Re: linux-next: manual merge of the audit tree with Linus' tree
On Mon, Apr 8, 2019 at 1:15 PM Dmitry V. Levin wrote: > On Mon, Apr 08, 2019 at 11:31:31AM +1000, Stephen Rothwell wrote: > > Hi all, > > > > Today's linux-next merge of the audit tree got conflicts in: > > > > arch/mips/kernel/ptrace.c > > kernel/seccomp.c > > > > between commit: > > > > b35f549df1d7 ("syscalls: Remove start and number from > > syscall_get_arguments() args") > > > > from Linus' tree and commit: > > > > 16add411645c ("syscall_get_arch: add "struct task_struct *" argument") > > > > from the audit tree. > > > > I fixed it up (see below) and can carry the fix as necessary. This > > is now fixed as far as linux-next is concerned, but any non trivial > > conflicts should be mentioned to your upstream maintainer when your tree > > is submitted for merging. You may also want to consider cooperating > > with the maintainer of the conflicting tree to minimise any particularly > > complex conflicts. > > Thanks, the merge fix is correct. > I've also re-tested it using the new selftests/ptrace test > from PTRACE_GET_SYSCALL_INFO patchset. Thanks for the verification Dmitry. Stephen, thanks for the heads-up, I'll pass this along to Linus come merge time. -- paul moore www.paul-moore.com
Re: linux-next: manual merge of the audit tree with Linus' tree
On Mon, Apr 08, 2019 at 11:31:31AM +1000, Stephen Rothwell wrote: > Hi all, > > Today's linux-next merge of the audit tree got conflicts in: > > arch/mips/kernel/ptrace.c > kernel/seccomp.c > > between commit: > > b35f549df1d7 ("syscalls: Remove start and number from > syscall_get_arguments() args") > > from Linus' tree and commit: > > 16add411645c ("syscall_get_arch: add "struct task_struct *" argument") > > from the audit tree. > > I fixed it up (see below) and can carry the fix as necessary. This > is now fixed as far as linux-next is concerned, but any non trivial > conflicts should be mentioned to your upstream maintainer when your tree > is submitted for merging. You may also want to consider cooperating > with the maintainer of the conflicting tree to minimise any particularly > complex conflicts. Thanks, the merge fix is correct. I've also re-tested it using the new selftests/ptrace test from PTRACE_GET_SYSCALL_INFO patchset. -- ldv signature.asc Description: PGP signature
linux-next: manual merge of the audit tree with Linus' tree
Hi all, Today's linux-next merge of the audit tree got conflicts in: arch/mips/kernel/ptrace.c kernel/seccomp.c between commit: b35f549df1d7 ("syscalls: Remove start and number from syscall_get_arguments() args") from Linus' tree and commit: 16add411645c ("syscall_get_arch: add "struct task_struct *" argument") from the audit tree. I fixed it up (see below) and can carry the fix as necessary. This is now fixed as far as linux-next is concerned, but any non trivial conflicts should be mentioned to your upstream maintainer when your tree is submitted for merging. You may also want to consider cooperating with the maintainer of the conflicting tree to minimise any particularly complex conflicts. -- Cheers, Stephen Rothwell diff --cc arch/mips/kernel/ptrace.c index 3a62f80958e1,2ead6ff919b7.. --- a/arch/mips/kernel/ptrace.c +++ b/arch/mips/kernel/ptrace.c @@@ -1418,8 -1418,8 +1418,8 @@@ asmlinkage long syscall_trace_enter(str unsigned long args[6]; sd.nr = syscall; - sd.arch = syscall_get_arch(); + sd.arch = syscall_get_arch(current); - syscall_get_arguments(current, regs, 0, 6, args); + syscall_get_arguments(current, regs, args); for (i = 0; i < 6; i++) sd.args[i] = args[i]; sd.instruction_pointer = KSTK_EIP(current); diff --cc kernel/seccomp.c index df27e499956a,36f36ab00f48.. --- a/kernel/seccomp.c +++ b/kernel/seccomp.c @@@ -148,8 -148,8 +148,8 @@@ static void populate_seccomp_data(struc unsigned long args[6]; sd->nr = syscall_get_nr(task, regs); - sd->arch = syscall_get_arch(); + sd->arch = syscall_get_arch(task); - syscall_get_arguments(task, regs, 0, 6, args); + syscall_get_arguments(task, regs, args); sd->args[0] = args[0]; sd->args[1] = args[1]; sd->args[2] = args[2]; pgpzceiLMortN.pgp Description: OpenPGP digital signature
Re: linux-next: manual merge of the audit tree with Linus' tree
On Thu, Mar 23, 2017 at 10:18 PM, Stephen Rothwellwrote: > Hi Paul, > > Today's linux-next merge of the audit tree got a conflict in: > > net/netfilter/xt_AUDIT.c > > between commit: > > 613dbd95723a ("netfilter: x_tables: move hook state into xt_action_param > structure") > > from Linus' tree and commit: > > 36fe46d172e5 ("audit: normalize NETFILTER_PKT") > > from the audit tree. > > I fixed it up (see below) and can carry the fix as necessary. This > is now fixed as far as linux-next is concerned, but any non trivial > conflicts should be mentioned to your upstream maintainer when your tree > is submitted for merging. You may also want to consider cooperating > with the maintainer of the conflicting tree to minimise any particularly > complex conflicts. > > P.S. You may want to consider a newer base for your tree ... FWIW, the audit/next tree's base is old-ish for a reason; it is that way out of awkwardness and not neglect. Depending on how things go today/this-weekend there are some audit patches in the queue which will require a rebase to a much more current point in time (likely a 4.11-rcX tag, which presents its own challenges, but oh well). -- paul moore www.paul-moore.com
Re: linux-next: manual merge of the audit tree with Linus' tree
On Thu, Mar 23, 2017 at 10:18 PM, Stephen Rothwell wrote: > Hi Paul, > > Today's linux-next merge of the audit tree got a conflict in: > > net/netfilter/xt_AUDIT.c > > between commit: > > 613dbd95723a ("netfilter: x_tables: move hook state into xt_action_param > structure") > > from Linus' tree and commit: > > 36fe46d172e5 ("audit: normalize NETFILTER_PKT") > > from the audit tree. > > I fixed it up (see below) and can carry the fix as necessary. This > is now fixed as far as linux-next is concerned, but any non trivial > conflicts should be mentioned to your upstream maintainer when your tree > is submitted for merging. You may also want to consider cooperating > with the maintainer of the conflicting tree to minimise any particularly > complex conflicts. > > P.S. You may want to consider a newer base for your tree ... FWIW, the audit/next tree's base is old-ish for a reason; it is that way out of awkwardness and not neglect. Depending on how things go today/this-weekend there are some audit patches in the queue which will require a rebase to a much more current point in time (likely a 4.11-rcX tag, which presents its own challenges, but oh well). -- paul moore www.paul-moore.com
Re: linux-next: manual merge of the audit tree with Linus' tree
