lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <1522672.4tJvQfugPF@sifl>
Date:   Wed, 14 Dec 2016 13:27:45 -0500
From:   Paul Moore <pmoore@...hat.com>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
Cc:     linux-audit@...hat.com, linux-kernel@...r.kernel.org
Subject: [GIT PULL] Audit patches for v4.10

Hi Linus,

After the small number of patches for v4.9, we've got a much bigger pile for 
v4.10.

The bulk of these patches involve a rework of the audit backlog queue to 
enable us to move the netlink multicasting out of the task/thread that 
generates the audit record and into the kernel thread that emits the record 
(just like we do for the audit unicast to auditd).  While we were playing 
with the backlog queue(s) we fixed a number of other little problems with 
the code, and from all the testing so far things look to be in much better 
shape now.  Doing this also allowed us to re-enable disabling IRQs for some 
netns operations ("netns: avoid disabling irq for netns id").  The remaining 
patches fix some small problems that are well documented in the commit 
descriptions, as well as adding session ID filtering support.

You will likely hit two merge conflicts, one in net/core/net_namespace.c and 
one in include/uapi/linux/audit.h, both are easily resolved so I won't 
bother you with that here.  If you have questions, you know how to find me.

Thanks,
-Paul

---
The following changes since commit c8d2bc9bc39ebea8437fd974fdbc21847bb897a3:

  Linux 4.8 (2016-10-02 16:24:33 -0700)

are available in the git repository at:

  git://git.infradead.org/users/pcmoore/audit stable-4.10

for you to fetch changes up to 533c7b69c764ad5febb3e716899f43a75564fcab:

  audit: use proper refcount locking on audit_sock
         (2016-12-14 13:06:04 -0500)

----------------------------------------------------------------
Alexey Dobriyan (1):
      audit: less stack usage for /proc/*/loginuid

Paul Moore (9):
      audit: fixup audit_init()
      audit: queue netlink multicast sends just like we do for unicast sends
      audit: rename the queues and kauditd related functions
      audit: rework the audit queue handling
      audit: rework audit_log_start()
      audit: wake up kauditd_thread after auditd registers
      audit: handle a clean auditd shutdown with grace
      audit: don't ever sleep on a command record/message
      netns: avoid disabling irq for netns id

Richard Guy Briggs (5):
      audit: tame initialization warning len_abuf in audit_log_execve_info
      audit: skip sessionid sentinel value when auto-incrementing
      audit: add support for session ID user filter
      audit: move kaudit thread start from auditd registration to
             kaudit init (#2)
      audit: use proper refcount locking on audit_sock

Steve Grubb (1):
      audit: fix formatting of AUDIT_CONFIG_CHANGE events

 fs/proc/base.c             |   2 +-
 include/uapi/linux/audit.h |   5 +-
 kernel/audit.c             | 532 ++++++++++++++++++++++++---------------
 kernel/audit_fsnotify.c    |   5 +-
 kernel/audit_tree.c        |   3 +-
 kernel/audit_watch.c       |   5 +-
 kernel/auditfilter.c       |   5 +-
 kernel/auditsc.c           |  12 +-
 net/core/net_namespace.c   |  35 ++-
 9 files changed, 361 insertions(+), 243 deletions(-)

-- 
paul moore
security @ redhat

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