Discussion:
[GIT PULL] Audit patches for v4.19
Paul Moore
2018-08-14 21:07:04 UTC
Permalink
Hi Linus,

Twelve audit patches for v4.19 and they run the full gamut from fixes
to features. Notable changes include the ability to use the "exe"
audit filter field in a wider variety of filter types, a fix for our
comparison of GID/EGID in audit filter rules, better association of
related audit records (connecting related audit records together into
one audit event), and a fix for a potential use-after-free in
audit_add_watch().

All the patches pass the audit-testsuite and merge cleanly on your
current master branch.

Please pull, thanks.
-Paul
--
The following changes since commit ce397d215ccd07b8ae3f71db689aedb85d56ab40:

Linux 4.18-rc1 (2018-06-17 08:04:49 +0900)

are available in the Git repository at:

git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git
tags/audit-pr-20180814

for you to fetch changes up to baa2a4fdd525c8c4b0f704d20457195b29437839:

audit: fix use-after-free in audit_add_watch (2018-07-18 11:43:36 -0400)

----------------------------------------------------------------
audit/stable-4.18 PR 20180814

----------------------------------------------------------------
Arnd Bergmann (1):
audit: use ktime_get_coarse_ts64() for time access

Ondrej Mosnáček (3):
audit: allow other filter list types for AUDIT_EXE
audit: Fix extended comparison of GID/EGID
cred: conditionally declare groups-related functions

Paul Moore (1):
audit: use ktime_get_coarse_real_ts64() for timestamps

Richard Guy Briggs (6):
audit: tie SECCOMP records to syscall
audit: tie ANOM_ABEND records to syscall
audit: rename FILTER_TYPE to FILTER_EXCLUDE
audit: eliminate audit_enabled magic number comparison
audit: check audit_enabled in audit_tree_log_remove_rule()
audit: simplify audit_enabled check in audit_watch_log_rule_change()

Ronny Chevalier (1):
audit: fix use-after-free in audit_add_watch

drivers/tty/tty_audit.c | 2 +-
include/linux/audit.h | 5 ++++-
include/linux/cred.h | 15 ++++++++++-----
include/net/xfrm.h | 2 +-
include/uapi/linux/audit.h | 3 ++-
kernel/audit.c | 7 ++-----
kernel/audit_tree.c | 2 ++
kernel/audit_watch.c | 41 ++++++++++++++++++++++++--------------
kernel/auditfilter.c | 17 ++++++++++-------
kernel/auditsc.c | 14 +++++++-------
net/netfilter/xt_AUDIT.c | 2 +-
net/netlabel/netlabel_user.c | 2 +-
12 files changed, 67 insertions(+), 45 deletions(-)

--
paul moore
www.paul-moore.com

Continue reading on narkive:
Loading...