linux-next: manual merge of the audit tree with Linus' tree

linux-next: manual merge of the audit tree with Linus' tree

[Stephen Rothwell]

[-- Attachment #1: Type: text/plain, Size: 1088 bytes --]

Hi Paul,

Today's linux-next merge of the audit tree got a conflict in
security/lsm_audit.c between commit 5deeb5cece3f ("lsm: copy comm
before calling audit_log to avoid race in string printing") from Linus'
tree and commit 5c5bc97e2fc8 ("lsm: rename duplicate labels in
LSM_AUDIT_DATA_TASK audit message type") from the audit tree.

I fixed it up (see below) and can carry the fix as necessary (no action
is required).

-- 
Cheers,
Stephen Rothwell                    sfr@canb.auug.org.au

diff --cc security/lsm_audit.c
index 1d34277dc402,07fc99724d41..000000000000
--- a/security/lsm_audit.c
+++ b/security/lsm_audit.c
@@@ -281,10 -281,8 +281,10 @@@ static void dump_common_audit_data(stru
  		if (tsk) {
  			pid_t pid = task_pid_nr(tsk);
  			if (pid) {
 +				char comm[sizeof(tsk->comm)];
- 				audit_log_format(ab, " pid=%d comm=", pid);
+ 				audit_log_format(ab, " opid=%d ocomm=", pid);
 -				audit_log_untrustedstring(ab, tsk->comm);
 +				audit_log_untrustedstring(ab,
 +				    memcpy(comm, tsk->comm, sizeof(comm)));
  			}
  		}
  		break;

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

Re: linux-next: manual merge of the audit tree with Linus' tree

[Richard Guy Briggs]

On 15/06/01, Stephen Rothwell wrote:
> Hi Paul,
> 
> Today's linux-next merge of the audit tree got a conflict in
> security/lsm_audit.c between commit 5deeb5cece3f ("lsm: copy comm
> before calling audit_log to avoid race in string printing") from Linus'
> tree and commit 5c5bc97e2fc8 ("lsm: rename duplicate labels in
> LSM_AUDIT_DATA_TASK audit message type") from the audit tree.
> 
> I fixed it up (see below) and can carry the fix as necessary (no action
> is required).

Perfect, thanks, fix looks right.  Cheers!

> Stephen Rothwell                    sfr@canb.auug.org.au
> 
> diff --cc security/lsm_audit.c
> index 1d34277dc402,07fc99724d41..000000000000
> --- a/security/lsm_audit.c
> +++ b/security/lsm_audit.c
> @@@ -281,10 -281,8 +281,10 @@@ static void dump_common_audit_data(stru
>   		if (tsk) {
>   			pid_t pid = task_pid_nr(tsk);
>   			if (pid) {
>  +				char comm[sizeof(tsk->comm)];
> - 				audit_log_format(ab, " pid=%d comm=", pid);
> + 				audit_log_format(ab, " opid=%d ocomm=", pid);
>  -				audit_log_untrustedstring(ab, tsk->comm);
>  +				audit_log_untrustedstring(ab,
>  +				    memcpy(comm, tsk->comm, sizeof(comm)));
>   			}
>   		}
>   		break;



- RGB

--
Richard Guy Briggs <rbriggs@redhat.com>
Senior Software Engineer, Kernel Security, AMER ENG Base Operating Systems, Red Hat
Remote, Ottawa, Canada
Voice: +1.647.777.2635, Internal: (81) 32635, Alt: +1.613.693.0684x3545

linux-next: manual merge of the audit tree with Linus' tree

[Stephen Rothwell]

[-- Attachment #1: Type: text/plain, Size: 1858 bytes --]

Hi all,

Today's linux-next merge of the audit tree got conflicts in:

  arch/mips/kernel/ptrace.c
  kernel/seccomp.c

between commit:

  b35f549df1d7 ("syscalls: Remove start and number from syscall_get_arguments() args")

from Linus' tree and commit:

  16add411645c ("syscall_get_arch: add "struct task_struct *" argument")

from the audit tree.

I fixed it up (see below) and can carry the fix as necessary. This
is now fixed as far as linux-next is concerned, but any non trivial
conflicts should be mentioned to your upstream maintainer when your tree
is submitted for merging.  You may also want to consider cooperating
with the maintainer of the conflicting tree to minimise any particularly
complex conflicts.

-- 
Cheers,
Stephen Rothwell

diff --cc arch/mips/kernel/ptrace.c
index 3a62f80958e1,2ead6ff919b7..000000000000
--- a/arch/mips/kernel/ptrace.c
+++ b/arch/mips/kernel/ptrace.c
@@@ -1418,8 -1418,8 +1418,8 @@@ asmlinkage long syscall_trace_enter(str
  		unsigned long args[6];
  
  		sd.nr = syscall;
- 		sd.arch = syscall_get_arch();
+ 		sd.arch = syscall_get_arch(current);
 -		syscall_get_arguments(current, regs, 0, 6, args);
 +		syscall_get_arguments(current, regs, args);
  		for (i = 0; i < 6; i++)
  			sd.args[i] = args[i];
  		sd.instruction_pointer = KSTK_EIP(current);
diff --cc kernel/seccomp.c
index df27e499956a,36f36ab00f48..000000000000
--- a/kernel/seccomp.c
+++ b/kernel/seccomp.c
@@@ -148,8 -148,8 +148,8 @@@ static void populate_seccomp_data(struc
  	unsigned long args[6];
  
  	sd->nr = syscall_get_nr(task, regs);
- 	sd->arch = syscall_get_arch();
+ 	sd->arch = syscall_get_arch(task);
 -	syscall_get_arguments(task, regs, 0, 6, args);
 +	syscall_get_arguments(task, regs, args);
  	sd->args[0] = args[0];
  	sd->args[1] = args[1];
  	sd->args[2] = args[2];

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

Re: linux-next: manual merge of the audit tree with Linus' tree

[Dmitry V. Levin]

[-- Attachment #1: Type: text/plain, Size: 1006 bytes --]

On Mon, Apr 08, 2019 at 11:31:31AM +1000, Stephen Rothwell wrote:
> Hi all,
> 
> Today's linux-next merge of the audit tree got conflicts in:
> 
>   arch/mips/kernel/ptrace.c
>   kernel/seccomp.c
> 
> between commit:
> 
>   b35f549df1d7 ("syscalls: Remove start and number from syscall_get_arguments() args")
> 
> from Linus' tree and commit:
> 
>   16add411645c ("syscall_get_arch: add "struct task_struct *" argument")
> 
> from the audit tree.
> 
> I fixed it up (see below) and can carry the fix as necessary. This
> is now fixed as far as linux-next is concerned, but any non trivial
> conflicts should be mentioned to your upstream maintainer when your tree
> is submitted for merging.  You may also want to consider cooperating
> with the maintainer of the conflicting tree to minimise any particularly
> complex conflicts.

Thanks, the merge fix is correct.
I've also re-tested it using the new selftests/ptrace test
from PTRACE_GET_SYSCALL_INFO patchset.


-- 
ldv

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 801 bytes --]

Re: linux-next: manual merge of the audit tree with Linus' tree

[Paul Moore]

On Mon, Apr 8, 2019 at 1:15 PM Dmitry V. Levin <ldv@altlinux.org> wrote:
> On Mon, Apr 08, 2019 at 11:31:31AM +1000, Stephen Rothwell wrote:
> > Hi all,
> >
> > Today's linux-next merge of the audit tree got conflicts in:
> >
> >   arch/mips/kernel/ptrace.c
> >   kernel/seccomp.c
> >
> > between commit:
> >
> >   b35f549df1d7 ("syscalls: Remove start and number from syscall_get_arguments() args")
> >
> > from Linus' tree and commit:
> >
> >   16add411645c ("syscall_get_arch: add "struct task_struct *" argument")
> >
> > from the audit tree.
> >
> > I fixed it up (see below) and can carry the fix as necessary. This
> > is now fixed as far as linux-next is concerned, but any non trivial
> > conflicts should be mentioned to your upstream maintainer when your tree
> > is submitted for merging.  You may also want to consider cooperating
> > with the maintainer of the conflicting tree to minimise any particularly
> > complex conflicts.
>
> Thanks, the merge fix is correct.
> I've also re-tested it using the new selftests/ptrace test
> from PTRACE_GET_SYSCALL_INFO patchset.

