(empty log message)
@@ -3,7 +3,7 @@ | ||
3 | 3 | * |
4 | 4 | * Copyright (C) 2005-2012 NTT DATA CORPORATION |
5 | 5 | * |
6 | - * Version: 1.8.4 2015/07/11 | |
6 | + * Version: 1.8.4 2015/07/21 | |
7 | 7 | */ |
8 | 8 | |
9 | 9 | #ifndef _LINUX_LSM2CAITSITH_H |
@@ -3,7 +3,7 @@ | ||
3 | 3 | * |
4 | 4 | * Copyright (C) 2005-2012 NTT DATA CORPORATION |
5 | 5 | * |
6 | - * Version: 0.1.13 2015/06/06 | |
6 | + * Version: 0.1.14 2015/07/21 | |
7 | 7 | */ |
8 | 8 | |
9 | 9 | #ifndef _LINUX_CAITSITH_H |
@@ -3,7 +3,7 @@ | ||
3 | 3 | * |
4 | 4 | * Copyright (C) 2005-2012 NTT DATA CORPORATION |
5 | 5 | * |
6 | - * Version: 0.1.13 2015/06/06 | |
6 | + * Version: 0.1.14 2015/07/21 | |
7 | 7 | */ |
8 | 8 | |
9 | 9 | #include "internal.h" |
@@ -2197,7 +2197,7 @@ | ||
2197 | 2197 | static void cs_check_profile(void) |
2198 | 2198 | { |
2199 | 2199 | cs_policy_loaded = true; |
2200 | - printk(KERN_INFO "CaitSith: 0.1.13 2015/06/06\n"); | |
2200 | + printk(KERN_INFO "CaitSith: 0.1.14 2015/07/21\n"); | |
2201 | 2201 | if (cs_policy_version == 20120401) { |
2202 | 2202 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 2, 0) && defined(CONFIG_SECURITY) |
2203 | 2203 | caitsith_exports.add_hooks(); |
@@ -3111,7 +3111,7 @@ | ||
3111 | 3111 | { |
3112 | 3112 | if (head->r.eof) |
3113 | 3113 | return; |
3114 | - cs_set_string(head, "0.1.13"); | |
3114 | + cs_set_string(head, "0.1.14"); | |
3115 | 3115 | head->r.eof = true; |
3116 | 3116 | } |
3117 | 3117 |
@@ -3179,7 +3179,7 @@ | ||
3179 | 3179 | cs_io_printf(head, "quota memory %s %u\n", |
3180 | 3180 | cs_memory_headers[i], cs_memory_quota[i]); |
3181 | 3181 | } |
3182 | - while (head->r.step < CS_MAX_GROUP + CS_MAX_MEMORY_STAT) { | |
3182 | + while (head->r.step < CS_MAX_LOG_QUOTA + CS_MAX_MEMORY_STAT) { | |
3183 | 3183 | unsigned int a; |
3184 | 3184 | unsigned int d; |
3185 | 3185 | unsigned int u; |
@@ -3,7 +3,7 @@ | ||
3 | 3 | * |
4 | 4 | * Copyright (C) 2005-2012 NTT DATA CORPORATION |
5 | 5 | * |
6 | - * Version: 0.1.13 2015/06/06 | |
6 | + * Version: 0.1.14 2015/07/21 | |
7 | 7 | */ |
8 | 8 | |
9 | 9 | #include "internal.h" |
@@ -3,7 +3,7 @@ | ||
3 | 3 | * |
4 | 4 | * Copyright (C) 2005-2012 NTT DATA CORPORATION |
5 | 5 | * |
6 | - * Version: 0.1.13 2015/06/06 | |
6 | + * Version: 0.1.14 2015/07/21 | |
7 | 7 | */ |
8 | 8 | |
9 | 9 | #include "internal.h" |
@@ -3,7 +3,7 @@ | ||
3 | 3 | * |
4 | 4 | * Copyright (C) 2005-2012 NTT DATA CORPORATION |
5 | 5 | * |
6 | - * Version: 0.1.13 2015/06/06 | |
6 | + * Version: 0.1.14 2015/07/21 | |
7 | 7 | */ |
8 | 8 | |
9 | 9 | #include "internal.h" |
@@ -3,7 +3,7 @@ | ||
3 | 3 | * |
4 | 4 | * Copyright (C) 2005-2012 NTT DATA CORPORATION |
5 | 5 | * |
6 | - * Version: 0.1.13 2015/06/06 | |
6 | + * Version: 0.1.14 2015/07/21 | |
7 | 7 | */ |
8 | 8 | |
9 | 9 | #include <linux/version.h> |
@@ -3,7 +3,7 @@ | ||
3 | 3 | * |
4 | 4 | * Copyright (C) 2005-2012 NTT DATA CORPORATION |
5 | 5 | * |
6 | - * Version: 0.1.13 2015/06/06 | |
6 | + * Version: 0.1.14 2015/07/21 | |
7 | 7 | */ |
8 | 8 | |
9 | 9 | #include "internal.h" |
@@ -3,7 +3,7 @@ | ||
3 | 3 | * |
4 | 4 | * Copyright (C) 2005-2012 NTT DATA CORPORATION |
5 | 5 | * |
6 | - * Version: 0.1.13 2015/06/06 | |
6 | + * Version: 0.1.14 2015/07/21 | |
7 | 7 | */ |
8 | 8 | |
9 | 9 | #ifndef _SECURITY_CAITSITH_INTERNAL_H |