On 2017-03-24 13:18, Stephen Rothwell wrote: > Hi Paul, Hi Stephen, > Today's linux-next merge of the audit tree got a conflict in: > > net/netfilter/xt_AUDIT.c > > between commit: > > 613dbd95723a ("netfilter: x_tables: move hook state into xt_action_param > structure") > > from Linus' tree and commit: > > 36fe46d172e5 ("audit: normalize NETFILTER_PKT") > > from the audit tree. Lovely. The fix looks fine to me. Thanks! > I fixed it up (see below) and can carry the fix as necessary. This > is now fixed as far as linux-next is concerned, but any non trivial > conflicts should be mentioned to your upstream maintainer when your tree > is submitted for merging. You may also want to consider cooperating > with the maintainer of the conflicting tree to minimise any particularly > complex conflicts. > > P.S. You may want to consider a newer base for your tree ... > -- > Cheers, > Stephen Rothwell > > diff --cc net/netfilter/xt_AUDIT.c > index 19247a17e511,582ee54f6664.. > --- a/net/netfilter/xt_AUDIT.c > +++ b/net/netfilter/xt_AUDIT.c > @@@ -131,39 -78,24 +78,24 @@@ audit_tg(struct sk_buff *skb, const str > if (ab == NULL) > goto errout; > > - audit_log_format(ab, "action=%hhu hook=%u len=%u inif=%s outif=%s", > - info->type, xt_hooknum(par), skb->len, > - xt_in(par) ? xt_inname(par) : "?", > - xt_out(par) ? xt_outname(par) : "?"); > - > - if (skb->mark) > - audit_log_format(ab, " mark=%#x", skb->mark); > - > - if (skb->dev && skb->dev->type == ARPHRD_ETHER) { > - audit_log_format(ab, " smac=%pM dmac=%pM macproto=0x%04x", > - eth_hdr(skb)->h_source, eth_hdr(skb)->h_dest, > - ntohs(eth_hdr(skb)->h_proto)); > - > - if (xt_family(par) == NFPROTO_BRIDGE) { > - switch (eth_hdr(skb)->h_proto) { > - case htons(ETH_P_IP): > - audit_ip4(ab, skb); > - break; > - > - case htons(ETH_P_IPV6): > - audit_ip6(ab, skb); > - break; > - } > - } > - } > + audit_log_format(ab, "mark=%#x", skb->mark); > > -switch (par->family) { > +switch (xt_family(par)) { > + case NFPROTO_BRIDGE: > + switch (eth_hdr(skb)->h_proto) { > + case htons(ETH_P_IP): > + fam = audit_ip4(ab, skb) ? NFPROTO_IPV4 : -1; > + break; > + case htons(ETH_P_IPV6): > + fam = audit_ip6(ab, skb) ? NFPROTO_IPV6 : -1; > + break; > + } > + break; > case NFPROTO_IPV4: > - audit_ip4(ab, skb); > + fam = audit_ip4(ab, skb) ? NFPROTO_IPV4 : -1; > break; > - > case NFPROTO_IPV6: > - audit_ip6(ab, skb); > + fam = audit_ip6(ab, skb) ? NFPROTO_IPV6 : -1; > break; > } > - RGB -- Richard Guy BriggsKernel Security Engineering, Base Operating Systems, Red Hat Remote, Ottawa, Canada Voice: +1.647.777.2635, Internal: (81) 32635
Re: linux-next: manual merge of the audit tree with Linus' tree
On 2017-03-24 13:18, Stephen Rothwell wrote: > Hi Paul, Hi Stephen, > Today's linux-next merge of the audit tree got a conflict in: > > net/netfilter/xt_AUDIT.c > > between commit: > > 613dbd95723a ("netfilter: x_tables: move hook state into xt_action_param > structure") > > from Linus' tree and commit: > > 36fe46d172e5 ("audit: normalize NETFILTER_PKT") > > from the audit tree. Lovely. The fix looks fine to me. Thanks! > I fixed it up (see below) and can carry the fix as necessary. This > is now fixed as far as linux-next is concerned, but any non trivial > conflicts should be mentioned to your upstream maintainer when your tree > is submitted for merging. You may also want to consider cooperating > with the maintainer of the conflicting tree to minimise any particularly > complex conflicts. > > P.S. You may want to consider a newer base for your tree ... > -- > Cheers, > Stephen Rothwell > > diff --cc net/netfilter/xt_AUDIT.c > index 19247a17e511,582ee54f6664.. > --- a/net/netfilter/xt_AUDIT.c > +++ b/net/netfilter/xt_AUDIT.c > @@@ -131,39 -78,24 +78,24 @@@ audit_tg(struct sk_buff *skb, const str > if (ab == NULL) > goto errout; > > - audit_log_format(ab, "action=%hhu hook=%u len=%u inif=%s outif=%s", > - info->type, xt_hooknum(par), skb->len, > - xt_in(par) ? xt_inname(par) : "?", > - xt_out(par) ? xt_outname(par) : "?"); > - > - if (skb->mark) > - audit_log_format(ab, " mark=%#x", skb->mark); > - > - if (skb->dev && skb->dev->type == ARPHRD_ETHER) { > - audit_log_format(ab, " smac=%pM dmac=%pM macproto=0x%04x", > - eth_hdr(skb)->h_source, eth_hdr(skb)->h_dest, > - ntohs(eth_hdr(skb)->h_proto)); > - > - if (xt_family(par) == NFPROTO_BRIDGE) { > - switch (eth_hdr(skb)->h_proto) { > - case htons(ETH_P_IP): > - audit_ip4(ab, skb); > - break; > - > - case htons(ETH_P_IPV6): > - audit_ip6(ab, skb); > - break; > - } > - } > - } > + audit_log_format(ab, "mark=%#x", skb->mark); > > -switch (par->family) { > +switch (xt_family(par)) { > + case NFPROTO_BRIDGE: > + switch (eth_hdr(skb)->h_proto) { > + case htons(ETH_P_IP): > + fam = audit_ip4(ab, skb) ? NFPROTO_IPV4 : -1; > + break; > + case htons(ETH_P_IPV6): > + fam = audit_ip6(ab, skb) ? NFPROTO_IPV6 : -1; > + break; > + } > + break; > case NFPROTO_IPV4: > - audit_ip4(ab, skb); > + fam = audit_ip4(ab, skb) ? NFPROTO_IPV4 : -1; > break; > - > case NFPROTO_IPV6: > - audit_ip6(ab, skb); > + fam = audit_ip6(ab, skb) ? NFPROTO_IPV6 : -1; > break; > } > - RGB -- Richard Guy Briggs Kernel Security Engineering, Base Operating Systems, Red Hat Remote, Ottawa, Canada Voice: +1.647.777.2635, Internal: (81) 32635
linux-next: manual merge of the audit tree with Linus' tree
Hi Paul, Today's linux-next merge of the audit tree got a conflict in: net/netfilter/xt_AUDIT.c between commit: 613dbd95723a ("netfilter: x_tables: move hook state into xt_action_param structure") from Linus' tree and commit: 36fe46d172e5 ("audit: normalize NETFILTER_PKT") from the audit tree. I fixed it up (see below) and can carry the fix as necessary. This is now fixed as far as linux-next is concerned, but any non trivial conflicts should be mentioned to your upstream maintainer when your tree is submitted for merging. You may also want to consider cooperating with the maintainer of the conflicting tree to minimise any particularly complex conflicts. P.S. You may want to consider a newer base for your tree ... -- Cheers, Stephen Rothwell diff --cc net/netfilter/xt_AUDIT.c index 19247a17e511,582ee54f6664.. --- a/net/netfilter/xt_AUDIT.c +++ b/net/netfilter/xt_AUDIT.c @@@ -131,39 -78,24 +78,24 @@@ audit_tg(struct sk_buff *skb, const str if (ab == NULL) goto errout; - audit_log_format(ab, "action=%hhu hook=%u len=%u inif=%s outif=%s", -info->type, xt_hooknum(par), skb->len, -xt_in(par) ? xt_inname(par) : "?", -xt_out(par) ? xt_outname(par) : "?"); - - if (skb->mark) - audit_log_format(ab, " mark=%#x", skb->mark); - - if (skb->dev && skb->dev->type == ARPHRD_ETHER) { - audit_log_format(ab, " smac=%pM dmac=%pM macproto=0x%04x", -eth_hdr(skb)->h_source, eth_hdr(skb)->h_dest, -ntohs(eth_hdr(skb)->h_proto)); - - if (xt_family(par) == NFPROTO_BRIDGE) { - switch (eth_hdr(skb)->h_proto) { - case htons(ETH_P_IP): - audit_ip4(ab, skb); - break; - - case htons(ETH_P_IPV6): - audit_ip6(ab, skb); - break; - } - } - } + audit_log_format(ab, "mark=%#x", skb->mark); - switch (par->family) { + switch (xt_family(par)) { + case NFPROTO_BRIDGE: + switch (eth_hdr(skb)->h_proto) { + case htons(ETH_P_IP): + fam = audit_ip4(ab, skb) ? NFPROTO_IPV4 : -1; + break; + case htons(ETH_P_IPV6): + fam = audit_ip6(ab, skb) ? NFPROTO_IPV6 : -1; + break; + } + break; case NFPROTO_IPV4: - audit_ip4(ab, skb); + fam = audit_ip4(ab, skb) ? NFPROTO_IPV4 : -1; break; - case NFPROTO_IPV6: - audit_ip6(ab, skb); + fam = audit_ip6(ab, skb) ? NFPROTO_IPV6 : -1; break; }