Thanks for the verification Dmitry.

Stephen, thanks for the heads-up, I'll pass this along to Linus come merge time.

-- 
paul moore
www.paul-moore.com

linux-next: manual merge of the audit tree with Linus' tree

[Stephen Rothwell]

Hi Paul,

Today's linux-next merge of the audit tree got a conflict in:

  net/netfilter/xt_AUDIT.c

between commit:

  613dbd95723a ("netfilter: x_tables: move hook state into xt_action_param structure")

from Linus' tree and commit:

  36fe46d172e5 ("audit: normalize NETFILTER_PKT")

from the audit tree.

I fixed it up (see below) and can carry the fix as necessary. This
is now fixed as far as linux-next is concerned, but any non trivial
conflicts should be mentioned to your upstream maintainer when your tree
is submitted for merging.  You may also want to consider cooperating
with the maintainer of the conflicting tree to minimise any particularly
complex conflicts.

P.S. You may want to consider a newer base for your tree ...
-- 
Cheers,
Stephen Rothwell

diff --cc net/netfilter/xt_AUDIT.c
index 19247a17e511,582ee54f6664..000000000000
--- a/net/netfilter/xt_AUDIT.c
+++ b/net/netfilter/xt_AUDIT.c
@@@ -131,39 -78,24 +78,24 @@@ audit_tg(struct sk_buff *skb, const str
  	if (ab == NULL)
  		goto errout;
  
- 	audit_log_format(ab, "action=%hhu hook=%u len=%u inif=%s outif=%s",
- 			 info->type, xt_hooknum(par), skb->len,
- 			 xt_in(par) ? xt_inname(par) : "?",
- 			 xt_out(par) ? xt_outname(par) : "?");
- 
- 	if (skb->mark)
- 		audit_log_format(ab, " mark=%#x", skb->mark);
- 
- 	if (skb->dev && skb->dev->type == ARPHRD_ETHER) {
- 		audit_log_format(ab, " smac=%pM dmac=%pM macproto=0x%04x",
- 				 eth_hdr(skb)->h_source, eth_hdr(skb)->h_dest,
- 				 ntohs(eth_hdr(skb)->h_proto));
- 
- 		if (xt_family(par) == NFPROTO_BRIDGE) {
- 			switch (eth_hdr(skb)->h_proto) {
- 			case htons(ETH_P_IP):
- 				audit_ip4(ab, skb);
- 				break;
- 
- 			case htons(ETH_P_IPV6):
- 				audit_ip6(ab, skb);
- 				break;
- 			}
- 		}
- 	}
+ 	audit_log_format(ab, "mark=%#x", skb->mark);
  
 -	switch (par->family) {
 +	switch (xt_family(par)) {
+ 	case NFPROTO_BRIDGE:
+ 		switch (eth_hdr(skb)->h_proto) {
+ 		case htons(ETH_P_IP):
+ 			fam = audit_ip4(ab, skb) ? NFPROTO_IPV4 : -1;
+ 			break;
+ 		case htons(ETH_P_IPV6):
+ 			fam = audit_ip6(ab, skb) ? NFPROTO_IPV6 : -1;
+ 			break;
+ 		}
+ 		break;
  	case NFPROTO_IPV4:
- 		audit_ip4(ab, skb);
+ 		fam = audit_ip4(ab, skb) ? NFPROTO_IPV4 : -1;
  		break;
- 
  	case NFPROTO_IPV6:
- 		audit_ip6(ab, skb);
+ 		fam = audit_ip6(ab, skb) ? NFPROTO_IPV6 : -1;
  		break;
  	}
  

Re: linux-next: manual merge of the audit tree with Linus' tree

[Richard Guy Briggs]

On 2017-03-24 13:18, Stephen Rothwell wrote:
> Hi Paul,

Hi Stephen,

> Today's linux-next merge of the audit tree got a conflict in:
> 
>   net/netfilter/xt_AUDIT.c
> 
> between commit:
> 
>   613dbd95723a ("netfilter: x_tables: move hook state into xt_action_param structure")
> 
> from Linus' tree and commit:
> 
>   36fe46d172e5 ("audit: normalize NETFILTER_PKT")
> 
> from the audit tree.

Lovely.  The fix looks fine to me.  Thanks!

> I fixed it up (see below) and can carry the fix as necessary. This
> is now fixed as far as linux-next is concerned, but any non trivial
> conflicts should be mentioned to your upstream maintainer when your tree
> is submitted for merging.  You may also want to consider cooperating
> with the maintainer of the conflicting tree to minimise any particularly
> complex conflicts.
> 
> P.S. You may want to consider a newer base for your tree ...
> -- 
> Cheers,
> Stephen Rothwell
> 
> diff --cc net/netfilter/xt_AUDIT.c
> index 19247a17e511,582ee54f6664..000000000000
> --- a/net/netfilter/xt_AUDIT.c
> +++ b/net/netfilter/xt_AUDIT.c
> @@@ -131,39 -78,24 +78,24 @@@ audit_tg(struct sk_buff *skb, const str
>   	if (ab == NULL)
>   		goto errout;
>   
> - 	audit_log_format(ab, "action=%hhu hook=%u len=%u inif=%s outif=%s",
> - 			 info->type, xt_hooknum(par), skb->len,
> - 			 xt_in(par) ? xt_inname(par) : "?",
> - 			 xt_out(par) ? xt_outname(par) : "?");
> - 
> - 	if (skb->mark)
> - 		audit_log_format(ab, " mark=%#x", skb->mark);
> - 
> - 	if (skb->dev && skb->dev->type == ARPHRD_ETHER) {
> - 		audit_log_format(ab, " smac=%pM dmac=%pM macproto=0x%04x",
> - 				 eth_hdr(skb)->h_source, eth_hdr(skb)->h_dest,
> - 				 ntohs(eth_hdr(skb)->h_proto));
> - 
> - 		if (xt_family(par) == NFPROTO_BRIDGE) {
> - 			switch (eth_hdr(skb)->h_proto) {
> - 			case htons(ETH_P_IP):
> - 				audit_ip4(ab, skb);
> - 				break;
> - 
> - 			case htons(ETH_P_IPV6):
> - 				audit_ip6(ab, skb);
> - 				break;
> - 			}
> - 		}
> - 	}
> + 	audit_log_format(ab, "mark=%#x", skb->mark);
>   
>  -	switch (par->family) {
>  +	switch (xt_family(par)) {
> + 	case NFPROTO_BRIDGE:
> + 		switch (eth_hdr(skb)->h_proto) {
> + 		case htons(ETH_P_IP):
> + 			fam = audit_ip4(ab, skb) ? NFPROTO_IPV4 : -1;
> + 			break;
> + 		case htons(ETH_P_IPV6):
> + 			fam = audit_ip6(ab, skb) ? NFPROTO_IPV6 : -1;
> + 			break;
> + 		}
> + 		break;
>   	case NFPROTO_IPV4:
> - 		audit_ip4(ab, skb);
> + 		fam = audit_ip4(ab, skb) ? NFPROTO_IPV4 : -1;
>   		break;
> - 
>   	case NFPROTO_IPV6:
> - 		audit_ip6(ab, skb);
> + 		fam = audit_ip6(ab, skb) ? NFPROTO_IPV6 : -1;
>   		break;
>   	}
>   

- RGB

--
Richard Guy Briggs <rgb@redhat.com>
Kernel Security Engineering, Base Operating Systems, Red Hat
Remote, Ottawa, Canada
Voice: +1.647.777.2635, Internal: (81) 32635

Re: linux-next: manual merge of the audit tree with Linus' tree

[Paul Moore]

On Thu, Mar 23, 2017 at 10:18 PM, Stephen Rothwell <sfr@canb.auug.org.au> wrote:
> Hi Paul,
>
> Today's linux-next merge of the audit tree got a conflict in:
>
>   net/netfilter/xt_AUDIT.c
>
> between commit:
>
>   613dbd95723a ("netfilter: x_tables: move hook state into xt_action_param structure")
>
> from Linus' tree and commit:
>
>   36fe46d172e5 ("audit: normalize NETFILTER_PKT")
>
> from the audit tree.
>
> I fixed it up (see below) and can carry the fix as necessary. This
> is now fixed as far as linux-next is concerned, but any non trivial
> conflicts should be mentioned to your upstream maintainer when your tree
> is submitted for merging.  You may also want to consider cooperating
> with the maintainer of the conflicting tree to minimise any particularly
> complex conflicts.
>
> P.S. You may want to consider a newer base for your tree ...

