From mboxrd@z Thu Jan  1 00:00:00 1970
From: Marcelo Cerri <mhcerri@linux.vnet.ibm.com>
Subject: [PATCH 0/2] Improvements to AVC record matching
Date: Mon, 20 Feb 2012 16:15:45 -0200
Message-ID: <1329761747-27905-1-git-send-email-mhcerri@linux.vnet.ibm.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <linux-audit-bounces@redhat.com>
Received: from mx1.redhat.com (ext-mx14.extmail.prod.ext.phx2.redhat.com
	[10.5.110.19])
	by int-mx11.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP
	id q1KIFtcn015434
	for <linux-audit@redhat.com>; Mon, 20 Feb 2012 13:15:55 -0500
Received: from e24smtp04.br.ibm.com (e24smtp04.br.ibm.com [32.104.18.25])
	by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id q1KIFsYD023926
	for <linux-audit@redhat.com>; Mon, 20 Feb 2012 13:15:54 -0500
Received: from /spool/local
	by e24smtp04.br.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use
	Only! Violators will be prosecuted
	for <linux-audit@redhat.com> from <mhcerri@linux.vnet.ibm.com>;
	Mon, 20 Feb 2012 16:15:52 -0200
Received: from mailhub3.br.ibm.com (mailhub3.br.ibm.com [9.18.232.110])
	by d24dlp01.br.ibm.com (Postfix) with ESMTP id 072C5352004A
	for <linux-audit@redhat.com>; Mon, 20 Feb 2012 16:15:50 -0200 (BRST)
Received: from d24av01.br.ibm.com (d24av01.br.ibm.com [9.8.31.91])
	by mailhub3.br.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id
	q1KIHb5J1470696
	for <linux-audit@redhat.com>; Mon, 20 Feb 2012 16:17:38 -0200
Received: from d24av01.br.ibm.com (loopback [127.0.0.1])
	by d24av01.br.ibm.com (8.14.4/8.13.1/NCO v10.0 AVout) with ESMTP id
	q1KGFgTS014219
	for <linux-audit@redhat.com>; Mon, 20 Feb 2012 14:15:43 -0200
List-Unsubscribe: <https://www.redhat.com/mailman/options/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/linux-audit>
List-Post: <mailto:linux-audit@redhat.com>
List-Help: <mailto:linux-audit-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=subscribe>
Sender: linux-audit-bounces@redhat.com
Errors-To: linux-audit-bounces@redhat.com
To: linux-audit@redhat.com
Cc: gcwilson@us.ibm.com, bryntcor@us.ibm.com
List-Id: linux-audit@redhat.com

This set of patches is intended to improve how auvirt matches AVC records.
Currently, auvirt just matches AVC records generated by SELinux that have a
guest context as target context.

With the first patch, auvirt will also match records that have a guest context
as source context, which means that denied actions performed by a guest will
also be matched.

The second patch adds similar support for AVC records generated by AppArmor.
With this patch, auvirt will match AVC records generated due to an AppArmor
profile generated by libvirt to a guest. It will also match AVC records which
the target is one of the resources assigned to a guest.


Marcelo Cerri (2):
  auvirt: Improve matching of AVC records generated by SELinux
  auvirt: Add support for AVC records generated by AppArmor

 tools/auvirt/auvirt.c |  276 +++++++++++++++++++++++++++++++++++++++++++++----
 1 files changed, 256 insertions(+), 20 deletions(-)