linux-next: manual merge of the audit tree with Linus' tree
Hi Paul, Today's linux-next merge of the audit tree got a conflict in: net/netfilter/xt_AUDIT.c between commit: 613dbd95723a ("netfilter: x_tables: move hook state into xt_action_param structure") from Linus' tree and commit: 36fe46d172e5 ("audit: normalize NETFILTER_PKT") from the audit tree. I fixed it up (see below) and can carry the fix as necessary. This is now fixed as far as linux-next is concerned, but any non trivial conflicts should be mentioned to your upstream maintainer when your tree is submitted for merging. You may also want to consider cooperating with the maintainer of the conflicting tree to minimise any particularly complex conflicts. P.S. You may want to consider a newer base for your tree ... -- Cheers, Stephen Rothwell diff --cc net/netfilter/xt_AUDIT.c index 19247a17e511,582ee54f6664.. --- a/net/netfilter/xt_AUDIT.c +++ b/net/netfilter/xt_AUDIT.c @@@ -131,39 -78,24 +78,24 @@@ audit_tg(struct sk_buff *skb, const str if (ab == NULL) goto errout; - audit_log_format(ab, "action=%hhu hook=%u len=%u inif=%s outif=%s", -info->type, xt_hooknum(par), skb->len, -xt_in(par) ? xt_inname(par) : "?", -xt_out(par) ? xt_outname(par) : "?"); - - if (skb->mark) - audit_log_format(ab, " mark=%#x", skb->mark); - - if (skb->dev && skb->dev->type == ARPHRD_ETHER) { - audit_log_format(ab, " smac=%pM dmac=%pM macproto=0x%04x", -eth_hdr(skb)->h_source, eth_hdr(skb)->h_dest, -ntohs(eth_hdr(skb)->h_proto)); - - if (xt_family(par) == NFPROTO_BRIDGE) { - switch (eth_hdr(skb)->h_proto) { - case htons(ETH_P_IP): - audit_ip4(ab, skb); - break; - - case htons(ETH_P_IPV6): - audit_ip6(ab, skb); - break; - } - } - } + audit_log_format(ab, "mark=%#x", skb->mark); - switch (par->family) { + switch (xt_family(par)) { + case NFPROTO_BRIDGE: + switch (eth_hdr(skb)->h_proto) { + case htons(ETH_P_IP): + fam = audit_ip4(ab, skb) ? NFPROTO_IPV4 : -1; + break; + case htons(ETH_P_IPV6): + fam = audit_ip6(ab, skb) ? NFPROTO_IPV6 : -1; + break; + } + break; case NFPROTO_IPV4: - audit_ip4(ab, skb); + fam = audit_ip4(ab, skb) ? NFPROTO_IPV4 : -1; break; - case NFPROTO_IPV6: - audit_ip6(ab, skb); + fam = audit_ip6(ab, skb) ? NFPROTO_IPV6 : -1; break; }
Re: linux-next: manual merge of the audit tree with Linus' tree
On 2017-01-19 13:51, Stephen Rothwell wrote: > Hi Paul, Hi Stephen, > Today's linux-next merge of the audit tree got a conflict in: > > include/uapi/linux/audit.h > > between commits: > > 7ff89ac608d9 ("audit: add exclude filter extension to feature bitmap") > dcdaa2f9480c ("Merge branch 'stable-4.10' of > git://git.infradead.org/users/pcmoore/audit") > > from Linus' tree and commit: > > 92c82e8a322b ("audit: add feature audit_lost reset") > > from the audit tree. This merge conflict was expected. Your fix below looks as expected. Thanks! Sorry for the trouble. > I fixed it up (see below) and can carry the fix as necessary. This > is now fixed as far as linux-next is concerned, but any non trivial > conflicts should be mentioned to your upstream maintainer when your tree > is submitted for merging. You may also want to consider cooperating > with the maintainer of the conflicting tree to minimise any particularly > complex conflicts. > > -- > Cheers, > Stephen Rothwell > > diff --cc include/uapi/linux/audit.h > index 1c107cb1c83f,3f24110ae63c.. > --- a/include/uapi/linux/audit.h > +++ b/include/uapi/linux/audit.h > @@@ -330,13 -331,14 +331,16 @@@ enum > #define AUDIT_FEATURE_BITMAP_BACKLOG_LIMIT 0x0001 > #define AUDIT_FEATURE_BITMAP_BACKLOG_WAIT_TIME 0x0002 > #define AUDIT_FEATURE_BITMAP_EXECUTABLE_PATH0x0004 > +#define AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND 0x0008 > #define AUDIT_FEATURE_BITMAP_SESSIONID_FILTER 0x0010 > + #define AUDIT_FEATURE_BITMAP_LOST_RESET 0x0020 > + > #define AUDIT_FEATURE_BITMAP_ALL (AUDIT_FEATURE_BITMAP_BACKLOG_LIMIT | \ > AUDIT_FEATURE_BITMAP_BACKLOG_WAIT_TIME | \ > AUDIT_FEATURE_BITMAP_EXECUTABLE_PATH | \ > + AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND | \ > - AUDIT_FEATURE_BITMAP_SESSIONID_FILTER) > + AUDIT_FEATURE_BITMAP_SESSIONID_FILTER | \ > + AUDIT_FEATURE_BITMAP_LOST_RESET) > > /* deprecated: AUDIT_VERSION_* */ > #define AUDIT_VERSION_LATESTAUDIT_FEATURE_BITMAP_ALL - RGB -- Richard Guy BriggsKernel Security Engineering, Base Operating Systems, Red Hat Remote, Ottawa, Canada Voice: +1.647.777.2635, Internal: (81) 32635
Re: linux-next: manual merge of the audit tree with Linus' tree
On 2017-01-19 13:51, Stephen Rothwell wrote: > Hi Paul, Hi Stephen, > Today's linux-next merge of the audit tree got a conflict in: > > include/uapi/linux/audit.h > > between commits: > > 7ff89ac608d9 ("audit: add exclude filter extension to feature bitmap") > dcdaa2f9480c ("Merge branch 'stable-4.10' of > git://git.infradead.org/users/pcmoore/audit") > > from Linus' tree and commit: > > 92c82e8a322b ("audit: add feature audit_lost reset") > > from the audit tree. This merge conflict was expected. Your fix below looks as expected. Thanks! Sorry for the trouble. > I fixed it up (see below) and can carry the fix as necessary. This > is now fixed as far as linux-next is concerned, but any non trivial > conflicts should be mentioned to your upstream maintainer when your tree > is submitted for merging. You may also want to consider cooperating > with the maintainer of the conflicting tree to minimise any particularly > complex conflicts. > > -- > Cheers, > Stephen Rothwell > > diff --cc include/uapi/linux/audit.h > index 1c107cb1c83f,3f24110ae63c.. > --- a/include/uapi/linux/audit.h > +++ b/include/uapi/linux/audit.h > @@@ -330,13 -331,14 +331,16 @@@ enum > #define AUDIT_FEATURE_BITMAP_BACKLOG_LIMIT 0x0001 > #define AUDIT_FEATURE_BITMAP_BACKLOG_WAIT_TIME 0x0002 > #define AUDIT_FEATURE_BITMAP_EXECUTABLE_PATH0x0004 > +#define AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND 0x0008 > #define AUDIT_FEATURE_BITMAP_SESSIONID_FILTER 0x0010 > + #define AUDIT_FEATURE_BITMAP_LOST_RESET 0x0020 > + > #define AUDIT_FEATURE_BITMAP_ALL (AUDIT_FEATURE_BITMAP_BACKLOG_LIMIT | \ > AUDIT_FEATURE_BITMAP_BACKLOG_WAIT_TIME | \ > AUDIT_FEATURE_BITMAP_EXECUTABLE_PATH | \ > + AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND | \ > - AUDIT_FEATURE_BITMAP_SESSIONID_FILTER) > + AUDIT_FEATURE_BITMAP_SESSIONID_FILTER | \ > + AUDIT_FEATURE_BITMAP_LOST_RESET) > > /* deprecated: AUDIT_VERSION_* */ > #define AUDIT_VERSION_LATESTAUDIT_FEATURE_BITMAP_ALL - RGB -- Richard Guy Briggs Kernel Security Engineering, Base Operating Systems, Red Hat Remote, Ottawa, Canada Voice: +1.647.777.2635, Internal: (81) 32635
