* [meta-selinux][PATCH] audit: Enable ARM System Call Audit in user space.
@ 2014-04-24 8:34 Kai Kang
2014-04-24 23:58 ` Joe MacDonald
0 siblings, 1 reply; 2+ messages in thread
From: Kai Kang @ 2014-04-24 8:34 UTC (permalink / raw)
To: yocto
From: Han Chao <chan@windriver.com>
Audit System Call needs kernel and user space support.
In user space it needs system call table for ARM. It also needs a
configure option --with-armeb for build audit. Audit system call also
needs enable kernel config CONFIG_AUDITSYSCALL.
Signed-off-by: Han Chao <chan@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
---
.../audit/add-system-call-table-for-ARM.patch | 46 ++++++++++++++++++++++
recipes-security/audit/audit_2.3.2.bb | 2 +
2 files changed, 48 insertions(+)
create mode 100644 recipes-security/audit/audit/add-system-call-table-for-ARM.patch
diff --git a/recipes-security/audit/audit/add-system-call-table-for-ARM.patch b/recipes-security/audit/audit/add-system-call-table-for-ARM.patch
new file mode 100644
index 0000000..ad94d11
--- /dev/null
+++ b/recipes-security/audit/audit/add-system-call-table-for-ARM.patch
@@ -0,0 +1,46 @@
+From 52ff74be2f01182ed9d4fcc3da059512fad63d72 Mon Sep 17 00:00:00 2001
+From: Han Chao <chan@windriver.com>
+Date: Thu, 27 Feb 2014 14:58:57 +0800
+Subject: [PATCH] add system call table for ARM.
+
+This change enable audit system call on ARM.
+Add arm System call table on machinetabs.h.
+Audit system call need enable kernel config CONFIG_AUDITSYSCALL.
+
+Signed-off-by: Han Chao <chan@windriver.com>
+---
+ lib/machinetabs.h | 11 ++++++-----
+ 1 file changed, 6 insertions(+), 5 deletions(-)
+
+diff --git a/lib/machinetabs.h b/lib/machinetabs.h
+index ec2d033..1c2e284 100644
+--- a/lib/machinetabs.h
++++ b/lib/machinetabs.h
+@@ -1,10 +1,11 @@
+-/* This is a generated file, see Makefile.am for its inputs. */
+-static const char machine_strings[] = "i386\0i486\0i586\0i686\0ia64\0ppc\0ppc64\0s390\0s390x\0x86_64";
++/* Such is aways generated file, see Makefile.am for its inputs.
++ * But this version is not generated file, which is for ARM. */
++static const char machine_strings[] = "armeb\0armv5tejl\0armv5tel\0armv6l\0armv7l";
+ static const unsigned machine_s2i_s[] = {
+- 0,5,10,15,20,25,29,35,40,46,
++ 0,6,16,25,32,
+ };
+ static const int machine_s2i_i[] = {
+- 0,0,0,0,2,4,3,6,5,1,
++ 8,8,8,8,8,
+ };
+ static int machine_s2i(const char *s, int *value) {
+ size_t len, i;
+@@ -19,7 +20,7 @@ static int machine_s2i(const char *s, int *value) {
+ }
+ }
+ static const unsigned machine_i2s_direct[] = {
+- 0,46,20,29,25,40,35,
++ 39,85,59,68,64,
+ };
+ static const char *machine_i2s(int v) {
+ return i2s_direct__(machine_strings, machine_i2s_direct, 0, 6, v);
+--
+1.7.9.5
+
diff --git a/recipes-security/audit/audit_2.3.2.bb b/recipes-security/audit/audit_2.3.2.bb
index ae6556f..4baf7a0 100644
--- a/recipes-security/audit/audit_2.3.2.bb
+++ b/recipes-security/audit/audit_2.3.2.bb
@@ -18,6 +18,7 @@ SRC_URI = "http://people.redhat.com/sgrubb/audit/audit-${PV}.tar.gz \
file://auditd.service \
file://audit-volatile.conf \
"
+SRC_URI_append_arm = "file://add-system-call-table-for-ARM.patch"
inherit autotools pythonnative update-rc.d systemd
@@ -41,6 +42,7 @@ EXTRA_OECONF += "--without-prelude \
--libdir=${base_libdir} \
--sbindir=${base_sbindir} \
"
+EXTRA_OECONF_append_arm = " --with-armeb=yes"
EXTRA_OEMAKE += "PYLIBVER='python${PYTHON_BASEVERSION}' \
PYINC='${STAGING_INCDIR}/$(PYLIBVER)' \
--
1.8.4
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [meta-selinux][PATCH] audit: Enable ARM System Call Audit in user space.
2014-04-24 8:34 [meta-selinux][PATCH] audit: Enable ARM System Call Audit in user space Kai Kang
@ 2014-04-24 23:58 ` Joe MacDonald
0 siblings, 0 replies; 2+ messages in thread
From: Joe MacDonald @ 2014-04-24 23:58 UTC (permalink / raw)
To: Kai Kang; +Cc: yocto
[-- Attachment #1: Type: text/plain, Size: 3743 bytes --]
Merged, thanks.
