lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAHC9VhQqnAG5DxvoQKa643d06rDTVtHVFEj5arCsHwyoamCckA@mail.gmail.com>
Date:   Mon, 1 Jun 2020 20:48:59 -0400
From:   Paul Moore <paul@...l-moore.com>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
Cc:     linux-audit@...hat.com, linux-kernel@...r.kernel.org
Subject: [GIT PULL] Audit patches for v5.8

Hi Linus,

Here is the set of audit patches for the v5.8 merge window, all
patches pass our test suite and as of a few minutes ago they also
merge cleanly with the top of your tree.  Unfortunately I just noticed
that one of the commit subject lines is truncated - sorry about that,
it's my fault not Richard's - but since the important part is there
("add subj creds to NETFILTER_CFG") I opted to leave it as-is and not
disrupt the git log.  If you would rather have the subject line fixed,
let me know and I'll correct it.

A quick summary of the significant patches:

- Record information about binds/unbinds to the audit multicast
socket.  This helps identify which processes have/had access to the
information in the audit stream.

- Cleanup and add some additional information to the netfilter
configuration events collected by audit.

- Fix some of the audit error handling code so we don't leak network
namespace references.

Thanks,
-Paul

--
The following changes since commit 8f3d9f354286745c751374f5f1fcafee6b3f3136:

 Linux 5.7-rc1 (2020-04-12 12:35:55 -0700)

are available in the Git repository at:

 git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git
   tags/audit-pr-20200601

for you to fetch changes up to 9d44a121c5a79bc8a9d67c058456bd52a83c79e7:

 audit: add subj creds to NETFILTER_CFG record to
   (2020-05-20 18:09:19 -0400)

----------------------------------------------------------------
audit/stable-5.8 PR 20200601

----------------------------------------------------------------
Gustavo A. R. Silva (1):
     audit: Replace zero-length array with flexible-array

Paul Moore (2):
     audit: fix a net reference leak in audit_send_reply()
     audit: fix a net reference leak in audit_list_rules_send()

Richard Guy Briggs (4):
     audit: log audit netlink multicast bind and unbind
     audit: tidy and extend netfilter_cfg x_tables
     netfilter: add audit table unregister actions
     audit: add subj creds to NETFILTER_CFG record to

Zheng Bin (1):
     audit: make symbol 'audit_nfcfgs' static

include/linux/audit.h           |  24 +++++++++-
include/uapi/linux/audit.h      |   1 +
kernel/audit.c                  | 100 +++++++++++++++++++++++++++---------
kernel/audit.h                  |   2 +-
kernel/auditfilter.c            |  16 +++----
kernel/auditsc.c                |  31 +++++++++++++
net/bridge/netfilter/ebtables.c |  14 +++---
net/netfilter/x_tables.c        |  14 ++----
8 files changed, 148 insertions(+), 54 deletions(-)

-- 
paul moore
www.paul-moore.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