Skip to content

audit: backport fixes and cleanups up to upstream v6.1

Richard Guy Briggs requested to merge rbriggs/centos-stream-9:bz2123857-v6_1-backport-rhel9_2 into main

Backport selected trivial fixes and performance cleanups from upstream
from kernel version 5.19 up to kernel version 6.1. This will help make
Audit functionality more stable, bring useful cleanups and fixes into
RHEL-9.2, and ease future backports.

List of upstream commits (in apply order):

2022-08-02 f42e1e3e40da {torvalds@linux-foundation.org} Merge tag 'audit-pr-20220801' on v5.19-rc1 in v6.0-rc1
2022-06-07 5ee6cfdd11aa [cleanup] {yesshedi@gmail.com} ("audit: remove redundant data_len check")
2022-06-13 546093206ba1 [cleanup] {xiujianfeng@huawei.com} ("audit: make is_audit_feature_set() static")

2022-08-23 072c92b1b1ef {torvalds@linux-foundation.org} Merge tag 'audit-pr-20220823' on 6.0-rc2 in v6.0-rc3
2022-08-22 ad982c3be4e6 [bugfix] {cuigaosheng1@huawei.com} ("audit: fix potential double free on error path from fsnotify_add_inode_mark")
Fixes: 7b129323 ("fsnotify: Add group pointer in fsnotify_init_mark()")

2022-08-27 17b28d4267d9 {torvalds@linux-foundation.org} Merge tag 'audit-pr-20220826' ghak138 bz2100827/bz2117329 in Linux 6.0-rc3
2022-08-25 d4fefa4801a1 [bugfix] {rgb@redhat.com} ("audit: move audit_return_fixup before the filters")
Fixes upstream: 12c5e81 downstream: 2f1e334a ("audit: prepare audit_context for use in calling contexts beyond syscalls")

2022-10-03 26b84401da84 {torvalds@linux-foundation.org} Merge tag 'lsm-pr-20221003' on v6.0 in v6.1-rc1
2022-08-15 4847c0eb663a [cleanup] {xiujianfeng@huawei.com} ("lsm: clean up redundant NULL pointer check")

2022-10-04 c645c11a2dba {torvalds@linux-foundation.org} Merge tag 'audit-pr-20221003' on Linux 6.0 in v6.1-rc1
2022-08-15 0351dc57b95b [cleanup] {yuanjilin@cdjrlc.com} ("audit: fix repeated words in comments")
2022-08-26 e84d9f5214cb [cleanup] {rgb@redhat.com} ("audit: audit_context pid unused, context enum comment fix")
2022-08-26 3ed66951f952 [bugfix] {rgb@redhat.com} ("audit: explicitly check audit_context->context enum value")
Fixes upstream: 12c5e81 downstream: 2f1e334a ("audit: prepare audit_context for use in calling contexts beyond syscalls")
2022-08-26 c3f3ea8af44d [bugfix] {rgb@redhat.com} ("audit: free audit_proctitle only on task exit")
Fixes upstream: 12c5e81 downstream: 2f1e334a ("audit: prepare audit_context for use in calling contexts beyond syscalls")
2022-08-29 501e4bb102ee [cleanup] {wuchi.zero@gmail.com} ("audit: use time_after to compare time")
2022-09-07 934f70d9d498 [cleanup] {xiujianfeng@huawei.com} ("audit: remove selinux_audit_rule_update() declaration")

2022-10-06 4c0ed7d8d6e3 {torvalds@linux-foundation.org} Merge tag 'pull-path' on v6.0 in v6.1-rc1
2022-09-01 bf2e1ae41731 {viro@zeniv.linux.org.uk} ("audit_init_parent(): constify path")

2022-10-20 1238ab50cf13 {sfr@canb.auug.org.au} Merge branch 'next' in Linux next-20221020 on v6.1-rc1 for v6.2
2022-10-17 50979953c0c4 [cleanup] {ankur.a.arora@oracle.com} ("audit: unify audit_filter_{uring(), inode_name(), syscall()}")
2022-10-17 069545997510 [cleanup] {ankur.a.arora@oracle.com} ("audit: cache ctx->major in audit_filter_syscall()")

Omitted due to io_uring not yet active, merge conflict, wait for set from maintainer:
2022-08-13 1da8cf961bb1 {torvalds@linux-foundation.org} Merge tag 'io_uring-6.0-2022-08-13' on v5.19 in v6.0-rc1
2022-08-04 f482aa986527 {peilin.ye@bytedance.com} [bugfix] ("audit, io_uring, io-wq: Fix memory leak in io_sq_thread() and io_wqe_worker()")
Fixes: 5bd2182d58e9 ("audit,io_uring,io-wq: add some basic audit support to io_uring")
conflict: 17437f311490 axboe@kernel.dk 2022-07-24 ("io_uring: move SQPOLL related handling into its own file")
conflict: ed29b0b4fd83 axboe@kernel.dk 2022-07-24 ("io_uring: move to separate directory")
Omitted due to dependancy on larger fsnotify backports:
2022-05-25 e375780b631a {torvalds@linux-foundation.org} Merge tag 'fsnotify_for_v5.19-rc1'
2022-04-25 960bdff24ce8 [cleanup] {amir73il@gmail.com} ("audit: use fsnotify group lock helpers")

Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2123857
Signed-off-by: Richard Guy Briggs rgb@redhat.com

9bde4534 (Richard Guy Briggs)
audit: unify audit_filter_{uring(), inode_name(), syscall()}

3465f638 (Richard Guy Briggs)
audit: cache ctx->major in audit_filter_syscall()

21846e8b (Richard Guy Briggs)
audit_init_parent(): constify path

dc03be25 (Richard Guy Briggs)
audit: remove selinux_audit_rule_update() declaration

cd417c0b (Richard Guy Briggs)
audit: use time_after to compare time

ed0e1b54 (Richard Guy Briggs)
audit: free audit_proctitle only on task exit

d507f481 (Richard Guy Briggs)
audit: explicitly check audit_context->context enum value

ba408e14 (Richard Guy Briggs)
audit: audit_context pid unused, context enum comment fix

7db73785 (Richard Guy Briggs)
audit: fix repeated words in comments

de579ffc (Richard Guy Briggs)
lsm: clean up redundant NULL pointer check

18404800 (Richard Guy Briggs)
audit: move audit_return_fixup before the filters

3be26c57 (Richard Guy Briggs)
audit: fix potential double free on error path from fsnotify_add_inode_mark

21395d52 (Richard Guy Briggs)
audit: make is_audit_feature_set() static

d7672c3d (Richard Guy Briggs)
audit: remove redundant data_len check

include/linux/audit.h | 2 --
kernel/audit.c | 12 +++----
kernel/audit.h | 4 +--
kernel/audit_fsnotify.c | 1 +
kernel/audit_watch.c | 2 +-
kernel/auditsc.c | 89 +++++++++++++++++++++++++------------------------
security/lsm_audit.c | 14 +-------
7 files changed, 55 insertions(+), 69 deletions(-)

Edited by Richard Guy Briggs

Merge request reports