@@ -3,7 +3,7 @@ | ||
3 | 3 | * |
4 | 4 | * Copyright (C) 2010-2013 Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> |
5 | 5 | * |
6 | - * Version: 0.1.13 2015/06/06 | |
6 | + * Version: 0.1.14 2015/07/21 | |
7 | 7 | */ |
8 | 8 | |
9 | 9 | #include <linux/version.h> |
@@ -3,7 +3,7 @@ | ||
3 | 3 | * |
4 | 4 | * Copyright (C) 2010-2013 Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> |
5 | 5 | * |
6 | - * Version: 0.1.13 2015/06/06 | |
6 | + * Version: 0.1.14 2015/07/21 | |
7 | 7 | */ |
8 | 8 | |
9 | 9 | #include "caitsith.h" |
@@ -3,7 +3,7 @@ | ||
3 | 3 | * |
4 | 4 | * Copyright (C) 2005-2012 NTT DATA CORPORATION |
5 | 5 | * |
6 | - * Version: 0.1.13 2015/06/06 | |
6 | + * Version: 0.1.14 2015/07/21 | |
7 | 7 | */ |
8 | 8 | |
9 | 9 | #include "caitsith.h" |
@@ -3,7 +3,7 @@ | ||
3 | 3 | * |
4 | 4 | * Copyright (C) 2010-2013 Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> |
5 | 5 | * |
6 | - * Version: 0.1.13 2015/06/06 | |
6 | + * Version: 0.1.14 2015/07/21 | |
7 | 7 | */ |
8 | 8 | |
9 | 9 | #include "caitsith.h" |
@@ -3,7 +3,7 @@ | ||
3 | 3 | * |
4 | 4 | * Copyright (C) 2005-2012 NTT DATA CORPORATION |
5 | 5 | * |
6 | - * Version: 0.1.13 2015/06/06 | |
6 | + * Version: 0.1.14 2015/07/21 | |
7 | 7 | */ |
8 | 8 | |
9 | 9 | #ifndef _SECURITY_CAITSITH_INTERNAL_H |
@@ -3,7 +3,7 @@ | ||
3 | 3 | * |
4 | 4 | * Copyright (C) 2010-2013 Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> |
5 | 5 | * |
6 | - * Version: 0.1.13 2015/06/06 | |
6 | + * Version: 0.1.14 2015/07/21 | |
7 | 7 | */ |
8 | 8 | |
9 | 9 | #include "caitsith.h" |
@@ -3,7 +3,7 @@ | ||
3 | 3 | * |
4 | 4 | * Copyright (C) 2010-2013 Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> |
5 | 5 | * |
6 | - * Version: 0.1.13 2015/06/06 | |
6 | + * Version: 0.1.14 2015/07/21 | |
7 | 7 | */ |
8 | 8 | |
9 | 9 | #include "caitsith.h" |
@@ -3,7 +3,7 @@ | ||
3 | 3 | * |
4 | 4 | * Copyright (C) 2005-2012 NTT DATA CORPORATION |
5 | 5 | * |
6 | - * Version: 0.1.13 2015/06/06 | |
6 | + * Version: 0.1.14 2015/07/21 | |
7 | 7 | */ |
8 | 8 | |
9 | 9 | #include "caitsith.h" |
@@ -2154,7 +2154,7 @@ | ||
2154 | 2154 | void cs_check_profile(void) |
2155 | 2155 | { |
2156 | 2156 | cs_policy_loaded = true; |
2157 | - printk(KERN_INFO "CaitSith (LSM): 0.1.13 2015/06/06\n"); | |
2157 | + printk(KERN_INFO "CaitSith (LSM): 0.1.14 2015/07/21\n"); | |
2158 | 2158 | if (cs_policy_version == 20120401) { |
2159 | 2159 | printk(KERN_INFO "CaitSith module activated.\n"); |
2160 | 2160 | return; |
@@ -3065,7 +3065,7 @@ | ||
3065 | 3065 | { |
3066 | 3066 | if (head->r.eof) |
3067 | 3067 | return; |
3068 | - cs_set_string(head, "0.1.13"); | |
3068 | + cs_set_string(head, "0.1.14"); | |
3069 | 3069 | head->r.eof = true; |
3070 | 3070 | } |
3071 | 3071 |
@@ -3133,7 +3133,7 @@ | ||
3133 | 3133 | cs_io_printf(head, "quota memory %s %u\n", |
3134 | 3134 | cs_memory_headers[i], cs_memory_quota[i]); |
3135 | 3135 | } |
3136 | - while (head->r.step < CS_MAX_GROUP + CS_MAX_MEMORY_STAT) { | |
3136 | + while (head->r.step < CS_MAX_LOG_QUOTA + CS_MAX_MEMORY_STAT) { | |
3137 | 3137 | unsigned int a; |
3138 | 3138 | unsigned int d; |
3139 | 3139 | unsigned int u; |
@@ -3,7 +3,7 @@ | ||
3 | 3 | * |
4 | 4 | * Copyright (C) 2010-2013 Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> |
5 | 5 | * |
