Gentwo Git Trees - linux/.git/commit

author	Casey Schaufler <casey@schaufler-ca.com>
	Sat, 16 Aug 2025 17:28:59 +0000 (10:28 -0700)
committer	Paul Moore <paul@paul-moore.com>
	Sat, 30 Aug 2025 14:15:30 +0000 (10:15 -0400)
commit	0ffbc876d03c80b83d70aeefac7bbb94a9f4e135
tree	b9a675ed45249069eb4440e46ad95be11648c3ca	tree \| snapshot
parent	eb59d494eebd4c5414728a35cdea6a0ba78ff26e	commit \| diff

audit: add record for multiple object contexts

Create a new audit record AUDIT_MAC_OBJ_CONTEXTS.
An example of the MAC_OBJ_CONTEXTS record is:

    type=MAC_OBJ_CONTEXTS
      msg=audit(1601152467.009:1050):
      obj_selinux=unconfined_u:object_r:user_home_t:s0

When an audit event includes a AUDIT_MAC_OBJ_CONTEXTS record
the "obj=" field in other records in the event will be "obj=?".
An AUDIT_MAC_OBJ_CONTEXTS record is supplied when the system has
multiple security modules that may make access decisions based
on an object security context.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
[PM: subj tweak, audit example readability indents]
Signed-off-by: Paul Moore <paul@paul-moore.com>

include/linux/audit.h		diff \| blob \| blame \| history
include/uapi/linux/audit.h		diff \| blob \| blame \| history
kernel/audit.c		diff \| blob \| blame \| history
kernel/auditsc.c		diff \| blob \| blame \| history
security/selinux/hooks.c		diff \| blob \| blame \| history
security/smack/smack_lsm.c		diff \| blob \| blame \| history