diff options
| author | Casey Schaufler <casey@schaufler-ca.com> | 2025-08-16 10:28:59 -0700 |
|---|---|---|
| committer | Paul Moore <paul@paul-moore.com> | 2025-08-30 10:15:30 -0400 |
| commit | 0ffbc876d03c80b83d70aeefac7bbb94a9f4e135 (patch) | |
| tree | b9a675ed45249069eb4440e46ad95be11648c3ca /security/smack/smack_lsm.c | |
| parent | audit: add record for multiple task security contexts (diff) | |
| download | linux-0ffbc876d03c80b83d70aeefac7bbb94a9f4e135.tar.gz linux-0ffbc876d03c80b83d70aeefac7bbb94a9f4e135.zip | |
audit: add record for multiple object contexts
Create a new audit record AUDIT_MAC_OBJ_CONTEXTS.
An example of the MAC_OBJ_CONTEXTS record is:
type=MAC_OBJ_CONTEXTS
msg=audit(1601152467.009:1050):
obj_selinux=unconfined_u:object_r:user_home_t:s0
When an audit event includes a AUDIT_MAC_OBJ_CONTEXTS record
the "obj=" field in other records in the event will be "obj=?".
An AUDIT_MAC_OBJ_CONTEXTS record is supplied when the system has
multiple security modules that may make access decisions based
on an object security context.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
[PM: subj tweak, audit example readability indents]
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'security/smack/smack_lsm.c')
| -rw-r--r-- | security/smack/smack_lsm.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index eaff9b8901a7..fdf2f193a291 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -5268,7 +5268,9 @@ static __init int smack_init(void) init_smack_known_list(); /* Inform the audit system that secctx is used */ - audit_cfg_lsm(&smack_lsmid, AUDIT_CFG_LSM_SECCTX_SUBJECT); + audit_cfg_lsm(&smack_lsmid, + AUDIT_CFG_LSM_SECCTX_SUBJECT | + AUDIT_CFG_LSM_SECCTX_OBJECT); return 0; } |