linux-next: manual merge of the audit tree with Linus' tree
Hi Paul, Today's linux-next merge of the audit tree got a conflict in: include/uapi/linux/audit.h between commits: 7ff89ac608d9 ("audit: add exclude filter extension to feature bitmap") dcdaa2f9480c ("Merge branch 'stable-4.10' of git://git.infradead.org/users/pcmoore/audit") from Linus' tree and commit: 92c82e8a322b ("audit: add feature audit_lost reset") from the audit tree. I fixed it up (see below) and can carry the fix as necessary. This is now fixed as far as linux-next is concerned, but any non trivial conflicts should be mentioned to your upstream maintainer when your tree is submitted for merging. You may also want to consider cooperating with the maintainer of the conflicting tree to minimise any particularly complex conflicts. -- Cheers, Stephen Rothwell diff --cc include/uapi/linux/audit.h index 1c107cb1c83f,3f24110ae63c.. --- a/include/uapi/linux/audit.h +++ b/include/uapi/linux/audit.h @@@ -330,13 -331,14 +331,16 @@@ enum #define AUDIT_FEATURE_BITMAP_BACKLOG_LIMIT0x0001 #define AUDIT_FEATURE_BITMAP_BACKLOG_WAIT_TIME0x0002 #define AUDIT_FEATURE_BITMAP_EXECUTABLE_PATH 0x0004 +#define AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND 0x0008 #define AUDIT_FEATURE_BITMAP_SESSIONID_FILTER 0x0010 + #define AUDIT_FEATURE_BITMAP_LOST_RESET 0x0020 + #define AUDIT_FEATURE_BITMAP_ALL (AUDIT_FEATURE_BITMAP_BACKLOG_LIMIT | \ AUDIT_FEATURE_BITMAP_BACKLOG_WAIT_TIME | \ AUDIT_FEATURE_BITMAP_EXECUTABLE_PATH | \ +AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND | \ - AUDIT_FEATURE_BITMAP_SESSIONID_FILTER) + AUDIT_FEATURE_BITMAP_SESSIONID_FILTER | \ + AUDIT_FEATURE_BITMAP_LOST_RESET) /* deprecated: AUDIT_VERSION_* */ #define AUDIT_VERSION_LATEST AUDIT_FEATURE_BITMAP_ALL
linux-next: manual merge of the audit tree with Linus' tree
Hi Paul, Today's linux-next merge of the audit tree got a conflict in: include/uapi/linux/audit.h between commits: 7ff89ac608d9 ("audit: add exclude filter extension to feature bitmap") dcdaa2f9480c ("Merge branch 'stable-4.10' of git://git.infradead.org/users/pcmoore/audit") from Linus' tree and commit: 92c82e8a322b ("audit: add feature audit_lost reset") from the audit tree. I fixed it up (see below) and can carry the fix as necessary. This is now fixed as far as linux-next is concerned, but any non trivial conflicts should be mentioned to your upstream maintainer when your tree is submitted for merging. You may also want to consider cooperating with the maintainer of the conflicting tree to minimise any particularly complex conflicts. -- Cheers, Stephen Rothwell diff --cc include/uapi/linux/audit.h index 1c107cb1c83f,3f24110ae63c.. --- a/include/uapi/linux/audit.h +++ b/include/uapi/linux/audit.h @@@ -330,13 -331,14 +331,16 @@@ enum #define AUDIT_FEATURE_BITMAP_BACKLOG_LIMIT0x0001 #define AUDIT_FEATURE_BITMAP_BACKLOG_WAIT_TIME0x0002 #define AUDIT_FEATURE_BITMAP_EXECUTABLE_PATH 0x0004 +#define AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND 0x0008 #define AUDIT_FEATURE_BITMAP_SESSIONID_FILTER 0x0010 + #define AUDIT_FEATURE_BITMAP_LOST_RESET 0x0020 + #define AUDIT_FEATURE_BITMAP_ALL (AUDIT_FEATURE_BITMAP_BACKLOG_LIMIT | \ AUDIT_FEATURE_BITMAP_BACKLOG_WAIT_TIME | \ AUDIT_FEATURE_BITMAP_EXECUTABLE_PATH | \ +AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND | \ - AUDIT_FEATURE_BITMAP_SESSIONID_FILTER) + AUDIT_FEATURE_BITMAP_SESSIONID_FILTER | \ + AUDIT_FEATURE_BITMAP_LOST_RESET) /* deprecated: AUDIT_VERSION_* */ #define AUDIT_VERSION_LATEST AUDIT_FEATURE_BITMAP_ALL
Re: linux-next: manual merge of the audit tree with Linus' tree
On Tue, Nov 22, 2016 at 5:35 AM, Richard Guy Briggswrote: > On 2016-11-22 16:29, Stephen Rothwell wrote: >> Hi Paul, > > Hi Stephen, > >> Today's linux-next merge of the audit tree got a conflict in: >> >> include/uapi/linux/audit.h >> >> between commit: >> >> 7ff89ac608d9 ("audit: add exclude filter extension to feature bitmap") >> >> from Linus' tree and commit: >> >> 0489410368df ("audit: add support for session ID user filter") >> >> from the audit tree. > > Ok, I expected this conflict... > >> I fixed it up (see below) and can carry the fix as necessary. This >> is now fixed as far as linux-next is concerned, but any non trivial >> conflicts should be mentioned to your upstream maintainer when your tree >> is submitted for merging. You may also want to consider cooperating >> with the maintainer of the conflicting tree to minimise any particularly >> complex conflicts. > > The fix looks as expected. Thanks! Yes, +1 to what Richard already said; I've had to apply similar patches for some of my test kernels. -- paul moore www.paul-moore.com
Re: linux-next: manual merge of the audit tree with Linus' tree
On Tue, Nov 22, 2016 at 5:35 AM, Richard Guy Briggs wrote: > On 2016-11-22 16:29, Stephen Rothwell wrote: >> Hi Paul, > > Hi Stephen, > >> Today's linux-next merge of the audit tree got a conflict in: >> >> include/uapi/linux/audit.h >> >> between commit: >> >> 7ff89ac608d9 ("audit: add exclude filter extension to feature bitmap") >> >> from Linus' tree and commit: >> >> 0489410368df ("audit: add support for session ID user filter") >> >> from the audit tree. > > Ok, I expected this conflict... > >> I fixed it up (see below) and can carry the fix as necessary. This >> is now fixed as far as linux-next is concerned, but any non trivial >> conflicts should be mentioned to your upstream maintainer when your tree >> is submitted for merging. You may also want to consider cooperating >> with the maintainer of the conflicting tree to minimise any particularly >> complex conflicts. > > The fix looks as expected. Thanks! Yes, +1 to what Richard already said; I've had to apply similar patches for some of my test kernels. -- paul moore www.paul-moore.com
Re: linux-next: manual merge of the audit tree with Linus' tree
On 2016-11-22 16:29, Stephen Rothwell wrote: > Hi Paul, Hi Stephen, > Today's linux-next merge of the audit tree got a conflict in: > > include/uapi/linux/audit.h > > between commit: > > 7ff89ac608d9 ("audit: add exclude filter extension to feature bitmap") > > from Linus' tree and commit: > > 0489410368df ("audit: add support for session ID user filter") > > from the audit tree. Ok, I expected this conflict... > I fixed it up (see below) and can carry the fix as necessary. This > is now fixed as far as linux-next is concerned, but any non trivial > conflicts should be mentioned to your upstream maintainer when your tree > is submitted for merging. You may also want to consider cooperating > with the maintainer of the conflicting tree to minimise any particularly > complex conflicts. The fix looks as expected. Thanks! > Stephen Rothwell > > diff --cc include/uapi/linux/audit.h > index 208df7b44e90,c8dc97bc2c1b.. > --- a/include/uapi/linux/audit.h > +++ b/include/uapi/linux/audit.h > @@@ -329,11 -330,11 +330,13 @@@ enum > #define AUDIT_FEATURE_BITMAP_BACKLOG_LIMIT 0x0001 > #define AUDIT_FEATURE_BITMAP_BACKLOG_WAIT_TIME 0x0002 > #define AUDIT_FEATURE_BITMAP_EXECUTABLE_PATH0x0004 > +#define AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND 0x0008 > + #define AUDIT_FEATURE_BITMAP_SESSIONID_FILTER 0x0010 > #define AUDIT_FEATURE_BITMAP_ALL (AUDIT_FEATURE_BITMAP_BACKLOG_LIMIT | \ > AUDIT_FEATURE_BITMAP_BACKLOG_WAIT_TIME | \ > AUDIT_FEATURE_BITMAP_EXECUTABLE_PATH | \ > - AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND) > ++ AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND | \ > + AUDIT_FEATURE_BITMAP_SESSIONID_FILTER) > > /* deprecated: AUDIT_VERSION_* */ > #define AUDIT_VERSION_LATESTAUDIT_FEATURE_BITMAP_ALL - RGB -- Richard Guy BriggsKernel Security Engineering, Base Operating Systems, Red Hat Remote, Ottawa, Canada Voice: +1.647.777.2635, Internal: (81) 32635