FWIW, the audit/next tree's base is old-ish for a reason; it is that
way out of awkwardness and not neglect.  Depending on how things go
today/this-weekend there are some audit patches in the queue which
will require a rebase to a much more current point in time (likely a
4.11-rcX tag, which presents its own challenges, but oh well).

-- 
paul moore
www.paul-moore.com

linux-next: manual merge of the audit tree with Linus' tree

[Stephen Rothwell]

Hi Paul,

Today's linux-next merge of the audit tree got a conflict in:

  include/uapi/linux/audit.h

between commits:

  7ff89ac608d9 ("audit: add exclude filter extension to feature bitmap")
  dcdaa2f9480c ("Merge branch 'stable-4.10' of git://git.infradead.org/users/pcmoore/audit")

from Linus' tree and commit:

  92c82e8a322b ("audit: add feature audit_lost reset")

from the audit tree.

I fixed it up (see below) and can carry the fix as necessary. This
is now fixed as far as linux-next is concerned, but any non trivial
conflicts should be mentioned to your upstream maintainer when your tree
is submitted for merging.  You may also want to consider cooperating
with the maintainer of the conflicting tree to minimise any particularly
complex conflicts.

-- 
Cheers,
Stephen Rothwell

diff --cc include/uapi/linux/audit.h
index 1c107cb1c83f,3f24110ae63c..000000000000
--- a/include/uapi/linux/audit.h
+++ b/include/uapi/linux/audit.h
@@@ -330,13 -331,14 +331,16 @@@ enum 
  #define AUDIT_FEATURE_BITMAP_BACKLOG_LIMIT	0x00000001
  #define AUDIT_FEATURE_BITMAP_BACKLOG_WAIT_TIME	0x00000002
  #define AUDIT_FEATURE_BITMAP_EXECUTABLE_PATH	0x00000004
 +#define AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND	0x00000008
  #define AUDIT_FEATURE_BITMAP_SESSIONID_FILTER	0x00000010
+ #define AUDIT_FEATURE_BITMAP_LOST_RESET		0x00000020
+ 
  #define AUDIT_FEATURE_BITMAP_ALL (AUDIT_FEATURE_BITMAP_BACKLOG_LIMIT | \
  				  AUDIT_FEATURE_BITMAP_BACKLOG_WAIT_TIME | \
  				  AUDIT_FEATURE_BITMAP_EXECUTABLE_PATH | \
 +				  AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND | \
- 				  AUDIT_FEATURE_BITMAP_SESSIONID_FILTER)
+ 				  AUDIT_FEATURE_BITMAP_SESSIONID_FILTER | \
+ 				  AUDIT_FEATURE_BITMAP_LOST_RESET)
  
  /* deprecated: AUDIT_VERSION_* */
  #define AUDIT_VERSION_LATEST 		AUDIT_FEATURE_BITMAP_ALL

Re: linux-next: manual merge of the audit tree with Linus' tree

[Richard Guy Briggs]

On 2017-01-19 13:51, Stephen Rothwell wrote:
> Hi Paul,

Hi Stephen,

> Today's linux-next merge of the audit tree got a conflict in:
> 
>   include/uapi/linux/audit.h
> 
> between commits:
> 
>   7ff89ac608d9 ("audit: add exclude filter extension to feature bitmap")
>   dcdaa2f9480c ("Merge branch 'stable-4.10' of git://git.infradead.org/users/pcmoore/audit")
> 
> from Linus' tree and commit:
> 
>   92c82e8a322b ("audit: add feature audit_lost reset")
> 
> from the audit tree.

This merge conflict was expected.

Your fix below looks as expected.

Thanks!  Sorry for the trouble.

> I fixed it up (see below) and can carry the fix as necessary. This
> is now fixed as far as linux-next is concerned, but any non trivial
> conflicts should be mentioned to your upstream maintainer when your tree
> is submitted for merging.  You may also want to consider cooperating
> with the maintainer of the conflicting tree to minimise any particularly
> complex conflicts.
> 
> -- 
> Cheers,
> Stephen Rothwell
> 
> diff --cc include/uapi/linux/audit.h
> index 1c107cb1c83f,3f24110ae63c..000000000000
> --- a/include/uapi/linux/audit.h
> +++ b/include/uapi/linux/audit.h
> @@@ -330,13 -331,14 +331,16 @@@ enum 
>   #define AUDIT_FEATURE_BITMAP_BACKLOG_LIMIT	0x00000001
>   #define AUDIT_FEATURE_BITMAP_BACKLOG_WAIT_TIME	0x00000002
>   #define AUDIT_FEATURE_BITMAP_EXECUTABLE_PATH	0x00000004
>  +#define AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND	0x00000008
>   #define AUDIT_FEATURE_BITMAP_SESSIONID_FILTER	0x00000010
> + #define AUDIT_FEATURE_BITMAP_LOST_RESET		0x00000020
> + 
>   #define AUDIT_FEATURE_BITMAP_ALL (AUDIT_FEATURE_BITMAP_BACKLOG_LIMIT | \
>   				  AUDIT_FEATURE_BITMAP_BACKLOG_WAIT_TIME | \
>   				  AUDIT_FEATURE_BITMAP_EXECUTABLE_PATH | \
>  +				  AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND | \
> - 				  AUDIT_FEATURE_BITMAP_SESSIONID_FILTER)
> + 				  AUDIT_FEATURE_BITMAP_SESSIONID_FILTER | \
> + 				  AUDIT_FEATURE_BITMAP_LOST_RESET)
>   
>   /* deprecated: AUDIT_VERSION_* */
>   #define AUDIT_VERSION_LATEST 		AUDIT_FEATURE_BITMAP_ALL

- RGB

--
Richard Guy Briggs <rgb@redhat.com>
Kernel Security Engineering, Base Operating Systems, Red Hat
Remote, Ottawa, Canada
Voice: +1.647.777.2635, Internal: (81) 32635

linux-next: manual merge of the audit tree with Linus' tree

[Stephen Rothwell]

Hi Paul,

Today's linux-next merge of the audit tree got a conflict in:

  include/uapi/linux/audit.h

between commit:

  7ff89ac608d9 ("audit: add exclude filter extension to feature bitmap")

from Linus' tree and commit:

  0489410368df ("audit: add support for session ID user filter")

from the audit tree.

I fixed it up (see below) and can carry the fix as necessary. This
is now fixed as far as linux-next is concerned, but any non trivial
conflicts should be mentioned to your upstream maintainer when your tree
is submitted for merging.  You may also want to consider cooperating
with the maintainer of the conflicting tree to minimise any particularly
complex conflicts.

-- 
Cheers,
Stephen Rothwell

diff --cc include/uapi/linux/audit.h
index 208df7b44e90,c8dc97bc2c1b..000000000000
--- a/include/uapi/linux/audit.h
+++ b/include/uapi/linux/audit.h
@@@ -329,11 -330,11 +330,13 @@@ enum 
  #define AUDIT_FEATURE_BITMAP_BACKLOG_LIMIT	0x00000001
  #define AUDIT_FEATURE_BITMAP_BACKLOG_WAIT_TIME	0x00000002
  #define AUDIT_FEATURE_BITMAP_EXECUTABLE_PATH	0x00000004
 +#define AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND	0x00000008
+ #define AUDIT_FEATURE_BITMAP_SESSIONID_FILTER	0x00000010
  #define AUDIT_FEATURE_BITMAP_ALL (AUDIT_FEATURE_BITMAP_BACKLOG_LIMIT | \
  				  AUDIT_FEATURE_BITMAP_BACKLOG_WAIT_TIME | \
  				  AUDIT_FEATURE_BITMAP_EXECUTABLE_PATH | \
- 				  AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND)
++				  AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND | \
+ 				  AUDIT_FEATURE_BITMAP_SESSIONID_FILTER)
  
  /* deprecated: AUDIT_VERSION_* */
  #define AUDIT_VERSION_LATEST 		AUDIT_FEATURE_BITMAP_ALL

Re: linux-next: manual merge of the audit tree with Linus' tree

[Richard Guy Briggs]

On 2016-11-22 16:29, Stephen Rothwell wrote:
> Hi Paul,

Hi Stephen,

> Today's linux-next merge of the audit tree got a conflict in:
> 
>   include/uapi/linux/audit.h
> 
> between commit:
> 
>   7ff89ac608d9 ("audit: add exclude filter extension to feature bitmap")
> 
> from Linus' tree and commit:
> 
>   0489410368df ("audit: add support for session ID user filter")
> 
> from the audit tree.

