1
linux/include
Peter Zijlstra bdf4c48af2 audit: rework execve audit
The purpose of audit_bprm() is to log the argv array to a userspace daemon at
the end of the execve system call.  Since user-space hasn't had time to run,
this array is still in pristine state on the process' stack; so no need to
copy it, we can just grab it from there.

In order to minimize the damage to audit_log_*() copy each string into a
temporary kernel buffer first.

Currently the audit code requires that the full argument vector fits in a
single packet.  So currently it does clip the argv size to a (sysctl) limit,
but only when execve auditing is enabled.

If the audit protocol gets extended to allow for multiple packets this check
can be removed.

Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Signed-off-by: Ollie Wild <aaw@google.com>
Cc: <linux-audit@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-07-19 10:04:45 -07:00
..
acpi Pull osi-now into release branch 2007-06-02 01:02:09 -04:00
asm-alpha arch: personality independent stack top 2007-07-19 10:04:45 -07:00
asm-arm arch: personality independent stack top 2007-07-19 10:04:45 -07:00
asm-arm26 arch: personality independent stack top 2007-07-19 10:04:45 -07:00
asm-avr32 arch: personality independent stack top 2007-07-19 10:04:45 -07:00
asm-blackfin fbdev: detect primary display device 2007-07-17 10:23:11 -07:00
asm-cris arch: personality independent stack top 2007-07-19 10:04:45 -07:00
asm-frv arch: personality independent stack top 2007-07-19 10:04:45 -07:00
asm-generic define new percpu interface for shared data 2007-07-19 10:04:44 -07:00
asm-h8300 arch: personality independent stack top 2007-07-19 10:04:45 -07:00
asm-i386 arch: personality independent stack top 2007-07-19 10:04:45 -07:00
asm-ia64 arch: personality independent stack top 2007-07-19 10:04:45 -07:00
asm-m32r arch: personality independent stack top 2007-07-19 10:04:45 -07:00
asm-m68k arch: personality independent stack top 2007-07-19 10:04:45 -07:00
asm-m68knommu fbdev: detect primary display device 2007-07-17 10:23:11 -07:00
asm-mips arch: personality independent stack top 2007-07-19 10:04:45 -07:00
asm-parisc arch: personality independent stack top 2007-07-19 10:04:45 -07:00
asm-powerpc arch: personality independent stack top 2007-07-19 10:04:45 -07:00
asm-ppc mm: remove ptep_test_and_clear_dirty and ptep_clear_flush_dirty 2007-07-17 10:22:59 -07:00
asm-s390 arch: personality independent stack top 2007-07-19 10:04:45 -07:00
asm-sh arch: personality independent stack top 2007-07-19 10:04:45 -07:00
asm-sh64 arch: personality independent stack top 2007-07-19 10:04:45 -07:00
asm-sparc arch: personality independent stack top 2007-07-19 10:04:45 -07:00
asm-sparc64 arch: personality independent stack top 2007-07-19 10:04:45 -07:00
asm-um arch: personality independent stack top 2007-07-19 10:04:45 -07:00
asm-v850 fbdev: detect primary display device 2007-07-17 10:23:11 -07:00
asm-x86_64 arch: personality independent stack top 2007-07-19 10:04:45 -07:00
asm-xtensa arch: personality independent stack top 2007-07-19 10:04:45 -07:00
crypto [CRYPTO] cryptd: Add software async crypto daemon 2007-05-02 14:38:32 +10:00
keys [AF_RXRPC]: Provide secure RxRPC sockets for use by userspace and kernel both 2007-04-26 15:48:28 -07:00
linux audit: rework execve audit 2007-07-19 10:04:45 -07:00
math-emu Delete unused header file math-emu/extended.h 2007-05-08 11:15:05 -07:00
media V4L/DVB (5835): saa7146/dvb-ttpci: Fix signedness warnings (gcc 4.1.1, kernel 2.6.22) 2007-07-18 14:24:44 -03:00
mtd UBI: kill homegrown endian macros 2007-07-18 16:53:49 +03:00
net [XFRM]: Fix crash introduced by struct dst_entry reordering 2007-07-18 01:55:52 -07:00
pcmcia PCMCIA-NETDEV : add new ID of lan&modem multifunction card 2007-07-08 22:16:39 -04:00
rdma IB/cm: Include HCA ACK delay in local ACK timeout 2007-07-10 21:50:05 -07:00
rxrpc [AF_RXRPC]: Delete the old RxRPC code. 2007-04-26 15:55:48 -07:00
scsi [SCSI] Remove unused method scsi_device_cancel 2007-07-14 16:01:16 -05:00
sound [ALSA] version 1.0.14 2007-05-31 11:03:27 +02:00
video tgafb: actually allocate memory for the pseudo_palette 2007-07-17 10:23:12 -07:00
xen xen: Place vcpu_info structure into per-cpu memory 2007-07-18 08:47:45 -07:00
Kbuild