From mboxrd@z Thu Jan  1 00:00:00 1970
From: Casey Schaufler <casey@schaufler-ca.com>
Subject: Re: [PATCH][RFC] V1 Remove SELinux dependencies from linux-audit via LSM
Date: Thu, 2 Aug 2007 20:57:36 -0700 (PDT)
Message-ID: <487163.89353.qm@web36606.mail.mud.yahoo.com>
References: <600616.50420.qm@web36614.mail.mud.yahoo.com>
Reply-To: casey@schaufler-ca.com
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7BIT
Return-path: <linux-security-module-owner@vger.kernel.org>
In-Reply-To: <600616.50420.qm@web36614.mail.mud.yahoo.com>
Sender: linux-security-module-owner@vger.kernel.org
To: casey@schaufler-ca.com, LSM List <linux-security-module@vger.kernel.org>, SELinux List <selinux@tycho.nsa.gov>, Audit List <linux-audit@redhat.com>
List-Id: linux-audit@redhat.com


--- Casey Schaufler <casey@schaufler-ca.com> wrote:

> From: Casey Schaufler <casey@schaufler-ca.com>
> 
> This patch removes SELinux specific code from the kernel auditing
> system, replacing it with LSM hook invocations that perform the
> functions appropriate to those behaviors.
> 
> The LSM interface is extended to provide interfaces for a module
> to add audit filters. Interfaces are added to get secids from
> inodes and ipcs.
> 
> The audit code is revised to call these hooks instead of the SELinux
> functions. This requires some structure definitions to change header
> files.
> 
> The SELinux code is changed to export the old interfaces as LSM hooks
> instead of doing so directly. The SELinux specific audit filter code
> has been moved into the SELinux module.
> 
> Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
> 
> ---

Forgot to include: The patch is relative to 2.6.22.



Casey Schaufler
casey@schaufler-ca.com