From: Tyler Hicks <tyhicks-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org>
To: Kees Cook <keescook-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org>
Cc: Andy Lutomirski <luto-kltTT9wpgjJwATOyAt5JVQ@public.gmane.org>,
Will Drewry <wad-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org>,
Paul Moore <paul-r2n+y4ga6xFZroRs9YW3xA@public.gmane.org>,
Eric Paris <eparis-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
John Crispin <john-Pj+rj9U5foFAfugRpC6u6w@public.gmane.org>,
linux-audit-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org,
linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
Subject: [PATCH v5 0/6] Improved seccomp logging
Date: Fri, 28 Jul 2017 20:55:46 +0000 [thread overview]
Message-ID: <1501275352-30045-1-git-send-email-tyhicks@canonical.com> (raw)
This is an update to the previous seccomp logging patch sets. The main
difference in this revision compared to the last is that the application now
has the ability to request that all actions in a filter, except for RET_ALLOW,
should be logged. This is done with a new filter flag. In support of that
change, the log_max_action sysctl was renamed to actions_logged as it now lists
the actions that an admin has allowed to be logged. The admin has the final say
in what actions get logged.
Please see the individual patches for summaries of changes since the last
revision.
Thanks!
Tyler
next reply other threads:[~2017-07-28 20:55 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-07-28 20:55 Tyler Hicks [this message]
2017-07-28 20:55 ` [PATCH v5 1/6] seccomp: Sysctl to display available actions Tyler Hicks
2017-08-03 16:37 ` Kees Cook
2017-08-04 0:46 ` Tyler Hicks
[not found] ` <1501275352-30045-1-git-send-email-tyhicks-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org>
2017-07-28 20:55 ` [PATCH v5 2/6] seccomp: Sysctl to configure actions that are allowed to be logged Tyler Hicks
[not found] ` <1501275352-30045-3-git-send-email-tyhicks-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org>
2017-08-03 16:33 ` Kees Cook
[not found] ` <CAGXu5jJXRGvM8OajE3-QHOhZKUyPi1n4Gi20vHersVEGXvJYiQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-08-04 22:24 ` Tyler Hicks
[not found] ` <f1bcb30e-7600-3363-9c30-f7f2551a72d7-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org>
2017-08-07 19:16 ` Tyler Hicks
2017-08-10 23:58 ` Tyler Hicks
2017-07-28 20:55 ` [PATCH v5 3/6] seccomp: Filter flag to log all actions except SECCOMP_RET_ALLOW Tyler Hicks
2017-08-03 16:51 ` Kees Cook
[not found] ` <CAGXu5jJ_1G0GoV_Gd4YKKO+v=hCwc=Y7NPrz1oHqYWguGJ5fZw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-08-04 22:54 ` Tyler Hicks
2017-07-28 20:55 ` [PATCH v5 4/6] seccomp: Operation for checking if an action is available Tyler Hicks
2017-08-03 16:54 ` Kees Cook
[not found] ` <CAGXu5j+FyiCM5dZXtPDzvuxTWLtGRxnY6rUPNXK_gC7fUVD5kA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-08-04 22:56 ` Tyler Hicks
2017-07-28 20:55 ` [PATCH v5 5/6] seccomp: Action to log before allowing Tyler Hicks
2017-08-03 16:56 ` Kees Cook
[not found] ` <CAGXu5j+OBvR_r7nkW3e-Ea16UygfqeFfQNm_w51TopLtf7AD6w-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-08-04 22:57 ` Tyler Hicks
2017-07-28 20:55 ` [PATCH v5 6/6] seccomp: Selftest for detection of filter flag support Tyler Hicks
2017-08-03 16:58 ` Kees Cook
[not found] ` <CAGXu5j+jFK9QzHhMG532cs-J1DUxdnt7890-psqJh6uYdeppcQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-08-04 22:57 ` Tyler Hicks
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1501275352-30045-1-git-send-email-tyhicks@canonical.com \
--to=tyhicks-z7wlfzj8ewms+fvcfc7uqw@public.gmane.org \
--cc=eparis-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=john-Pj+rj9U5foFAfugRpC6u6w@public.gmane.org \
--cc=keescook-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org \
--cc=linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-audit-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=luto-kltTT9wpgjJwATOyAt5JVQ@public.gmane.org \
--cc=paul-r2n+y4ga6xFZroRs9YW3xA@public.gmane.org \
--cc=wad-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).