Ok, I expected this conflict...

> I fixed it up (see below) and can carry the fix as necessary. This
> is now fixed as far as linux-next is concerned, but any non trivial
> conflicts should be mentioned to your upstream maintainer when your tree
> is submitted for merging.  You may also want to consider cooperating
> with the maintainer of the conflicting tree to minimise any particularly
> complex conflicts.

The fix looks as expected.  Thanks!

> Stephen Rothwell
> 
> diff --cc include/uapi/linux/audit.h
> index 208df7b44e90,c8dc97bc2c1b..000000000000
> --- a/include/uapi/linux/audit.h
> +++ b/include/uapi/linux/audit.h
> @@@ -329,11 -330,11 +330,13 @@@ enum 
>   #define AUDIT_FEATURE_BITMAP_BACKLOG_LIMIT	0x00000001
>   #define AUDIT_FEATURE_BITMAP_BACKLOG_WAIT_TIME	0x00000002
>   #define AUDIT_FEATURE_BITMAP_EXECUTABLE_PATH	0x00000004
>  +#define AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND	0x00000008
> + #define AUDIT_FEATURE_BITMAP_SESSIONID_FILTER	0x00000010
>   #define AUDIT_FEATURE_BITMAP_ALL (AUDIT_FEATURE_BITMAP_BACKLOG_LIMIT | \
>   				  AUDIT_FEATURE_BITMAP_BACKLOG_WAIT_TIME | \
>   				  AUDIT_FEATURE_BITMAP_EXECUTABLE_PATH | \
> - 				  AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND)
> ++				  AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND | \
> + 				  AUDIT_FEATURE_BITMAP_SESSIONID_FILTER)
>   
>   /* deprecated: AUDIT_VERSION_* */
>   #define AUDIT_VERSION_LATEST 		AUDIT_FEATURE_BITMAP_ALL

- RGB

--
Richard Guy Briggs <rgb@redhat.com>
Kernel Security Engineering, Base Operating Systems, Red Hat
Remote, Ottawa, Canada
Voice: +1.647.777.2635, Internal: (81) 32635

Re: linux-next: manual merge of the audit tree with Linus' tree

[Paul Moore]

On Tue, Nov 22, 2016 at 5:35 AM, Richard Guy Briggs <rgb@redhat.com> wrote:
> On 2016-11-22 16:29, Stephen Rothwell wrote:
>> Hi Paul,
>
> Hi Stephen,
>
>> Today's linux-next merge of the audit tree got a conflict in:
>>
>>   include/uapi/linux/audit.h
>>
>> between commit:
>>
>>   7ff89ac608d9 ("audit: add exclude filter extension to feature bitmap")
>>
>> from Linus' tree and commit:
>>
>>   0489410368df ("audit: add support for session ID user filter")
>>
>> from the audit tree.
>
> Ok, I expected this conflict...
>
>> I fixed it up (see below) and can carry the fix as necessary. This
>> is now fixed as far as linux-next is concerned, but any non trivial
>> conflicts should be mentioned to your upstream maintainer when your tree
>> is submitted for merging.  You may also want to consider cooperating
>> with the maintainer of the conflicting tree to minimise any particularly
>> complex conflicts.
>
> The fix looks as expected.  Thanks!

Yes, +1 to what Richard already said; I've had to apply similar
patches for some of my test kernels.

-- 
paul moore
www.paul-moore.com

linux-next: manual merge of the audit tree with Linus' tree

[Stephen Rothwell]

Hi Paul,

Today's linux-next merge of the audit tree got a conflict in:

  kernel/audit.c

between commit:

  f48a942926c5 ("audit: include auditd's threads in audit_log_start() wait exception")

from Linus' tree and commit:

  14eeba1d242e ("audit: include auditd's threads in audit_log_start() wait exception")

from the audit tree.

This happened because the audit tree was rebased before being sent
to Linus and this patch was "tweaked".  I just used the version from
Linus' tree.  Please clean up the audit tree.

-- 
Cheers,
Stephen Rothwell                    sfr@canb.auug.org.au

Re: linux-next: manual merge of the audit tree with Linus' tree

[Paul Moore]

On Mon, Jan 18, 2016 at 8:02 PM, Stephen Rothwell <sfr@canb.auug.org.au> wrote:
> Hi Paul,
>
> Today's linux-next merge of the audit tree got a conflict in:
>
>   kernel/audit.c

Fixed.

-- 
paul moore
www.paul-moore.com

linux-next: manual merge of the audit tree with Linus' tree

[Stephen Rothwell]

Hi Paul,

Today's linux-next merge of the audit tree got a conflict in:

  kernel/audit.c

between commit:

  d0164adc89f6 ("mm, page_alloc: distinguish between being unable to sleep, unwilling to sleep and avoiding waking kswapd")

from Linus' tree and commit:

  14eeba1d242e ("audit: include auditd's threads in audit_log_start() wait exception")

from the audit tree.

I fixed it up (see below) and can carry the fix as necessary (no action
is required).

-- 
Cheers,
Stephen Rothwell                    sfr@canb.auug.org.au

diff --cc kernel/audit.c
index bc2ff61bc1d6,ca1b9cda2766..000000000000
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@@ -1371,9 -1371,9 +1371,9 @@@ struct audit_buffer *audit_log_start(st
  	if (unlikely(audit_filter_type(type)))
  		return NULL;
  
 -	if (gfp_mask & __GFP_WAIT) {
 +	if (gfp_mask & __GFP_DIRECT_RECLAIM) {
- 		if (audit_pid && audit_pid == current->pid)
+ 		if (audit_pid && audit_pid == current->tgid)
 -			gfp_mask &= ~__GFP_WAIT;
 +			gfp_mask &= ~__GFP_DIRECT_RECLAIM;
  		else
  			reserve = 0;
  	}

Re: linux-next: manual merge of the audit tree with Linus' tree

[Paul Moore]

On Wed, Nov 18, 2015 at 8:06 PM, Stephen Rothwell <sfr@canb.auug.org.au> wrote:
> Hi Paul,
>
> Today's linux-next merge of the audit tree got a conflict in:
>
>   kernel/audit.c
>
> between commit:
>
>   d0164adc89f6 ("mm, page_alloc: distinguish between being unable to sleep, unwilling to sleep and avoiding waking kswapd")
>
> from Linus' tree and commit:
>
>   14eeba1d242e ("audit: include auditd's threads in audit_log_start() wait exception")
>
> from the audit tree.
>
> I fixed it up (see below) and can carry the fix as necessary (no action
> is required).

Thanks Stephen, I found the same thing yesterday while doing some
testing; your patch looks good to me.

> diff --cc kernel/audit.c
> index bc2ff61bc1d6,ca1b9cda2766..000000000000
> --- a/kernel/audit.c
> +++ b/kernel/audit.c
> @@@ -1371,9 -1371,9 +1371,9 @@@ struct audit_buffer *audit_log_start(st
>         if (unlikely(audit_filter_type(type)))
>                 return NULL;
>
>  -      if (gfp_mask & __GFP_WAIT) {
>  +      if (gfp_mask & __GFP_DIRECT_RECLAIM) {
> -               if (audit_pid && audit_pid == current->pid)
> +               if (audit_pid && audit_pid == current->tgid)
>  -                      gfp_mask &= ~__GFP_WAIT;
>  +                      gfp_mask &= ~__GFP_DIRECT_RECLAIM;
>                 else
>                         reserve = 0;
>         }



-- 
paul moore
www.paul-moore.com

Re: linux-next: manual merge of the audit tree with Linus' tree

[Richard Guy Briggs]

On 15/11/19, Paul Moore wrote:
> On Wed, Nov 18, 2015 at 8:06 PM, Stephen Rothwell <sfr@canb.auug.org.au> wrote:
> > Hi Paul,
> >
> > Today's linux-next merge of the audit tree got a conflict in:
> >
> >   kernel/audit.c
> >
> > between commit:
> >
> >   d0164adc89f6 ("mm, page_alloc: distinguish between being unable to sleep, unwilling to sleep and avoiding waking kswapd")
> >
> > from Linus' tree and commit:
> >
> >   14eeba1d242e ("audit: include auditd's threads in audit_log_start() wait exception")
> >
> > from the audit tree.
> >
> > I fixed it up (see below) and can carry the fix as necessary (no action
> > is required).
> 
> Thanks Stephen, I found the same thing yesterday while doing some
> testing; your patch looks good to me.

