12 +111,10 @@@
  #include <linux/netpoll.h>
  #include <linux/rcupdate.h>
  #include <linux/delay.h>
 -#ifdef CONFIG_NET_RADIO
 -#include <linux/wireless.h>		/* Note : will define WIRELESS_EXT */
 +#include <linux/wireless.h>
  #include <net/iw_handler.h>
 -#endif	/* CONFIG_NET_RADIO */
  #include <asm/current.h>
+ #include <linux/audit.h>
  
  /*
   *	The list of packet types we will receive (as opposed to discard)
diff --cc security/selinux/hooks.c
index ccaf988,81b726b..b61b9554
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@@ -117,8 -117,32 +117,34 @@@ static struct security_operations *seco
  static LIST_HEAD(superblock_security_head);
  static DEFINE_SPINLOCK(sb_security_lock);
  
 +static kmem_cache_t *sel_inode_cache;
 +
+ /* Return security context for a given sid or just the context 
+    length if the buffer is null or length is 0 */
+ static int selinux_getsecurity(u32 sid, void *buffer, size_t size)
+ {
+ 	char *context;
+ 	unsigned len;
+ 	int rc;
+ 
+ 	rc = security_sid_to_context(sid, &context, &len);
+ 	if (rc)
+ 		return rc;
+ 
+ 	if (!buffer || !size)
+ 		goto getsecurity_exit;
+ 
+ 	if (size < len) {
+ 		len = -ERANGE;
+ 		goto getsecurity_exit;
+ 	}
+ 	memcpy(buffer, context, len);
+ 
+ getsecurity_exit:
+ 	kfree(context);
+ 	return len;
+ }
+ 
  /* Allocate and free functions for each kind of security blob. */
  
  static int task_alloc_security(struct task_struct *task)
diff --cc security/selinux/selinuxfs.c
index f5d7836,5eba666..a4efc96
--- a/security/selinux/selinuxfs.c
+++ b/security/selinux/selinuxfs.c
@@@ -262,8 -269,11 +270,11 @@@ static ssize_t sel_write_load(struct fi
  		length = ret;
  	else
  		length = count;
+ 	audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_POLICY_LOAD,
+ 		"policy loaded auid=%u",
+ 		audit_get_loginuid(current->audit_context));
  out:
 -	up(&sel_sem);
 +	mutex_unlock(&sel_mutex);
  	vfree(data);
  	return length;
  }