aha/security
Eric Paris dd8dbf2e68 security: report the module name to security_module_request
For SELinux to do better filtering in userspace we send the name of the
module along with the AVC denial when a program is denied module_request.

Example output:

type=SYSCALL msg=audit(11/03/2009 10:59:43.510:9) : arch=x86_64 syscall=write success=yes exit=2 a0=3 a1=7fc28c0d56c0 a2=2 a3=7fffca0d7440 items=0 ppid=1727 pid=1729 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=rpc.nfsd exe=/usr/sbin/rpc.nfsd subj=system_u:system_r:nfsd_t:s0 key=(null)
type=AVC msg=audit(11/03/2009 10:59:43.510:9) : avc:  denied  { module_request } for  pid=1729 comm=rpc.nfsd kmod="net-pf-10" scontext=system_u:system_r:nfsd_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=system

Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
2009-11-10 09:33:46 +11:00
..
integrity/ima LSM: imbed ima calls in the security hooks 2009-10-25 12:22:48 +08:00
keys KEYS: Have the garbage collector set its timer for live expired keys 2009-09-23 11:03:47 -07:00
selinux security: report the module name to security_module_request 2009-11-10 09:33:46 +11:00
smack seq_file: constify seq_operations 2009-09-23 07:39:29 -07:00
tomoyo tomoyo: improve hash bucket dispersion 2009-10-29 11:17:33 +11:00
capability.c security: report the module name to security_module_request 2009-11-10 09:33:46 +11:00
commoncap.c security: remove root_plug 2009-10-20 14:26:16 +09:00
device_cgroup.c cgroups: let ss->can_attach and ss->attach do whole threadgroups at a time 2009-09-24 07:20:58 -07:00
inode.c securityfs: securityfs_remove should handle IS_ERR pointers 2009-05-12 11:06:11 +10:00
Kconfig Config option to set a default LSM 2009-11-09 08:40:07 +11:00
lsm_audit.c security: report the module name to security_module_request 2009-11-10 09:33:46 +11:00
Makefile security: remove root_plug 2009-10-20 14:26:16 +09:00
min_addr.c sysctl: require CAP_SYS_RAWIO to set mmap_min_addr 2009-11-09 08:34:22 +11:00
security.c security: report the module name to security_module_request 2009-11-10 09:33:46 +11:00