Re: [PATCH v3 4/5] Audit: multiple subject lsm values for netlabel

(off-list ancestor, not in this archive)
[PATCH v3 0/5] Audit: Records for multiple security contexts · Casey Schaufler <casey@schaufler-ca.com> · 2025-03-19
[PATCH v3 2/5] LSM: security_lsmblob_to_secctx module selection · Casey Schaufler <casey@schaufler-ca.com> · 2025-03-19
Re: [PATCH v3 2/5] LSM: security_lsmblob_to_secctx module selection · Fan Wu <wufan@kernel.org> · 2025-03-25
Re: [PATCH v3 2/5] LSM: security_lsmblob_to_secctx module selection · Casey Schaufler <casey@schaufler-ca.com> · 2025-03-26
Re: [PATCH v3 2/5] LSM: security_lsmblob_to_secctx module selection · Paul Moore <paul@paul-moore.com> · 2025-04-24
[PATCH v3 1/5] Audit: Create audit_stamp structure · Casey Schaufler <casey@schaufler-ca.com> · 2025-03-19
Re: [PATCH v3 1/5] Audit: Create audit_stamp structure · Paul Moore <paul@paul-moore.com> · 2025-04-24
[PATCH v3 4/5] Audit: multiple subject lsm values for netlabel · Casey Schaufler <casey@schaufler-ca.com> · 2025-03-19
Re: [PATCH v3 4/5] Audit: multiple subject lsm values for netlabel · Paul Moore <paul@paul-moore.com> · 2025-04-24
Re: [PATCH v3 4/5] Audit: multiple subject lsm values for netlabel · Casey Schaufler <casey@schaufler-ca.com> · 2025-04-30
Re: [PATCH v3 4/5] Audit: multiple subject lsm values for netlabel · Paul Moore <paul@paul-moore.com> · 2025-04-30
Re: [PATCH v3 4/5] Audit: multiple subject lsm values for netlabel · Casey Schaufler <casey@schaufler-ca.com> · 2025-04-30
[PATCH v3 3/5] Audit: Add record for multiple task security contexts · Casey Schaufler <casey@schaufler-ca.com> · 2025-03-19
Re: [PATCH v3 3/5] Audit: Add record for multiple task security contexts · Paul Moore <paul@paul-moore.com> · 2025-04-24
[PATCH v3 5/5] Audit: Add record for multiple object contexts · Casey Schaufler <casey@schaufler-ca.com> · 2025-03-19
Re: [PATCH v3 5/5] Audit: Add record for multiple object contexts · Paul Moore <paul@paul-moore.com> · 2025-04-24

From: Casey Schaufler <casey@schaufler-ca.com>
Date: 2025-04-30 16:25:30
Also in: lkml, selinux

On 4/24/2025 3:18 PM, Paul Moore wrote:

On Mar 19, 2025 Casey Schaufler [off-list ref] wrote:

quoted

Refactor audit_log_task_context(), creating a new audit_log_subj_ctx().
This is used in netlabel auditing to provide multiple subject security
contexts as necessary.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
---
 include/linux/audit.h        |  7 +++++++
 kernel/audit.c               | 28 +++++++++++++++++++++-------
 net/netlabel/netlabel_user.c |  9 +--------
 3 files changed, 29 insertions(+), 15 deletions(-)

Other than moving to the subject count supplied by the LSM
initialization patchset previously mentioned, this looks fine to me.

I'm perfectly willing to switch once the LSM initialization patch set
moves past RFC.

--
paul-moore.com

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help