Re: linux-next: manual merge of the audit tree with Linus' tree
On 2016-11-22 16:29, Stephen Rothwell wrote: > Hi Paul, Hi Stephen, > Today's linux-next merge of the audit tree got a conflict in: > > include/uapi/linux/audit.h > > between commit: > > 7ff89ac608d9 ("audit: add exclude filter extension to feature bitmap") > > from Linus' tree and commit: > > 0489410368df ("audit: add support for session ID user filter") > > from the audit tree. Ok, I expected this conflict... > I fixed it up (see below) and can carry the fix as necessary. This > is now fixed as far as linux-next is concerned, but any non trivial > conflicts should be mentioned to your upstream maintainer when your tree > is submitted for merging. You may also want to consider cooperating > with the maintainer of the conflicting tree to minimise any particularly > complex conflicts. The fix looks as expected. Thanks! > Stephen Rothwell > > diff --cc include/uapi/linux/audit.h > index 208df7b44e90,c8dc97bc2c1b.. > --- a/include/uapi/linux/audit.h > +++ b/include/uapi/linux/audit.h > @@@ -329,11 -330,11 +330,13 @@@ enum > #define AUDIT_FEATURE_BITMAP_BACKLOG_LIMIT 0x0001 > #define AUDIT_FEATURE_BITMAP_BACKLOG_WAIT_TIME 0x0002 > #define AUDIT_FEATURE_BITMAP_EXECUTABLE_PATH0x0004 > +#define AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND 0x0008 > + #define AUDIT_FEATURE_BITMAP_SESSIONID_FILTER 0x0010 > #define AUDIT_FEATURE_BITMAP_ALL (AUDIT_FEATURE_BITMAP_BACKLOG_LIMIT | \ > AUDIT_FEATURE_BITMAP_BACKLOG_WAIT_TIME | \ > AUDIT_FEATURE_BITMAP_EXECUTABLE_PATH | \ > - AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND) > ++ AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND | \ > + AUDIT_FEATURE_BITMAP_SESSIONID_FILTER) > > /* deprecated: AUDIT_VERSION_* */ > #define AUDIT_VERSION_LATESTAUDIT_FEATURE_BITMAP_ALL - RGB -- Richard Guy Briggs Kernel Security Engineering, Base Operating Systems, Red Hat Remote, Ottawa, Canada Voice: +1.647.777.2635, Internal: (81) 32635
linux-next: manual merge of the audit tree with Linus' tree
Hi Paul, Today's linux-next merge of the audit tree got a conflict in: include/uapi/linux/audit.h between commit: 7ff89ac608d9 ("audit: add exclude filter extension to feature bitmap") from Linus' tree and commit: 0489410368df ("audit: add support for session ID user filter") from the audit tree. I fixed it up (see below) and can carry the fix as necessary. This is now fixed as far as linux-next is concerned, but any non trivial conflicts should be mentioned to your upstream maintainer when your tree is submitted for merging. You may also want to consider cooperating with the maintainer of the conflicting tree to minimise any particularly complex conflicts. -- Cheers, Stephen Rothwell diff --cc include/uapi/linux/audit.h index 208df7b44e90,c8dc97bc2c1b.. --- a/include/uapi/linux/audit.h +++ b/include/uapi/linux/audit.h @@@ -329,11 -330,11 +330,13 @@@ enum #define AUDIT_FEATURE_BITMAP_BACKLOG_LIMIT0x0001 #define AUDIT_FEATURE_BITMAP_BACKLOG_WAIT_TIME0x0002 #define AUDIT_FEATURE_BITMAP_EXECUTABLE_PATH 0x0004 +#define AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND 0x0008 + #define AUDIT_FEATURE_BITMAP_SESSIONID_FILTER 0x0010 #define AUDIT_FEATURE_BITMAP_ALL (AUDIT_FEATURE_BITMAP_BACKLOG_LIMIT | \ AUDIT_FEATURE_BITMAP_BACKLOG_WAIT_TIME | \ AUDIT_FEATURE_BITMAP_EXECUTABLE_PATH | \ - AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND) ++AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND | \ + AUDIT_FEATURE_BITMAP_SESSIONID_FILTER) /* deprecated: AUDIT_VERSION_* */ #define AUDIT_VERSION_LATEST AUDIT_FEATURE_BITMAP_ALL
linux-next: manual merge of the audit tree with Linus' tree
Hi Paul, Today's linux-next merge of the audit tree got a conflict in: include/uapi/linux/audit.h between commit: 7ff89ac608d9 ("audit: add exclude filter extension to feature bitmap") from Linus' tree and commit: 0489410368df ("audit: add support for session ID user filter") from the audit tree. I fixed it up (see below) and can carry the fix as necessary. This is now fixed as far as linux-next is concerned, but any non trivial conflicts should be mentioned to your upstream maintainer when your tree is submitted for merging. You may also want to consider cooperating with the maintainer of the conflicting tree to minimise any particularly complex conflicts. -- Cheers, Stephen Rothwell diff --cc include/uapi/linux/audit.h index 208df7b44e90,c8dc97bc2c1b.. --- a/include/uapi/linux/audit.h +++ b/include/uapi/linux/audit.h @@@ -329,11 -330,11 +330,13 @@@ enum #define AUDIT_FEATURE_BITMAP_BACKLOG_LIMIT0x0001 #define AUDIT_FEATURE_BITMAP_BACKLOG_WAIT_TIME0x0002 #define AUDIT_FEATURE_BITMAP_EXECUTABLE_PATH 0x0004 +#define AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND 0x0008 + #define AUDIT_FEATURE_BITMAP_SESSIONID_FILTER 0x0010 #define AUDIT_FEATURE_BITMAP_ALL (AUDIT_FEATURE_BITMAP_BACKLOG_LIMIT | \ AUDIT_FEATURE_BITMAP_BACKLOG_WAIT_TIME | \ AUDIT_FEATURE_BITMAP_EXECUTABLE_PATH | \ - AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND) ++AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND | \ + AUDIT_FEATURE_BITMAP_SESSIONID_FILTER) /* deprecated: AUDIT_VERSION_* */ #define AUDIT_VERSION_LATEST AUDIT_FEATURE_BITMAP_ALL
Re: linux-next: manual merge of the audit tree with Linus' tree
Hi Richard, On Thu, 19 Nov 2015 13:30:12 -0500 Richard Guy Briggs wrote: > > Stephen, your patch looks fine to me. I had some minor concerns about > deeper issues as to whether the original intent of that part of the > audit subsystem was affected by this change, but that is WRT the > conflicting patch rather than your merge. After poking around a bit, I > don't have any outstanding concerns. Thanks for checking. -- Cheers, Stephen Rothwells...@canb.auug.org.au -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: linux-next: manual merge of the audit tree with Linus' tree
