rity-checksum sector=77480 res=0
Michael Weiß (3):
dm: introduce audit event module for device mapper
dm integrity: log audit events for dm-integrity target
dm crypt: log aead integrity violations to audit subsystem
drivers/md/Kconfig | 10 +++
drivers/md/Makefile| 4 +++
/uapi/linux/audit.h' for
those events.
Following commits to device mapper targets actually will make
use of this to emit those events in relevant cases.
Signed-off-by: Michael Weiß
---
drivers/md/Kconfig | 10 +++
drivers/md/Makefile| 4 +++
drivers/md/dm-audit.c
errors.
The construction and destruction of integrity device mappings are
also relevant for auditing a system. Thus, those events are also
logged as audit events.
Signed-off-by: Michael Weiß
---
drivers/md/dm-integrity.c | 25 +
1 file changed, 21 insertions(+), 4 deletions
are also
logged as audit events.
Signed-off-by: Michael Weiß
---
drivers/md/dm-crypt.c | 23 +++
1 file changed, 19 insertions(+), 4 deletions(-)
diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c
index 50f4cbd600d5..343aef4dcf5e 100644
--- a/drivers/md/dm-crypt.c
+++ b
are also
logged as audit events.
Signed-off-by: Michael Weiß
---
drivers/md/dm-crypt.c | 22 ++
1 file changed, 18 insertions(+), 4 deletions(-)
diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c
index 50f4cbd600d5..2a336eacb50c 100644
--- a/drivers/md/dm-crypt.c
+++ b
rity-checksum sector=77480 res=0
v2 Changes:
- Fixed compile errors if CONFIG_DM_AUDIT is not set
- Fixed formatting and typos as suggested by Casey
Michael Weiß (3):
dm: introduce audit event module for device mapper
dm integrity: log audit events for dm-integrity target
dm crypt: log a
/uapi/linux/audit.h' for
those events.
Following commits to device mapper targets actually will make
use of this to emit those events in relevant cases.
Signed-off-by: Michael Weiß
---
drivers/md/Kconfig | 10 +++
drivers/md/Makefile| 4 +++
drivers/md/dm-audit.c
errors.
The construction and destruction of integrity device mappings are
also relevant for auditing a system. Thus, those events are also
logged as audit events.
Signed-off-by: Michael Weiß
---
drivers/md/dm-integrity.c | 25 +
1 file changed, 21 insertions(+), 4 deletions
=254:3 sector 77480 res=0
v3 Changes:
- Use of two audit event types AUDIT_DM_EVENT und AUDIT_DM_CTRL
- Additionally use audit_log_task_info in case of AUDIT_DM_CTRL messages
- Provide consistent fields per message type as suggested by Paul
- Added sample events to commit message of [1/3] as suggeste
are also
logged as audit events.
Signed-off-by: Michael Weiß
---
drivers/md/dm-crypt.c | 22 ++
1 file changed, 18 insertions(+), 4 deletions(-)
diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c
index 50f4cbd600d5..5e02002345fa 100644
--- a/drivers/md/dm-crypt.c
+++ b
errors.
The construction and destruction of integrity device mappings are
also relevant for auditing a system. Thus, those events are also
logged as audit events.
Signed-off-by: Michael Weiß
---
drivers/md/dm-integrity.c | 25 +
1 file changed, 21 insertions(+), 4 deletions
4:3 sector 77480 res=0
type=UNKNOWN[1337] msg=audit(1630425112.119:202): module=integrity
op=integrity-checksum dev=254:3 sector 77480 res=0
type=UNKNOWN[1337] msg=audit(1630425112.119:203): module=integrity
op=integrity-checksum dev=254:3 sector 77480 res=0
Signed-off-by: Michael Weiß
---
drivers/m
errors.
The construction and destruction of integrity device mappings are
also relevant for auditing a system. Thus, those events are also
logged as audit events.
Signed-off-by: Michael Weiß
---
drivers/md/dm-integrity.c | 25 +
1 file changed, 21 insertions(+), 4 deletions
d AUDIT_DM_CTRL
- Additionaly use audit_log_task_info in case of AUDIT_DM_CTRL messages
- Provide consistent fields per message type as suggested by Paul
- Added sample events to commit message of [1/3] as suggested by Paul
- Rebased on v5.14
v2 Changes:
- Fixed compile errors if CONFIG_DM_AUDIT is
are also
logged as audit events.
Signed-off-by: Michael Weiß
---
drivers/md/dm-crypt.c | 22 ++
1 file changed, 18 insertions(+), 4 deletions(-)
diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c
index 50f4cbd600d5..5e02002345fa 100644
--- a/drivers/md/dm-crypt.c
+++ b
4:3 sector=77480 res=0
type=UNKNOWN[1337] msg=audit(1630425112.119:202): module=integrity
op=integrity-checksum dev=254:3 sector=77480 res=0
type=UNKNOWN[1337] msg=audit(1630425112.119:203): module=integrity
op=integrity-checksum dev=254:3 sector=77480 res=0
Signed-off-by: Michael Weiß
---
drivers/m
erify-data dev=7:0 sector=1000 res=0
...
type=DM_EVENT msg=audit(1677619596.727:1162): module=verity
op=verify-data dev=7:0 sector=1000 res=0
type=DM_EVENT msg=audit(1677619596.731:1163): module=verity
op=max-corrupted-errors dev=254:3 sector=? res=0
Signed-off-by: Michael Weiß
---
On 02.03.23 03:25, Paul Moore wrote:
> On Wed, Mar 1, 2023 at 6:34 AM Michael Weiß
> wrote:
>>
>> dm-verity signals integrity violations by returning I/O errors
>> to user space. To identify integrity violations by a controlling
>> instance, the kernel audit subsy
18 matches
Mail list logo
