Linux 4.5 Released
15 Mar 2016 tags: audit selinuxLinux 4.5 was released this past weekend, here are the SELinux and audit release notes.
SELinux
-
New LSM hooks and SELinux code to invalidate and revalidate inode security labels. This is important functionality for GFS2 and potentially other distributed filesystems.
-
New functionality to make the validatetrans policy decisions available to userspace via the selinuxfs mount, “/sys/fs/selinux” on most systems. Writing “$oldcontext $newcontext $tclass $taskcontext” to “/sys/fs/selinux/validatetrans” will return 0 if the transition is allowed and -EPERM otherwise.
Audit
-
A number of small improvements were made to help make the kernel/auditd connection more robust and fix some corner cases relating to audit queue backlog handling.
-
Auditing of seccomp events now honors the “audit_enabled” flag; when “audit_enabled=0” then seccomp events will not be audited.
-
Make selection of CONFIG_AUDITSYSCALL automatic on systems that have auditing enabled and support syscall auditing.