On 15/11/19, Paul Moore wrote: > On Wed, Nov 18, 2015 at 8:06 PM, Stephen Rothwell > wrote: > > Hi Paul, > > > > Today's linux-next merge of the audit tree got a conflict in: > > > > kernel/audit.c > > > > between commit: > > > > d0164adc89f6 ("mm, page_alloc: distinguish between being unable to sleep, > > unwilling to sleep and avoiding waking kswapd") > > > > from Linus' tree and commit: > > > > 14eeba1d242e ("audit: include auditd's threads in audit_log_start() wait > > exception") > > > > from the audit tree. > > > > I fixed it up (see below) and can carry the fix as necessary (no action > > is required). > > Thanks Stephen, I found the same thing yesterday while doing some > testing; your patch looks good to me. Stephen, your patch looks fine to me. I had some minor concerns about deeper issues as to whether the original intent of that part of the audit subsystem was affected by this change, but that is WRT the conflicting patch rather than your merge. After poking around a bit, I don't have any outstanding concerns. > > diff --cc kernel/audit.c > > index bc2ff61bc1d6,ca1b9cda2766.. > > --- a/kernel/audit.c > > +++ b/kernel/audit.c > > @@@ -1371,9 -1371,9 +1371,9 @@@ struct audit_buffer *audit_log_start(st > > if (unlikely(audit_filter_type(type))) > > return NULL; > > > > - if (gfp_mask & __GFP_WAIT) { > > + if (gfp_mask & __GFP_DIRECT_RECLAIM) { > > - if (audit_pid && audit_pid == current->pid) > > + if (audit_pid && audit_pid == current->tgid) > > - gfp_mask &= ~__GFP_WAIT; > > + gfp_mask &= ~__GFP_DIRECT_RECLAIM; > > else > > reserve = 0; > > } > > paul moore - RGB -- Richard Guy Briggs Senior Software Engineer, Kernel Security, AMER ENG Base Operating Systems, Red Hat Remote, Ottawa, Canada Voice: +1.647.777.2635, Internal: (81) 32635, Alt: +1.613.693.0684x3545 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: linux-next: manual merge of the audit tree with Linus' tree
On Wed, Nov 18, 2015 at 8:06 PM, Stephen Rothwell wrote: > Hi Paul, > > Today's linux-next merge of the audit tree got a conflict in: > > kernel/audit.c > > between commit: > > d0164adc89f6 ("mm, page_alloc: distinguish between being unable to sleep, > unwilling to sleep and avoiding waking kswapd") > > from Linus' tree and commit: > > 14eeba1d242e ("audit: include auditd's threads in audit_log_start() wait > exception") > > from the audit tree. > > I fixed it up (see below) and can carry the fix as necessary (no action > is required). Thanks Stephen, I found the same thing yesterday while doing some testing; your patch looks good to me. > diff --cc kernel/audit.c > index bc2ff61bc1d6,ca1b9cda2766.. > --- a/kernel/audit.c > +++ b/kernel/audit.c > @@@ -1371,9 -1371,9 +1371,9 @@@ struct audit_buffer *audit_log_start(st > if (unlikely(audit_filter_type(type))) > return NULL; > > - if (gfp_mask & __GFP_WAIT) { > + if (gfp_mask & __GFP_DIRECT_RECLAIM) { > - if (audit_pid && audit_pid == current->pid) > + if (audit_pid && audit_pid == current->tgid) > - gfp_mask &= ~__GFP_WAIT; > + gfp_mask &= ~__GFP_DIRECT_RECLAIM; > else > reserve = 0; > } -- paul moore www.paul-moore.com -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: linux-next: manual merge of the audit tree with Linus' tree
On 15/11/19, Paul Moore wrote: > On Wed, Nov 18, 2015 at 8:06 PM, Stephen Rothwell> wrote: > > Hi Paul, > > > > Today's linux-next merge of the audit tree got a conflict in: > > > > kernel/audit.c > > > > between commit: > > > > d0164adc89f6 ("mm, page_alloc: distinguish between being unable to sleep, > > unwilling to sleep and avoiding waking kswapd") > > > > from Linus' tree and commit: > > > > 14eeba1d242e ("audit: include auditd's threads in audit_log_start() wait > > exception") > > > > from the audit tree. > > > > I fixed it up (see below) and can carry the fix as necessary (no action > > is required). > > Thanks Stephen, I found the same thing yesterday while doing some > testing; your patch looks good to me. Stephen, your patch looks fine to me. I had some minor concerns about deeper issues as to whether the original intent of that part of the audit subsystem was affected by this change, but that is WRT the conflicting patch rather than your merge. After poking around a bit, I don't have any outstanding concerns. > > diff --cc kernel/audit.c > > index bc2ff61bc1d6,ca1b9cda2766.. > > --- a/kernel/audit.c > > +++ b/kernel/audit.c > > @@@ -1371,9 -1371,9 +1371,9 @@@ struct audit_buffer *audit_log_start(st > > if (unlikely(audit_filter_type(type))) > > return NULL; > > > > - if (gfp_mask & __GFP_WAIT) { > > + if (gfp_mask & __GFP_DIRECT_RECLAIM) { > > - if (audit_pid && audit_pid == current->pid) > > + if (audit_pid && audit_pid == current->tgid) > > - gfp_mask &= ~__GFP_WAIT; > > + gfp_mask &= ~__GFP_DIRECT_RECLAIM; > > else > > reserve = 0; > > } > > paul moore - RGB -- Richard Guy Briggs Senior Software Engineer, Kernel Security, AMER ENG Base Operating Systems, Red Hat Remote, Ottawa, Canada Voice: +1.647.777.2635, Internal: (81) 32635, Alt: +1.613.693.0684x3545 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: linux-next: manual merge of the audit tree with Linus' tree
Hi Richard, On Thu, 19 Nov 2015 13:30:12 -0500 Richard Guy Briggswrote: > > Stephen, your patch looks fine to me. I had some minor concerns about > deeper issues as to whether the original intent of that part of the > audit subsystem was affected by this change, but that is WRT the > conflicting patch rather than your merge. After poking around a bit, I > don't have any outstanding concerns. Thanks for checking. -- Cheers, Stephen Rothwells...@canb.auug.org.au -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: linux-next: manual merge of the audit tree with Linus' tree
On Wed, Nov 18, 2015 at 8:06 PM, Stephen Rothwellwrote: > Hi Paul, > > Today's linux-next merge of the audit tree got a conflict in: > > kernel/audit.c > > between commit: > > d0164adc89f6 ("mm, page_alloc: distinguish between being unable to sleep, > unwilling to sleep and avoiding waking kswapd") > > from Linus' tree and commit: > > 14eeba1d242e ("audit: include auditd's threads in audit_log_start() wait > exception") > > from the audit tree. > > I fixed it up (see below) and can carry the fix as necessary (no action > is required). Thanks Stephen, I found the same thing yesterday while doing some testing; your patch looks good to me. > diff --cc kernel/audit.c > index bc2ff61bc1d6,ca1b9cda2766.. > --- a/kernel/audit.c > +++ b/kernel/audit.c > @@@ -1371,9 -1371,9 +1371,9 @@@ struct audit_buffer *audit_log_start(st > if (unlikely(audit_filter_type(type))) > return NULL; > > - if (gfp_mask & __GFP_WAIT) { > + if (gfp_mask & __GFP_DIRECT_RECLAIM) { > - if (audit_pid && audit_pid == current->pid) > + if (audit_pid && audit_pid == current->tgid) > - gfp_mask &= ~__GFP_WAIT; > + gfp_mask &= ~__GFP_DIRECT_RECLAIM; > else > reserve = 0; > } -- paul moore www.paul-moore.com -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
linux-next: manual merge of the audit tree with Linus' tree