-J.
[[yocto] [meta-selinux][PATCH] audit: Enable ARM System Call Audit in user space.] On 14.04.24 (Thu 16:34) Kai Kang wrote:
> From: Han Chao <chan@windriver.com>
>
> Audit System Call needs kernel and user space support.
>
> In user space it needs system call table for ARM. It also needs a
> configure option --with-armeb for build audit. Audit system call also
> needs enable kernel config CONFIG_AUDITSYSCALL.
>
> Signed-off-by: Han Chao <chan@windriver.com>
> Signed-off-by: Kai Kang <kai.kang@windriver.com>
> ---
> .../audit/add-system-call-table-for-ARM.patch | 46 ++++++++++++++++++++++
> recipes-security/audit/audit_2.3.2.bb | 2 +
> 2 files changed, 48 insertions(+)
> create mode 100644 recipes-security/audit/audit/add-system-call-table-for-ARM.patch
>
> diff --git a/recipes-security/audit/audit/add-system-call-table-for-ARM.patch b/recipes-security/audit/audit/add-system-call-table-for-ARM.patch
> new file mode 100644
> index 0000000..ad94d11
> --- /dev/null
> +++ b/recipes-security/audit/audit/add-system-call-table-for-ARM.patch
> @@ -0,0 +1,46 @@
> +From 52ff74be2f01182ed9d4fcc3da059512fad63d72 Mon Sep 17 00:00:00 2001
> +From: Han Chao <chan@windriver.com>
> +Date: Thu, 27 Feb 2014 14:58:57 +0800
> +Subject: [PATCH] add system call table for ARM.
> +
> +This change enable audit system call on ARM.
> +Add arm System call table on machinetabs.h.
> +Audit system call need enable kernel config CONFIG_AUDITSYSCALL.
> +
> +Signed-off-by: Han Chao <chan@windriver.com>
> +---
> + lib/machinetabs.h | 11 ++++++-----
> + 1 file changed, 6 insertions(+), 5 deletions(-)
> +
> +diff --git a/lib/machinetabs.h b/lib/machinetabs.h
> +index ec2d033..1c2e284 100644
> +--- a/lib/machinetabs.h
> ++++ b/lib/machinetabs.h
> +@@ -1,10 +1,11 @@
> +-/* This is a generated file, see Makefile.am for its inputs. */
> +-static const char machine_strings[] = "i386\0i486\0i586\0i686\0ia64\0ppc\0ppc64\0s390\0s390x\0x86_64";
> ++/* Such is aways generated file, see Makefile.am for its inputs.
> ++ * But this version is not generated file, which is for ARM. */
> ++static const char machine_strings[] = "armeb\0armv5tejl\0armv5tel\0armv6l\0armv7l";
> + static const unsigned machine_s2i_s[] = {
> +- 0,5,10,15,20,25,29,35,40,46,
> ++ 0,6,16,25,32,
> + };
> + static const int machine_s2i_i[] = {
> +- 0,0,0,0,2,4,3,6,5,1,
> ++ 8,8,8,8,8,
> + };
> + static int machine_s2i(const char *s, int *value) {
> + size_t len, i;
> +@@ -19,7 +20,7 @@ static int machine_s2i(const char *s, int *value) {
> + }
> + }
> + static const unsigned machine_i2s_direct[] = {
> +- 0,46,20,29,25,40,35,
> ++ 39,85,59,68,64,
> + };
> + static const char *machine_i2s(int v) {
> + return i2s_direct__(machine_strings, machine_i2s_direct, 0, 6, v);
> +--
> +1.7.9.5
> +
> diff --git a/recipes-security/audit/audit_2.3.2.bb b/recipes-security/audit/audit_2.3.2.bb
> index ae6556f..4baf7a0 100644
> --- a/recipes-security/audit/audit_2.3.2.bb
> +++ b/recipes-security/audit/audit_2.3.2.bb
> @@ -18,6 +18,7 @@ SRC_URI = "http://people.redhat.com/sgrubb/audit/audit-${PV}.tar.gz \
> file://auditd.service \
> file://audit-volatile.conf \
> "
> +SRC_URI_append_arm = "file://add-system-call-table-for-ARM.patch"
>
> inherit autotools pythonnative update-rc.d systemd
>
> @@ -41,6 +42,7 @@ EXTRA_OECONF += "--without-prelude \
> --libdir=${base_libdir} \
> --sbindir=${base_sbindir} \
> "
> +EXTRA_OECONF_append_arm = " --with-armeb=yes"
>
> EXTRA_OEMAKE += "PYLIBVER='python${PYTHON_BASEVERSION}' \
> PYINC='${STAGING_INCDIR}/$(PYLIBVER)' \
> --
> 1.8.4
>
--
-Joe MacDonald.
:wq
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 205 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2014-04-24 23:58 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-04-24 8:34 [meta-selinux][PATCH] audit: Enable ARM System Call Audit in user space Kai Kang
2014-04-24 23:58 ` Joe MacDonald
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.