From: Paul Moore <paul@paul-moore.com>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: linux-audit@redhat.com, linux-kernel@vger.kernel.org
Subject: [GIT PULL] Audit patches for v5.8
Date: Mon, 1 Jun 2020 20:48:59 -0400 [thread overview]
Message-ID: <CAHC9VhQqnAG5DxvoQKa643d06rDTVtHVFEj5arCsHwyoamCckA@mail.gmail.com> (raw)
Hi Linus,
Here is the set of audit patches for the v5.8 merge window, all
patches pass our test suite and as of a few minutes ago they also
merge cleanly with the top of your tree. Unfortunately I just noticed
that one of the commit subject lines is truncated - sorry about that,
it's my fault not Richard's - but since the important part is there
("add subj creds to NETFILTER_CFG") I opted to leave it as-is and not
disrupt the git log. If you would rather have the subject line fixed,
let me know and I'll correct it.
A quick summary of the significant patches:
- Record information about binds/unbinds to the audit multicast
socket. This helps identify which processes have/had access to the
information in the audit stream.
- Cleanup and add some additional information to the netfilter
configuration events collected by audit.
- Fix some of the audit error handling code so we don't leak network
namespace references.
Thanks,
-Paul
--
The following changes since commit 8f3d9f354286745c751374f5f1fcafee6b3f3136:
Linux 5.7-rc1 (2020-04-12 12:35:55 -0700)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git
tags/audit-pr-20200601
for you to fetch changes up to 9d44a121c5a79bc8a9d67c058456bd52a83c79e7:
audit: add subj creds to NETFILTER_CFG record to
(2020-05-20 18:09:19 -0400)
----------------------------------------------------------------
audit/stable-5.8 PR 20200601
----------------------------------------------------------------
Gustavo A. R. Silva (1):
audit: Replace zero-length array with flexible-array
Paul Moore (2):
audit: fix a net reference leak in audit_send_reply()
audit: fix a net reference leak in audit_list_rules_send()
Richard Guy Briggs (4):
audit: log audit netlink multicast bind and unbind
audit: tidy and extend netfilter_cfg x_tables
netfilter: add audit table unregister actions
audit: add subj creds to NETFILTER_CFG record to
Zheng Bin (1):
audit: make symbol 'audit_nfcfgs' static
include/linux/audit.h | 24 +++++++++-
include/uapi/linux/audit.h | 1 +
kernel/audit.c | 100 +++++++++++++++++++++++++++---------
kernel/audit.h | 2 +-
kernel/auditfilter.c | 16 +++----
kernel/auditsc.c | 31 +++++++++++++
net/bridge/netfilter/ebtables.c | 14 +++---
net/netfilter/x_tables.c | 14 ++----
8 files changed, 148 insertions(+), 54 deletions(-)
--
paul moore
www.paul-moore.com
next reply other threads:[~2020-06-02 0:49 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-06-02 0:48 Paul Moore [this message]
2020-06-03 0:15 ` [GIT PULL] Audit patches for v5.8 Linus Torvalds
2020-06-03 1:10 ` pr-tracker-bot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAHC9VhQqnAG5DxvoQKa643d06rDTVtHVFEj5arCsHwyoamCckA@mail.gmail.com \
--to=paul@paul-moore.com \
--cc=linux-audit@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).