Hi Paul, Today's linux-next merge of the audit tree got a conflict in: kernel/audit.c between commit: d0164adc89f6 ("mm, page_alloc: distinguish between being unable to sleep, unwilling to sleep and avoiding waking kswapd") from Linus' tree and commit: 14eeba1d242e ("audit: include auditd's threads in audit_log_start() wait exception") from the audit tree. I fixed it up (see below) and can carry the fix as necessary (no action is required). -- Cheers, Stephen Rothwells...@canb.auug.org.au diff --cc kernel/audit.c index bc2ff61bc1d6,ca1b9cda2766.. --- a/kernel/audit.c +++ b/kernel/audit.c @@@ -1371,9 -1371,9 +1371,9 @@@ struct audit_buffer *audit_log_start(st if (unlikely(audit_filter_type(type))) return NULL; - if (gfp_mask & __GFP_WAIT) { + if (gfp_mask & __GFP_DIRECT_RECLAIM) { - if (audit_pid && audit_pid == current->pid) + if (audit_pid && audit_pid == current->tgid) - gfp_mask &= ~__GFP_WAIT; + gfp_mask &= ~__GFP_DIRECT_RECLAIM; else reserve = 0; } -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
linux-next: manual merge of the audit tree with Linus' tree
Hi Paul, Today's linux-next merge of the audit tree got a conflict in: kernel/audit.c between commit: d0164adc89f6 ("mm, page_alloc: distinguish between being unable to sleep, unwilling to sleep and avoiding waking kswapd") from Linus' tree and commit: 14eeba1d242e ("audit: include auditd's threads in audit_log_start() wait exception") from the audit tree. I fixed it up (see below) and can carry the fix as necessary (no action is required). -- Cheers, Stephen Rothwells...@canb.auug.org.au diff --cc kernel/audit.c index bc2ff61bc1d6,ca1b9cda2766.. --- a/kernel/audit.c +++ b/kernel/audit.c @@@ -1371,9 -1371,9 +1371,9 @@@ struct audit_buffer *audit_log_start(st if (unlikely(audit_filter_type(type))) return NULL; - if (gfp_mask & __GFP_WAIT) { + if (gfp_mask & __GFP_DIRECT_RECLAIM) { - if (audit_pid && audit_pid == current->pid) + if (audit_pid && audit_pid == current->tgid) - gfp_mask &= ~__GFP_WAIT; + gfp_mask &= ~__GFP_DIRECT_RECLAIM; else reserve = 0; } -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: linux-next: manual merge of the audit tree with Linus' tree
On Tuesday, October 06, 2015 01:55:01 PM Stephen Rothwell wrote: > Hi Paul, > > Today's linux-next merge of the audit tree got a conflict in: > > include/linux/lsm_audit.h > > between commit: > > 671a2781ff01 ("security: add ioctl specific auditing to lsm_audit") > > from Linus' tree and commit: > > 43cfd5e38587 ("audit: constify parts of common_audit_data and > lsm_network_audit") > > from the audit tree. > > I fixed it up (see below) and can carry the fix as necessary (no action > is required). Thanks, that patch looks correct, although I'm going to drop the patch causing this problem for the time being as there are some oddities with the build warning that you posted which aren't immediately obvious to me. Something weird is causing it to work in audit#next but throw a warning when applied on top of Linus' current ... I'll reapply the patch once I've resolved the issue. -- paul moore www.paul-moore.com -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: linux-next: manual merge of the audit tree with Linus' tree
On Tuesday, October 06, 2015 01:55:01 PM Stephen Rothwell wrote: > Hi Paul, > > Today's linux-next merge of the audit tree got a conflict in: > > include/linux/lsm_audit.h > > between commit: > > 671a2781ff01 ("security: add ioctl specific auditing to lsm_audit") > > from Linus' tree and commit: > > 43cfd5e38587 ("audit: constify parts of common_audit_data and > lsm_network_audit") > > from the audit tree. > > I fixed it up (see below) and can carry the fix as necessary (no action > is required). Thanks, that patch looks correct, although I'm going to drop the patch causing this problem for the time being as there are some oddities with the build warning that you posted which aren't immediately obvious to me. Something weird is causing it to work in audit#next but throw a warning when applied on top of Linus' current ... I'll reapply the patch once I've resolved the issue. -- paul moore www.paul-moore.com -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
linux-next: manual merge of the audit tree with Linus' tree
Hi Paul, Today's linux-next merge of the audit tree got a conflict in: include/linux/lsm_audit.h between commit: 671a2781ff01 ("security: add ioctl specific auditing to lsm_audit") from Linus' tree and commit: 43cfd5e38587 ("audit: constify parts of common_audit_data and lsm_network_audit") from the audit tree. I fixed it up (see below) and can carry the fix as necessary (no action is required). -- Cheers, Stephen Rothwells...@canb.auug.org.au diff --cc include/linux/lsm_audit.h index ffb9c9da4f39,6c4c7acd0e5e.. --- a/include/linux/lsm_audit.h +++ b/include/linux/lsm_audit.h @@@ -58,10 -53,9 +58,10 @@@ struct common_audit_data #define LSM_AUDIT_DATA_KMOD 8 #define LSM_AUDIT_DATA_INODE 9 #define LSM_AUDIT_DATA_DENTRY 10 +#define LSM_AUDIT_DATA_IOCTL_OP 11 union { struct path path; - struct dentry *dentry; + const struct dentry *dentry; struct inode *inode; struct lsm_network_audit *net; int cap; @@@ -70,11 -64,10 +70,11 @@@ #ifdef CONFIG_KEYS struct { key_serial_t key; - char *key_desc; + const char *key_desc; } key_struct; #endif - char *kmod_name; + const char *kmod_name; + struct lsm_ioctlop_audit *op; } u; /* this union contains LSM specific data */ union { -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
linux-next: manual merge of the audit tree with Linus' tree
Hi Paul, Today's linux-next merge of the audit tree got a conflict in: include/linux/lsm_audit.h between commit: 671a2781ff01 ("security: add ioctl specific auditing to lsm_audit") from Linus' tree and commit: 43cfd5e38587 ("audit: constify parts of common_audit_data and lsm_network_audit") from the audit tree. I fixed it up (see below) and can carry the fix as necessary (no action is required). -- Cheers, Stephen Rothwells...@canb.auug.org.au diff --cc include/linux/lsm_audit.h index ffb9c9da4f39,6c4c7acd0e5e.. --- a/include/linux/lsm_audit.h +++ b/include/linux/lsm_audit.h @@@ -58,10 -53,9 +58,10 @@@ struct common_audit_data #define LSM_AUDIT_DATA_KMOD 8 #define LSM_AUDIT_DATA_INODE 9 #define LSM_AUDIT_DATA_DENTRY 10 +#define LSM_AUDIT_DATA_IOCTL_OP 11 union { struct path path; - struct dentry *dentry; + const struct dentry *dentry; struct inode *inode; struct lsm_network_audit *net; int cap; @@@ -70,11 -64,10 +70,11 @@@ #ifdef CONFIG_KEYS struct { key_serial_t key; - char *key_desc; + const char *key_desc; } key_struct; #endif - char *kmod_name; + const char *kmod_name; + struct lsm_ioctlop_audit *op; } u; /* this union contains LSM specific data */ union { -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: linux-next: manual merge of the audit tree with Linus' tree