Stephen, your patch looks fine to me.  I had some minor concerns about
deeper issues as to whether the original intent of that part of the
audit subsystem was affected by this change, but that is WRT the
conflicting patch rather than your merge.  After poking around a bit, I
don't have any outstanding concerns.

> > diff --cc kernel/audit.c
> > index bc2ff61bc1d6,ca1b9cda2766..000000000000
> > --- a/kernel/audit.c
> > +++ b/kernel/audit.c
> > @@@ -1371,9 -1371,9 +1371,9 @@@ struct audit_buffer *audit_log_start(st
> >         if (unlikely(audit_filter_type(type)))
> >                 return NULL;
> >
> >  -      if (gfp_mask & __GFP_WAIT) {
> >  +      if (gfp_mask & __GFP_DIRECT_RECLAIM) {
> > -               if (audit_pid && audit_pid == current->pid)
> > +               if (audit_pid && audit_pid == current->tgid)
> >  -                      gfp_mask &= ~__GFP_WAIT;
> >  +                      gfp_mask &= ~__GFP_DIRECT_RECLAIM;
> >                 else
> >                         reserve = 0;
> >         }
> 
> paul moore

- RGB

--
Richard Guy Briggs <rbriggs@redhat.com>
Senior Software Engineer, Kernel Security, AMER ENG Base Operating Systems, Red Hat
Remote, Ottawa, Canada
Voice: +1.647.777.2635, Internal: (81) 32635, Alt: +1.613.693.0684x3545

Re: linux-next: manual merge of the audit tree with Linus' tree

[Stephen Rothwell]

Hi Richard,

On Thu, 19 Nov 2015 13:30:12 -0500 Richard Guy Briggs <rgb@redhat.com> wrote:
>
> Stephen, your patch looks fine to me.  I had some minor concerns about
> deeper issues as to whether the original intent of that part of the
> audit subsystem was affected by this change, but that is WRT the
> conflicting patch rather than your merge.  After poking around a bit, I
> don't have any outstanding concerns.

Thanks for checking.
-- 
Cheers,
Stephen Rothwell                    sfr@canb.auug.org.au

linux-next: manual merge of the audit tree with Linus' tree

[Stephen Rothwell]

Hi Paul,

Today's linux-next merge of the audit tree got a conflict in:

  include/linux/lsm_audit.h

between commit:

  671a2781ff01 ("security: add ioctl specific auditing to lsm_audit")

from Linus' tree and commit:

  43cfd5e38587 ("audit: constify parts of common_audit_data and lsm_network_audit")

from the audit tree.

I fixed it up (see below) and can carry the fix as necessary (no action
is required).

-- 
Cheers,
Stephen Rothwell                    sfr@canb.auug.org.au

diff --cc include/linux/lsm_audit.h
index ffb9c9da4f39,6c4c7acd0e5e..000000000000
--- a/include/linux/lsm_audit.h
+++ b/include/linux/lsm_audit.h
@@@ -58,10 -53,9 +58,10 @@@ struct common_audit_data 
  #define LSM_AUDIT_DATA_KMOD	8
  #define LSM_AUDIT_DATA_INODE	9
  #define LSM_AUDIT_DATA_DENTRY	10
 +#define LSM_AUDIT_DATA_IOCTL_OP	11
  	union 	{
  		struct path path;
- 		struct dentry *dentry;
+ 		const struct dentry *dentry;
  		struct inode *inode;
  		struct lsm_network_audit *net;
  		int cap;
@@@ -70,11 -64,10 +70,11 @@@
  #ifdef CONFIG_KEYS
  		struct {
  			key_serial_t key;
- 			char *key_desc;
+ 			const char *key_desc;
  		} key_struct;
  #endif
- 		char *kmod_name;
+ 		const char *kmod_name;
 +		struct lsm_ioctlop_audit *op;
  	} u;
  	/* this union contains LSM specific data */
  	union {

Re: linux-next: manual merge of the audit tree with Linus' tree

[Paul Moore]

On Tuesday, October 06, 2015 01:55:01 PM Stephen Rothwell wrote:
> Hi Paul,
> 
> Today's linux-next merge of the audit tree got a conflict in:
> 
>   include/linux/lsm_audit.h
> 
> between commit:
> 
>   671a2781ff01 ("security: add ioctl specific auditing to lsm_audit")
> 
> from Linus' tree and commit:
> 
>   43cfd5e38587 ("audit: constify parts of common_audit_data and
> lsm_network_audit")
> 
> from the audit tree.
> 
> I fixed it up (see below) and can carry the fix as necessary (no action
> is required).

Thanks, that patch looks correct, although I'm going to drop the patch causing 
this problem for the time being as there are some oddities with the build 
warning that you posted which aren't immediately obvious to me.  Something 
weird is causing it to work in audit#next but throw a warning when applied on 
top of Linus' current ... I'll reapply the patch once I've resolved the issue.

-- 
paul moore
www.paul-moore.com

linux-next: manual merge of the audit tree with Linus' tree

[Stephen Rothwell]

Hi Paul,

Today's linux-next merge of the audit tree got a conflict in:

  kernel/audit.c

between commit:

  5985de6754a6 ("audit: code clean up")

from Linus' tree and commit:

  84cb777e6781 ("audit: use macros for unset inode and device values")

from the audit tree.

I fixed it up (see below) and can carry the fix as necessary (no action
is required).

-- 
Cheers,
Stephen Rothwell                    sfr@canb.auug.org.au

diff --cc kernel/audit.c
index f9e6065346db,060153dc47d4..000000000000
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@@ -1761,7 -1759,7 +1761,7 @@@ void audit_log_name(struct audit_contex
  	} else
  		audit_log_format(ab, " name=(null)");
  
- 	if (n->ino != (unsigned long)-1)
 -	if (n->ino != AUDIT_INO_UNSET) {
++	if (n->ino != AUDIT_INO_UNSET)
  		audit_log_format(ab, " inode=%lu"
  				 " dev=%02x:%02x mode=%#ho"
  				 " ouid=%u ogid=%u rdev=%02x:%02x",

Re: linux-next: manual merge of the audit tree with Linus' tree

[Richard Guy Briggs]

On 15/08/07, Stephen Rothwell wrote:
> Hi Paul,

Hi Stephen,

> Today's linux-next merge of the audit tree got a conflict in:
> 
>   kernel/audit.c
> 
> between commit:
> 
>   5985de6754a6 ("audit: code clean up")
> 
> from Linus' tree and commit:
> 
>   84cb777e6781 ("audit: use macros for unset inode and device values")
> 
> from the audit tree.
> 
> I fixed it up (see below) and can carry the fix as necessary (no action
> is required).

Yup, looks good, thanks!  :)

> -- 
> Cheers,
> Stephen Rothwell                    sfr@canb.auug.org.au
> 
> diff --cc kernel/audit.c
> index f9e6065346db,060153dc47d4..000000000000
> --- a/kernel/audit.c
> +++ b/kernel/audit.c
> @@@ -1761,7 -1759,7 +1761,7 @@@ void audit_log_name(struct audit_contex
>   	} else
>   		audit_log_format(ab, " name=(null)");
>   
> - 	if (n->ino != (unsigned long)-1)
>  -	if (n->ino != AUDIT_INO_UNSET) {
> ++	if (n->ino != AUDIT_INO_UNSET)
>   		audit_log_format(ab, " inode=%lu"
>   				 " dev=%02x:%02x mode=%#ho"
>   				 " ouid=%u ogid=%u rdev=%02x:%02x",

- RGB

--
Richard Guy Briggs <rbriggs@redhat.com>
Senior Software Engineer, Kernel Security, AMER ENG Base Operating Systems, Red Hat
Remote, Ottawa, Canada
Voice: +1.647.777.2635, Internal: (81) 32635, Alt: +1.613.693.0684x3545

linux-next: manual merge of the audit tree with Linus' tree

[Stephen Rothwell]

[-- Attachment #1: Type: text/plain, Size: 1023 bytes --]

Hi Paul,

Today's linux-next merge of the audit tree got a conflict in fs/exec.c
between commit 51f39a1f0cea ("syscalls: implement execveat() system
call") from Linus' tree and commit 5dc5218840e1 ("fs: create proper
filename objects using getname_kernel()") from the audit tree.

