audit: listen in all network namespaces

Convert audit from only listening in init_net to use register_pernet_subsys() to dynamically manage the netlink socket list. Signed-off-by: Richard Guy Briggs <rgb@redhat.com> Signed-off-by: Eric Paris <eparis@redhat.com>
2025-07-23 12:43:29 +02:00 · 2013-07-16 13:18:45 -04:00
parent 2f2ad10133
commit 33faba7fa7
3 changed files with 61 additions and 12 deletions
--- a/kernel/audit.h
+++ b/kernel/audit.h
@@ -247,11 +247,16 @@ extern void		    audit_panic(const char *message);

 struct audit_netlink_list {
 	__u32 portid;
+	pid_t pid;
 	struct sk_buff_head q;
 };

 int audit_send_list(void *);

+struct audit_net {
+	struct sock *nlsk;
+};
+
 extern int selinux_audit_rule_update(void);

 extern struct mutex audit_filter_mutex;