6 | - * Version: 0.1.13 2015/06/06 | |
6 | + * Version: 0.1.14 2015/07/21 | |
7 | 7 | */ |
8 | 8 | |
9 | 9 | #include "caitsith.h" |
@@ -3,7 +3,7 @@ | ||
3 | 3 | * |
4 | 4 | * Copyright (C) 2005-2012 NTT DATA CORPORATION |
5 | 5 | * |
6 | - * Version: 0.1.13 2015/06/06 | |
6 | + * Version: 0.1.14 2015/07/21 | |
7 | 7 | */ |
8 | 8 | |
9 | 9 | #include "caitsith.h" |
@@ -3,7 +3,7 @@ | ||
3 | 3 | * |
4 | 4 | * Copyright (C) 2005-2012 NTT DATA CORPORATION |
5 | 5 | * |
6 | - * Version: 0.1.13 2015/06/06 | |
6 | + * Version: 0.1.14 2015/07/21 | |
7 | 7 | */ |
8 | 8 | |
9 | 9 | #include "caitsith.h" |
@@ -779,7 +779,7 @@ | ||
779 | 779 | quota memory policy $max_byte_for_policy |
780 | 780 | quota memory audit $max_byte_for_audit_logs |
781 | 781 | quota memory query $max_byte_for_query |
782 | -quota audit[$audit_index] allowed=$max_logs_for_allowed_request unmatched=$max_logs_for_unmatched_request denied=$max_logs_for_denied_request | |
782 | +quota audit[$audit_index] allowed=$max_logs_for_allowed_request denied=$max_logs_for_denied_request unmatched=$max_logs_for_unmatched_request | |
783 | 783 | string_group $string_group_name $string_group_member |
784 | 784 | number_group $number_group_name $number_group_member |
785 | 785 | ip_group $ip_group_name $ip_group_member |
@@ -791,7 +791,7 @@ | ||
791 | 791 | <li>$max_byte_for_policy is max amount of memory in byte which can be allocated for policy. Default is unlimited.</li> |
792 | 792 | <li>$max_byte_for_audit_logs is max amount of memory in byte which can be allocated for audit logs. Default is unlimited. $max_byte_for_audit_logs=16777216 should be sufficient.</li> |
793 | 793 | <li>$max_byte_for_query is max amount of memory in byte which can be allocated for interactive enforcement. Default is unlimited. $max_byte_for_audit_logs=1048576 should be sufficient.</li> |
794 | -<li>quota audit[$audit_index] lines (0 <= $audit_index <= 255) are max number of audit logs which can be held in the kernel space. $max_logs_for_allowed_request is for allowed requests. $max_logs_for_unmatched_request is for unmatched requests. $max_logs_for_denied_request is for denied requests. Default is 0. Unless you have special reasons, you should set 0 to $max_logs_for_allowed_request. Regarding $max_logs_for_unmatched_request and $max_logs_for_denied_request, 1024 should be sufficient.</li> | |
794 | +<li>quota audit[$audit_index] lines (0 <= $audit_index <= 255) are max number of audit logs which can be held in the kernel space. $max_logs_for_allowed_request is for allowed requests. $max_logs_for_denied_request is for denied requests. $max_logs_for_unmatched_request is for unmatched requests. Default is 0. Unless you have special reasons, you should set 0 to $max_logs_for_allowed_request. Regarding $max_logs_for_unmatched_request and $max_logs_for_denied_request, 1024 should be sufficient.</li> | |
795 | 795 | <li>string_group $string_group_name lines define group of strings. $string_group_member is a member for $string_group_name group.</li> |
796 | 796 | <li>number_group $number_group_name lines define group of numbers. $number_group_member is a member for $number_group_name group.</li> |
797 | 797 | <li>ip_group $ip_group_name lines define group of IP addresses. $ip_group_member is a member for $ip_group_name group.</li> |