I fixed it up (see below) and can carry the fix as necessary (no action
is required).

-- 
Cheers,
Stephen Rothwell                    sfr@canb.auug.org.au

diff --cc fs/exec.c
index ad8798e26be9,d067771af6d4..000000000000
--- a/fs/exec.c
+++ b/fs/exec.c
@@@ -794,8 -789,15 +794,15 @@@ exit
  
  struct file *open_exec(const char *name)
  {
- 	struct filename tmp = { .name = name };
- 	return do_open_execat(AT_FDCWD, &tmp, 0);
+ 	struct file *file;
+ 	struct filename *tmp;
+ 
+ 	tmp = getname_kernel(name);
+ 	if (unlikely(IS_ERR(tmp)))
+ 		return (void *)tmp;
 -	file = do_open_exec(tmp);
++	file = do_open_execat(AT_FDCWD, tmp, 0);
+ 	putname(tmp);
+ 	return file;
  }
  EXPORT_SYMBOL(open_exec);
  

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

linux-next: manual merge of the audit tree with Linus' tree

[Stephen Rothwell]

[-- Attachment #1: Type: text/plain, Size: 759 bytes --]

Hi Paul,

Today's linux-next merge of the audit tree got a conflict in
include/linux/audit.h between commit 041d7b98ffe5 ("audit: restore
AUDIT_LOGINUID unset ABI") from Linus' tree and commit e80da768eae4
("audit: remove vestiges of vers_ops") from the audit tree.

I fixed it up (see below) and can carry the fix as necessary (no action
is required).

-- 
Cheers,
Stephen Rothwell                    sfr@canb.auug.org.au

diff --cc include/linux/audit.h
index af84234e1f6e,26710c5b9443..000000000000
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@@ -46,8 -46,6 +46,7 @@@ struct audit_tree
  struct sk_buff;
  
  struct audit_krule {
- 	int			vers_ops;
 +	u32			pflags;
  	u32			flags;
  	u32			listnr;
  	u32			action;

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

Re: linux-next: manual merge of the audit tree with Linus' tree

[Paul Moore]

On Mon, Jan 19, 2015 at 11:04 PM, Stephen Rothwell <sfr@canb.auug.org.au> wrote:
> Hi Paul,
>
> Today's linux-next merge of the audit tree got a conflict in
> include/linux/audit.h between commit 041d7b98ffe5 ("audit: restore
> AUDIT_LOGINUID unset ABI") from Linus' tree and commit e80da768eae4
> ("audit: remove vestiges of vers_ops") from the audit tree.

I suspect rebasing the audit next branch will resolve this issue as well.

-- 
paul moore
www.paul-moore.com

linux-next: manual merge of the audit tree with Linus' tree

[Stephen Rothwell]

[-- Attachment #1: Type: text/plain, Size: 2866 bytes --]

Hi Paul,

Today's linux-next merge of the audit tree got a conflict in
kernel/auditsc.c between commit 4a92843601ad ("audit: correctly record
file names with different path name types") and fcf22d8267ad ("audit:
create private file name copies when auditing inodes") from Linus' tree
and commits 997f7ee82a98 ("audit: enable filename recording via
getname_kernel()"), 2b1b63a2b7d3 ("audit: fix filename matching in
__audit_inode() and __audit_inode_child()") and 49463ee9d929 ("audit:
replace getname()/putname() hacks with reference counters") from the
audit tree.

It would have been nice if these new audit tree commits had been based
on v3.19-rc3 instead of v3.16 ... (especially since their Author dates
match their Committer dates).

I fixed it up (basically I used the audit tree versions - based on the
commit comments - see below) and can carry the fix as necessary (no
action is required).

-- 
Cheers,
Stephen Rothwell                    sfr@canb.auug.org.au

diff --cc kernel/auditsc.c
index 55f82fce2526,459a54555151..000000000000
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@@ -1878,48 -1802,17 +1804,15 @@@ void __audit_inode(struct filename *nam
  	}
  
  out_alloc:
 -	/* unable to find the name from a previous getname(). Allocate a new
 -	 * anonymous entry.
 -	 */
 +	/* unable to find an entry with both a matching name and type */
- 	n = audit_alloc_name(context, AUDIT_TYPE_UNKNOWN);
+ 	n = audit_alloc_name(context, AUDIT_TYPE_NORMAL);
  	if (!n)
  		return;
- 	/* unfortunately, while we may have a path name to record with the
- 	 * inode, we can't always rely on the string lasting until the end of
- 	 * the syscall so we need to create our own copy, it may fail due to
- 	 * memory allocation issues, but we do our best */
  	if (name) {
- 		/* we can't use getname_kernel() due to size limits */
- 		size_t len = strlen(name->name) + 1;
- 		struct filename *new = __getname();
- 
- 		if (unlikely(!new))
- 			goto out;
- 
- 		if (len <= (PATH_MAX - sizeof(*new))) {
- 			new->name = (char *)(new) + sizeof(*new);
- 			new->separate = false;
- 		} else if (len <= PATH_MAX) {
- 			/* this looks odd, but is due to final_putname() */
- 			struct filename *new2;
- 
- 			new2 = kmalloc(sizeof(*new2), GFP_KERNEL);
- 			if (unlikely(!new2)) {
- 				__putname(new);
- 				goto out;
- 			}
- 			new2->name = (char *)new;
- 			new2->separate = true;
- 			new = new2;
- 		} else {
- 			/* we should never get here, but let's be safe */
- 			__putname(new);
- 			goto out;
- 		}
- 		strlcpy((char *)new->name, name->name, len);
- 		new->uptr = NULL;
- 		new->aname = n;
- 		n->name = new;
- 		n->name_put = true;
+ 		n->name = name;
+ 		name->refcnt++;
  	}
+ 
  out:
  	if (parent) {
  		n->name_len = n->name ? parent_len(n->name->name) : AUDIT_NAME_FULL;

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

linux-next: manual merge of the audit tree with Linus' tree

[Stephen Rothwell]

[-- Attachment #1: Type: text/plain, Size: 1189 bytes --]

Hi Eric,

Today's linux-next merge of the audit tree got a conflict in
arch/mips/kernel/ptrace.c between commits 6e34574603f6 ("MIPS: asm:
syscall: Define syscall_get_arch") and 1225eb825208("MIPS: ptrace: Move
away from secure_computing_strict") from Linus' tree and commit
8ea408a0c1e7 ("ARCH: AUDIT: audit_syscall_entry() should not require the
arch") from the audit tree.

I fixed it up (see below) and can carry the fix as necessary (no action
is required).

-- 
Cheers,
Stephen Rothwell                    sfr@canb.auug.org.au

diff --cc arch/mips/kernel/ptrace.c
index 71f85f427034,8b393bcf7919..000000000000
--- a/arch/mips/kernel/ptrace.c
+++ b/arch/mips/kernel/ptrace.c
@@@ -649,11 -677,8 +649,9 @@@ asmlinkage long syscall_trace_enter(str
  	if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT)))
  		trace_sys_enter(regs, regs->regs[2]);
  
- 	audit_syscall_entry(syscall_get_arch(),
- 			    syscall,
- 			    regs->regs[4], regs->regs[5],
 -	audit_syscall_entry(regs->regs[2], regs->regs[4], regs->regs[5],
++	audit_syscall_entry(syscall, regs->regs[4], regs->regs[5],
  			    regs->regs[6], regs->regs[7]);
 +	return syscall;
  }
  
  /*

[-- Attachment #2: Type: application/pgp-signature, Size: 836 bytes --]

linux-next: manual merge of the audit tree with Linus' tree

[Stephen Rothwell]

[-- Attachment #1: Type: text/plain, Size: 843 bytes --]

Hi Eric,

Today's linux-next merge of the audit tree got conflicts in
arch/mips/include/asm/syscall.h, arch/x86/Kconfig and kernel/audit.c
between commits from Linus' tree and commit 596b0569084b ("Merge tag
'v3.14' into mergeing") from the audit tree.

This happened because you merged Linus' tag v3.14 into your tree.  In
this case, that merge had conflicts that you resolved differently to the
way Linus had resolved them when he merged your tree for v3.15-rc1.  I
fixed it up (by using Linus' version) and can carry the fix as necessary
(no action is required).

You could have avoided this by doing a fast forward merge of v3.15-rc1
instead of the v3.14 merge (since everything in your tree before that
merge was also in Linus' tree by v3.15-rc1).

-- 
Cheers,
Stephen Rothwell                    sfr@canb.auug.org.au

[-- Attachment #2: Type: application/pgp-signature, Size: 836 bytes --]

Re: linux-next: manual merge of the audit tree with Linus' tree

[Eric Paris]

On Wed, 2014-04-16 at 14:02 +1000, Stephen Rothwell wrote:

> You could have avoided this by doing a fast forward merge of v3.15-rc1
> instead of the v3.14 merge (since everything in your tree before that
> merge was also in Linus' tree by v3.15-rc1).

This is a situation I've never really known the right way to handle.  I
certainly could/can fast forward to 3.15-rc1, but then I have a random
crap development base for the audit tree.  Which is especially bad sine
-rc1 doesn't even boot on my main machine.

What I've always done is to merge the last release right after the pull
and go from there, but it clearly leaves conflict potential

Which is preferred?  I've always enjoyed having my trees based on a
release....

linux-next: manual merge of the audit tree with Linus' tree

[Stephen Rothwell]

[-- Attachment #1: Type: text/plain, Size: 1705 bytes --]

Hi Eric,

Today's linux-next merge of the audit tree got a conflict in
kernel/audit.c between commit aa4af831bb4f ("AUDIT: Allow login in
non-init namespaces") from Linus' tree and commit 5a3cb3b6c3a0 ("audit:
allow user processes to log from another PID namespace") from the audit
tree.

I fixed it up (see below) and can carry the fix as necessary (no action
is required).

[Eric: that audit tree commit has no Signed-off-by from you even though
you committed it ... there are a few like that]
-- 
Cheers,
Stephen Rothwell                    sfr@canb.auug.org.au

diff --cc kernel/audit.c
index 95a20f3f52f1,ad77d1e80895..000000000000
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@@ -607,20 -607,9 +607,19 @@@ static int audit_netlink_ok(struct sk_b
  {
  	int err = 0;
  
- 	/* Only support the initial namespaces for now. */
+ 	/* Only support initial user namespace for now. */
 +	/*
 +	 * We return ECONNREFUSED because it tricks userspace into thinking
 +	 * that audit was not configured into the kernel.  Lots of users
 +	 * configure their PAM stack (because that's what the distro does)
 +	 * to reject login if unable to send messages to audit.  If we return
 +	 * ECONNREFUSED the PAM stack thinks the kernel does not have audit
 +	 * configured in and will let login proceed.  If we return EPERM
 +	 * userspace will reject all logins.  This should be removed when we
 +	 * support non init namespaces!!
 +	 */
- 	if ((current_user_ns() != &init_user_ns) ||
- 	    (task_active_pid_ns(current) != &init_pid_ns))
+ 	if ((current_user_ns() != &init_user_ns))
 -		return -EPERM;
 +		return -ECONNREFUSED;
  
  	switch (msg_type) {
  	case AUDIT_LIST:

[-- Attachment #2: Type: application/pgp-signature, Size: 836 bytes --]

Re: linux-next: manual merge of the audit tree with Linus' tree

[Richard Guy Briggs]

On 14/04/01, Stephen Rothwell wrote:
> Hi Eric,

Hi Stephen,

> Today's linux-next merge of the audit tree got a conflict in
> kernel/audit.c between commit aa4af831bb4f ("AUDIT: Allow login in
> non-init namespaces") from Linus' tree and commit 5a3cb3b6c3a0 ("audit:
> allow user processes to log from another PID namespace") from the audit
> tree.
> 
> I fixed it up (see below) and can carry the fix as necessary (no action
> is required).

I expected this conflict.  Thanks for fixing it up!

> [Eric: that audit tree commit has no Signed-off-by from you even though
> you committed it ... there are a few like that]

I added my Signed-off to the list posting.

> -- 
> Cheers,
> Stephen Rothwell                    sfr@canb.auug.org.au
> 
> diff --cc kernel/audit.c
> index 95a20f3f52f1,ad77d1e80895..000000000000
> --- a/kernel/audit.c
> +++ b/kernel/audit.c
> @@@ -607,20 -607,9 +607,19 @@@ static int audit_netlink_ok(struct sk_b
>   {
>   	int err = 0;
>   
> - 	/* Only support the initial namespaces for now. */
> + 	/* Only support initial user namespace for now. */
>  +	/*
>  +	 * We return ECONNREFUSED because it tricks userspace into thinking
>  +	 * that audit was not configured into the kernel.  Lots of users
>  +	 * configure their PAM stack (because that's what the distro does)
>  +	 * to reject login if unable to send messages to audit.  If we return
>  +	 * ECONNREFUSED the PAM stack thinks the kernel does not have audit
>  +	 * configured in and will let login proceed.  If we return EPERM
>  +	 * userspace will reject all logins.  This should be removed when we
>  +	 * support non init namespaces!!
>  +	 */
> - 	if ((current_user_ns() != &init_user_ns) ||
> - 	    (task_active_pid_ns(current) != &init_pid_ns))
> + 	if ((current_user_ns() != &init_user_ns))
>  -		return -EPERM;
>  +		return -ECONNREFUSED;
>   
>   	switch (msg_type) {
>   	case AUDIT_LIST:



- RGB

--
Richard Guy Briggs <rbriggs@redhat.com>
Senior Software Engineer, Kernel Security, AMER ENG Base Operating Systems, Red Hat
Remote, Ottawa, Canada
Voice: +1.647.777.2635, Internal: (81) 32635, Alt: +1.613.693.0684x3545

Re: linux-next: manual merge of the audit tree with Linus' tree

[Stephen Rothwell]

[-- Attachment #1: Type: text/plain, Size: 625 bytes --]

Hi Richard,

On Tue, 1 Apr 2014 08:54:13 -0400 Richard Guy Briggs <rgb@redhat.com> wrote:
>
> > [Eric: that audit tree commit has no Signed-off-by from you even though
> > you committed it ... there are a few like that]
> 
> I added my Signed-off to the list posting.

The point is that Eric (Paris) committed your patch to his "audit" tree
(at least the commit in his tree indicates that he was the committer) and
(presumably) will ask Linus to pull his tree, but did not add his
Signed-off-by to the commit (which he should have done).

-- 
Cheers,
Stephen Rothwell                    sfr@canb.auug.org.au

[-- Attachment #2: Type: application/pgp-signature, Size: 836 bytes --]

linux-next: manual merge of the audit tree with Linus' tree

[Stephen Rothwell]

[-- Attachment #1: Type: text/plain, Size: 2921 bytes --]

Hi Eric,

Today's linux-next merge of the audit tree got a conflict in
include/net/xfrm.h between commit d511337a1eda ("xfrm.h: Remove extern
from function prototypes") from Linus' tree and commit 4440e8548153
("audit: convert all sessionid declaration to unsigned int") from the
audit tree.

I fixed it up (see below) and can carry the fix as necessary (no action
is required).

