public inbox for linux-audit@redhat.com
 help / color / mirror / Atom feed
* [PATCH] audit: add containerid support for IMA-audit
@ 2018-03-05 13:43 Mimi Zohar
  2018-03-05 13:50 ` Richard Guy Briggs
  0 siblings, 1 reply; 31+ messages in thread
From: Mimi Zohar @ 2018-03-05 13:43 UTC (permalink / raw)
  To: Richard Guy Briggs
  Cc: containers, Linux-Audit Mailing List, linux-integrity, LKML

Hi Richard,

This patch has been compiled, but not runtime tested.

---

If the containerid is defined, include it in the IMA-audit record.

Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
---
 security/integrity/ima/ima_api.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c
index 33b4458cdbef..41d29a06f28f 100644
--- a/security/integrity/ima/ima_api.c
+++ b/security/integrity/ima/ima_api.c
@@ -335,6 +335,9 @@ void ima_audit_measurement(struct integrity_iint_cache *iint,
 	audit_log_untrustedstring(ab, algo_hash);
 
 	audit_log_task_info(ab, current);
+	if (audit_containerid_set(current))
+		audit_log_format(ab, " contid=%llu",
+				 audit_get_containerid(current));
 	audit_log_end(ab);
 
 	iint->flags |= IMA_AUDITED;
-- 
2.7.5

^ permalink raw reply related	[flat|nested] 31+ messages in thread
end of thread, other threads:[~2018-05-22 14:12 UTC | newest]

Thread overview: 31+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-03-05 13:43 [PATCH] audit: add containerid support for IMA-audit Mimi Zohar
2018-03-05 13:50 ` Richard Guy Briggs
2018-03-05 14:24   ` Mimi Zohar
2018-03-08 11:21     ` Richard Guy Briggs
2018-03-08 18:02       ` Mimi Zohar
2018-03-13  5:53         ` Richard Guy Briggs
2018-05-17 14:18       ` Stefan Berger
2018-05-17 21:30         ` Richard Guy Briggs
2018-05-18 11:49           ` Stefan Berger
2018-05-18 12:53             ` Mimi Zohar
2018-05-18 13:54               ` Stefan Berger
2018-05-18 14:39                 ` Mimi Zohar
2018-05-18 14:52                   ` Stefan Berger
2018-05-18 16:00                     ` Richard Guy Briggs
2018-05-18 15:56                   ` Richard Guy Briggs
2018-05-18 16:34                     ` Mimi Zohar
2018-05-18 16:50                       ` Richard Guy Briggs
2018-05-21 17:21                       ` Steve Grubb
2018-05-21 18:04                         ` Stefan Berger
2018-05-21 18:40                           ` Steve Grubb
2018-05-18 15:51               ` Richard Guy Briggs
     [not found]             ` <86df5c2c-9db3-21b9-b91b-30a4f53f9504-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2018-05-18 15:45               ` Richard Guy Briggs
2018-05-18 16:49                 ` Stefan Berger
     [not found]                   ` <7fdca0e0-19d5-1f08-8aa2-f295ad3a86de-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2018-05-18 17:01                     ` Richard Guy Briggs
2018-05-21 16:58         ` Steve Grubb
2018-05-21 17:53           ` Stefan Berger
     [not found]             ` <21646a72-e782-e33a-9e75-5cc98b241f36-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2018-05-21 18:30               ` Steve Grubb
2018-05-21 21:57                 ` Stefan Berger
2018-05-22 13:43                   ` Richard Guy Briggs
2018-05-22 14:12                     ` Steve Grubb
2018-05-22 14:09                   ` Steve Grubb

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox