lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAHC9VhQ8aEqiKo6oj8-qMTzbs73ipEbTf5akENYc-m6xg7JRXg@mail.gmail.com>
Date:   Tue, 7 May 2019 13:23:05 -0400
From:   Paul Moore <paul@...l-moore.com>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
Cc:     linux-audit@...hat.com, linux-kernel@...r.kernel.org
Subject: [GIT PULL] Audit patches for v5.2

Hi Linus,

We've got a reasonably broad set of audit patches for the v5.2 merge
window, the highlights are below:

- The biggest change, and the source of all the arch/* changes, is the
patchset from Dmitry to help enable some of the work he is doing
around PTRACE_GET_SYSCALL_INFO.  To be honest, including this in the
audit tree is a bit of a stretch, but it does help move audit a little
further along towards proper syscall auditing for all arches, and
everyone else seemed to agree that audit was a "good" spot for this to
land (or maybe they just didn't want to merge it?  dunno.).

- We can now audit time/NTP adjustments.

- We continue the work to connect associated audit records into a single event.

As a FYI, you will likely run into two minor merge problems in
kernel/seccomp.c and arch/mips/kernel/ptrace.c; both are very similar
and have to do with the change to syscall_get_arch() and
syscall_get_arguments().  It should be easy to sort this out (you'll
see what I mean), but if you have any questions just let us know.

Please pull this for v5.2,
-Paul

--
The following changes since commit 9e98c678c2d6ae3a17cb2de55d17f69dddaa231b:

 Linux 5.1-rc1 (2019-03-17 14:22:26 -0700)

are available in the Git repository at:

 git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git
   tags/audit-pr-20190507

for you to fetch changes up to 70c4cf17e445264453bc5323db3e50aa0ac9e81f:

 audit: fix a memory leak bug (2019-04-22 11:22:03 -0400)

----------------------------------------------------------------
audit/stable-5.2 PR 20190507

----------------------------------------------------------------
Dmitry V. Levin (13):
     Move EM_ARCOMPACT and EM_ARCV2 to uapi/linux/elf-em.h
     arc: define syscall_get_arch()
     c6x: define syscall_get_arch()
     h8300: define syscall_get_arch()
     Move EM_HEXAGON to uapi/linux/elf-em.h
     hexagon: define syscall_get_arch()
     m68k: define syscall_get_arch()
     Move EM_NDS32 to uapi/linux/elf-em.h
     nds32: define syscall_get_arch()
     nios2: define syscall_get_arch()
     Move EM_UNICORE to uapi/linux/elf-em.h
     unicore32: define syscall_get_arch()
     syscall_get_arch: add "struct task_struct *" argument

Li RongQing (1):
     audit: fix a memleak caused by auditing load module

Ondrej Mosnacek (2):
     timekeeping: Audit clock adjustments
     ntp: Audit NTP parameters adjustment

Richard Guy Briggs (3):
     audit: connect LOGIN record to its syscall record
     audit: link integrity evm_write_xattrs record to syscall event
     audit: purge unnecessary list_empty calls

Wenwen Wang (1):
     audit: fix a memory leak bug

YueHaibing (1):
     audit: Make audit_log_cap and audit_copy_inode static

arch/alpha/include/asm/syscall.h      |   2 +-
arch/arc/include/asm/elf.h            |   6 +-
arch/arc/include/asm/syscall.h        |  11 ++++
arch/arm/include/asm/syscall.h        |   2 +-
arch/arm64/include/asm/syscall.h      |   4 +-
arch/c6x/include/asm/syscall.h        |   7 +++
arch/csky/include/asm/syscall.h       |   2 +-
arch/h8300/include/asm/syscall.h      |   6 ++
arch/hexagon/include/asm/elf.h        |   6 +-
arch/hexagon/include/asm/syscall.h    |   8 +++
arch/ia64/include/asm/syscall.h       |   2 +-
arch/m68k/include/asm/syscall.h       |  12 ++++
arch/microblaze/include/asm/syscall.h |   2 +-
arch/mips/include/asm/syscall.h       |   6 +-
arch/mips/kernel/ptrace.c             |   2 +-
arch/nds32/include/asm/elf.h          |   3 +-
arch/nds32/include/asm/syscall.h      |   9 +++
arch/nios2/include/asm/syscall.h      |   6 ++
arch/openrisc/include/asm/syscall.h   |   2 +-
arch/parisc/include/asm/syscall.h     |   4 +-
arch/powerpc/include/asm/syscall.h    |  10 ++-
arch/riscv/include/asm/syscall.h      |   2 +-
arch/s390/include/asm/syscall.h       |   4 +-
arch/sh/include/asm/syscall_32.h      |   2 +-
arch/sh/include/asm/syscall_64.h      |   2 +-
arch/sparc/include/asm/syscall.h      |   5 +-
arch/unicore32/include/asm/elf.h      |   3 +-
arch/unicore32/include/asm/syscall.h  |  12 ++++
arch/x86/include/asm/syscall.h        |   8 ++-
arch/x86/um/asm/syscall.h             |   2 +-
arch/xtensa/include/asm/syscall.h     |   2 +-
include/asm-generic/syscall.h         |   5 +-
include/linux/audit.h                 |  75 +++++++++++++++++++++++
include/uapi/linux/audit.h            |  14 +++++
include/uapi/linux/elf-em.h           |   6 ++
kernel/audit.c                        |   2 +-
kernel/auditfilter.c                  |  14 ++---
kernel/auditsc.c                      | 115 +++++++++++++++++++++------------
kernel/seccomp.c                      |   4 +-
kernel/time/ntp.c                     |  22 ++++++-
kernel/time/ntp_internal.h            |   4 +-
kernel/time/timekeeping.c             |  13 +++-
security/integrity/evm/evm_secfs.c    |  10 +--
43 files changed, 331 insertions(+), 107 deletions(-)
create mode 100644 arch/m68k/include/asm/syscall.h
create mode 100644 arch/unicore32/include/asm/syscall.h

-- 
paul moore
www.paul-moore.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