-- 
Cheers,
Stephen Rothwell                    sfr@canb.auug.org.au

diff --cc include/net/xfrm.h
index cd7c46ff6f1f,f8d32b908423..000000000000
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@@ -714,23 -713,23 +714,23 @@@ static inline void xfrm_audit_helper_us
  		audit_log_task_context(audit_buf);
  }
  
 -extern void xfrm_audit_policy_add(struct xfrm_policy *xp, int result,
 -				  kuid_t auid, unsigned int ses, u32 secid);
 -extern void xfrm_audit_policy_delete(struct xfrm_policy *xp, int result,
 -				  kuid_t auid, unsigned int ses, u32 secid);
 -extern void xfrm_audit_state_add(struct xfrm_state *x, int result,
 -				 kuid_t auid, unsigned int ses, u32 secid);
 -extern void xfrm_audit_state_delete(struct xfrm_state *x, int result,
 -				    kuid_t auid, unsigned int ses, u32 secid);
 -extern void xfrm_audit_state_replay_overflow(struct xfrm_state *x,
 -					     struct sk_buff *skb);
 -extern void xfrm_audit_state_replay(struct xfrm_state *x,
 -				    struct sk_buff *skb, __be32 net_seq);
 -extern void xfrm_audit_state_notfound_simple(struct sk_buff *skb, u16 family);
 -extern void xfrm_audit_state_notfound(struct sk_buff *skb, u16 family,
 -				      __be32 net_spi, __be32 net_seq);
 -extern void xfrm_audit_state_icvfail(struct xfrm_state *x,
 -				     struct sk_buff *skb, u8 proto);
 +void xfrm_audit_policy_add(struct xfrm_policy *xp, int result, kuid_t auid,
- 			   u32 ses, u32 secid);
++			   unsigned int ses, u32 secid);
 +void xfrm_audit_policy_delete(struct xfrm_policy *xp, int result, kuid_t auid,
- 			      u32 ses, u32 secid);
++			      unsigned int ses, u32 secid);
 +void xfrm_audit_state_add(struct xfrm_state *x, int result, kuid_t auid,
- 			  u32 ses, u32 secid);
++			  unsigned int ses, u32 secid);
 +void xfrm_audit_state_delete(struct xfrm_state *x, int result, kuid_t auid,
- 			     u32 ses, u32 secid);
++			     unsigned int ses, u32 secid);
 +void xfrm_audit_state_replay_overflow(struct xfrm_state *x,
 +				      struct sk_buff *skb);
 +void xfrm_audit_state_replay(struct xfrm_state *x, struct sk_buff *skb,
 +			     __be32 net_seq);
 +void xfrm_audit_state_notfound_simple(struct sk_buff *skb, u16 family);
 +void xfrm_audit_state_notfound(struct sk_buff *skb, u16 family, __be32 net_spi,
 +			       __be32 net_seq);
 +void xfrm_audit_state_icvfail(struct xfrm_state *x, struct sk_buff *skb,
 +			      u8 proto);
  #else
  
  static inline void xfrm_audit_policy_add(struct xfrm_policy *xp, int result,

[-- Attachment #2: Type: application/pgp-signature, Size: 836 bytes --]

linux-next: manual merge of the audit tree with Linus' tree

[Stephen Rothwell]

[-- Attachment #1: Type: text/plain, Size: 4129 bytes --]

Hi Eric,

Today's linux-next merge of the audit tree got a conflict in fs/exec.c
between commit(s) from Linus' tree and commit 9410d228a4cf ("audit: call
audit_bprm() only once to add AUDIT_EXECVE information") from the audit
tree.

I fixed it up (using the supplied resolution - thanks - see below) and can
carry the fix as necessary (no action is required).

-- 
Cheers,
Stephen Rothwell                    sfr@canb.auug.org.au

diff --cc fs/exec.c
index 8875dd10ae7a,c5c24f2fc44a..000000000000
--- a/fs/exec.c
+++ b/fs/exec.c
@@@ -1385,71 -1383,72 +1385,68 @@@ int search_binary_handler(struct linux_
  	if (retval)
  		return retval;
  
- 	retval = audit_bprm(bprm);
- 	if (retval)
- 		return retval;
- 
 +	retval = -ENOENT;
 + retry:
 +	read_lock(&binfmt_lock);
 +	list_for_each_entry(fmt, &formats, lh) {
 +		if (!try_module_get(fmt->module))
 +			continue;
 +		read_unlock(&binfmt_lock);
 +		bprm->recursion_depth++;
 +		retval = fmt->load_binary(bprm);
 +		bprm->recursion_depth--;
 +		if (retval >= 0 || retval != -ENOEXEC ||
 +		    bprm->mm == NULL || bprm->file == NULL) {
 +			put_binfmt(fmt);
 +			return retval;
 +		}
 +		read_lock(&binfmt_lock);
 +		put_binfmt(fmt);
 +	}
 +	read_unlock(&binfmt_lock);
 +
 +	if (need_retry && retval == -ENOEXEC) {
 +		if (printable(bprm->buf[0]) && printable(bprm->buf[1]) &&
 +		    printable(bprm->buf[2]) && printable(bprm->buf[3]))
 +			return retval;
 +		if (request_module("binfmt-%04x", *(ushort *)(bprm->buf + 2)) < 0)
 +			return retval;
 +		need_retry = false;
 +		goto retry;
 +	}
 +
 +	return retval;
 +}
 +EXPORT_SYMBOL(search_binary_handler);
 +
 +static int exec_binprm(struct linux_binprm *bprm)
 +{
 +	pid_t old_pid, old_vpid;
 +	int ret;
 +
  	/* Need to fetch pid before load_binary changes it */
  	old_pid = current->pid;
  	rcu_read_lock();
  	old_vpid = task_pid_nr_ns(current, task_active_pid_ns(current->parent));
  	rcu_read_unlock();
  
 -	retval = -ENOENT;
 -	for (try=0; try<2; try++) {
 -		read_lock(&binfmt_lock);
 -		list_for_each_entry(fmt, &formats, lh) {
 -			int (*fn)(struct linux_binprm *) = fmt->load_binary;
 -			if (!fn)
 -				continue;
 -			if (!try_module_get(fmt->module))
 -				continue;
 -			read_unlock(&binfmt_lock);
 -			bprm->recursion_depth = depth + 1;
 -			retval = fn(bprm);
 -			bprm->recursion_depth = depth;
 -			if (retval >= 0) {
 -				if (depth == 0) {
 -					audit_bprm(bprm);
 -					trace_sched_process_exec(current, old_pid, bprm);
 -					ptrace_event(PTRACE_EVENT_EXEC, old_vpid);
 -				}
 -				put_binfmt(fmt);
 -				allow_write_access(bprm->file);
 -				if (bprm->file)
 -					fput(bprm->file);
 -				bprm->file = NULL;
 -				current->did_exec = 1;
 -				proc_exec_connector(current);
 -				return retval;
 -			}
 -			read_lock(&binfmt_lock);
 -			put_binfmt(fmt);
 -			if (retval != -ENOEXEC || bprm->mm == NULL)
 -				break;
 -			if (!bprm->file) {
 -				read_unlock(&binfmt_lock);
 -				return retval;
 -			}
 +	ret = search_binary_handler(bprm);
 +	if (ret >= 0) {
++		audit_bprm(bprm);
 +		trace_sched_process_exec(current, old_pid, bprm);
 +		ptrace_event(PTRACE_EVENT_EXEC, old_vpid);
 +		current->did_exec = 1;
 +		proc_exec_connector(current);
 +
 +		if (bprm->file) {
 +			allow_write_access(bprm->file);
 +			fput(bprm->file);
 +			bprm->file = NULL; /* to catch use-after-free */
  		}
 -		read_unlock(&binfmt_lock);
 -#ifdef CONFIG_MODULES
 -		if (retval != -ENOEXEC || bprm->mm == NULL) {
 -			break;
 -		} else {
 -#define printable(c) (((c)=='\t') || ((c)=='\n') || (0x20<=(c) && (c)<=0x7e))
 -			if (printable(bprm->buf[0]) &&
 -			    printable(bprm->buf[1]) &&
 -			    printable(bprm->buf[2]) &&
 -			    printable(bprm->buf[3]))
 -				break; /* -ENOEXEC */
 -			if (try)
 -				break; /* -ENOEXEC */
 -			request_module("binfmt-%04x", *(unsigned short *)(&bprm->buf[2]));
 -		}
 -#else
 -		break;
 -#endif
  	}
 -	return retval;
 -}
  
 -EXPORT_SYMBOL(search_binary_handler);
 +	return ret;
 +}
  
  /*
   * sys_execve() executes a new program.

[-- Attachment #2: Type: application/pgp-signature, Size: 836 bytes --]