On 15/08/07, Stephen Rothwell wrote: > Hi Paul, Hi Stephen, > Today's linux-next merge of the audit tree got a conflict in: > > kernel/audit.c > > between commit: > > 5985de6754a6 ("audit: code clean up") > > from Linus' tree and commit: > > 84cb777e6781 ("audit: use macros for unset inode and device values") > > from the audit tree. > > I fixed it up (see below) and can carry the fix as necessary (no action > is required). Yup, looks good, thanks! :) > -- > Cheers, > Stephen Rothwells...@canb.auug.org.au > > diff --cc kernel/audit.c > index f9e6065346db,060153dc47d4.. > --- a/kernel/audit.c > +++ b/kernel/audit.c > @@@ -1761,7 -1759,7 +1761,7 @@@ void audit_log_name(struct audit_contex > } else > audit_log_format(ab, " name=(null)"); > > - if (n->ino != (unsigned long)-1) > -if (n->ino != AUDIT_INO_UNSET) { > ++if (n->ino != AUDIT_INO_UNSET) > audit_log_format(ab, " inode=%lu" >" dev=%02x:%02x mode=%#ho" >" ouid=%u ogid=%u rdev=%02x:%02x", - RGB -- Richard Guy Briggs Senior Software Engineer, Kernel Security, AMER ENG Base Operating Systems, Red Hat Remote, Ottawa, Canada Voice: +1.647.777.2635, Internal: (81) 32635, Alt: +1.613.693.0684x3545 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: linux-next: manual merge of the audit tree with Linus' tree
On 15/08/07, Stephen Rothwell wrote: Hi Paul, Hi Stephen, Today's linux-next merge of the audit tree got a conflict in: kernel/audit.c between commit: 5985de6754a6 (audit: code clean up) from Linus' tree and commit: 84cb777e6781 (audit: use macros for unset inode and device values) from the audit tree. I fixed it up (see below) and can carry the fix as necessary (no action is required). Yup, looks good, thanks! :) -- Cheers, Stephen Rothwells...@canb.auug.org.au diff --cc kernel/audit.c index f9e6065346db,060153dc47d4.. --- a/kernel/audit.c +++ b/kernel/audit.c @@@ -1761,7 -1759,7 +1761,7 @@@ void audit_log_name(struct audit_contex } else audit_log_format(ab, name=(null)); - if (n-ino != (unsigned long)-1) -if (n-ino != AUDIT_INO_UNSET) { ++if (n-ino != AUDIT_INO_UNSET) audit_log_format(ab, inode=%lu dev=%02x:%02x mode=%#ho ouid=%u ogid=%u rdev=%02x:%02x, - RGB -- Richard Guy Briggs rbri...@redhat.com Senior Software Engineer, Kernel Security, AMER ENG Base Operating Systems, Red Hat Remote, Ottawa, Canada Voice: +1.647.777.2635, Internal: (81) 32635, Alt: +1.613.693.0684x3545 -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
linux-next: manual merge of the audit tree with Linus' tree
Hi Paul, Today's linux-next merge of the audit tree got a conflict in: kernel/audit.c between commit: 5985de6754a6 ("audit: code clean up") from Linus' tree and commit: 84cb777e6781 ("audit: use macros for unset inode and device values") from the audit tree. I fixed it up (see below) and can carry the fix as necessary (no action is required). -- Cheers, Stephen Rothwells...@canb.auug.org.au diff --cc kernel/audit.c index f9e6065346db,060153dc47d4.. --- a/kernel/audit.c +++ b/kernel/audit.c @@@ -1761,7 -1759,7 +1761,7 @@@ void audit_log_name(struct audit_contex } else audit_log_format(ab, " name=(null)"); - if (n->ino != (unsigned long)-1) - if (n->ino != AUDIT_INO_UNSET) { ++ if (n->ino != AUDIT_INO_UNSET) audit_log_format(ab, " inode=%lu" " dev=%02x:%02x mode=%#ho" " ouid=%u ogid=%u rdev=%02x:%02x", -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
linux-next: manual merge of the audit tree with Linus' tree
Hi Paul, Today's linux-next merge of the audit tree got a conflict in: kernel/audit.c between commit: 5985de6754a6 (audit: code clean up) from Linus' tree and commit: 84cb777e6781 (audit: use macros for unset inode and device values) from the audit tree. I fixed it up (see below) and can carry the fix as necessary (no action is required). -- Cheers, Stephen Rothwells...@canb.auug.org.au diff --cc kernel/audit.c index f9e6065346db,060153dc47d4.. --- a/kernel/audit.c +++ b/kernel/audit.c @@@ -1761,7 -1759,7 +1761,7 @@@ void audit_log_name(struct audit_contex } else audit_log_format(ab, name=(null)); - if (n-ino != (unsigned long)-1) - if (n-ino != AUDIT_INO_UNSET) { ++ if (n-ino != AUDIT_INO_UNSET) audit_log_format(ab, inode=%lu dev=%02x:%02x mode=%#ho ouid=%u ogid=%u rdev=%02x:%02x, -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: linux-next: manual merge of the audit tree with Linus' tree
On 15/06/01, Stephen Rothwell wrote: > Hi Paul, > > Today's linux-next merge of the audit tree got a conflict in > security/lsm_audit.c between commit 5deeb5cece3f ("lsm: copy comm > before calling audit_log to avoid race in string printing") from Linus' > tree and commit 5c5bc97e2fc8 ("lsm: rename duplicate labels in > LSM_AUDIT_DATA_TASK audit message type") from the audit tree. > > I fixed it up (see below) and can carry the fix as necessary (no action > is required). Perfect, thanks, fix looks right. Cheers! > Stephen Rothwells...@canb.auug.org.au > > diff --cc security/lsm_audit.c > index 1d34277dc402,07fc99724d41.. > --- a/security/lsm_audit.c > +++ b/security/lsm_audit.c > @@@ -281,10 -281,8 +281,10 @@@ static void dump_common_audit_data(stru > if (tsk) { > pid_t pid = task_pid_nr(tsk); > if (pid) { > +char comm[sizeof(tsk->comm)]; > - audit_log_format(ab, " pid=%d comm=", pid); > + audit_log_format(ab, " opid=%d ocomm=", pid); > -audit_log_untrustedstring(ab, tsk->comm); > +audit_log_untrustedstring(ab, > +memcpy(comm, tsk->comm, sizeof(comm))); > } > } > break; - RGB -- Richard Guy Briggs Senior Software Engineer, Kernel Security, AMER ENG Base Operating Systems, Red Hat Remote, Ottawa, Canada Voice: +1.647.777.2635, Internal: (81) 32635, Alt: +1.613.693.0684x3545 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
linux-next: manual merge of the audit tree with Linus' tree
Hi Paul, Today's linux-next merge of the audit tree got a conflict in security/lsm_audit.c between commit 5deeb5cece3f ("lsm: copy comm before calling audit_log to avoid race in string printing") from Linus' tree and commit 5c5bc97e2fc8 ("lsm: rename duplicate labels in LSM_AUDIT_DATA_TASK audit message type") from the audit tree. I fixed it up (see below) and can carry the fix as necessary (no action is required). -- Cheers, Stephen Rothwells...@canb.auug.org.au diff --cc security/lsm_audit.c index 1d34277dc402,07fc99724d41.. --- a/security/lsm_audit.c +++ b/security/lsm_audit.c @@@ -281,10 -281,8 +281,10 @@@ static void dump_common_audit_data(stru if (tsk) { pid_t pid = task_pid_nr(tsk); if (pid) { + char comm[sizeof(tsk->comm)]; - audit_log_format(ab, " pid=%d comm=", pid); + audit_log_format(ab, " opid=%d ocomm=", pid); - audit_log_untrustedstring(ab, tsk->comm); + audit_log_untrustedstring(ab, + memcpy(comm, tsk->comm, sizeof(comm))); } } break; pgphJsRyaC6Ul.pgp Description: OpenPGP digital signature
linux-next: manual merge of the audit tree with Linus' tree
Hi Paul, Today's linux-next merge of the audit tree got a conflict in security/lsm_audit.c between commit 5deeb5cece3f (lsm: copy comm before calling audit_log to avoid race in string printing) from Linus' tree and commit 5c5bc97e2fc8 (lsm: rename duplicate labels in LSM_AUDIT_DATA_TASK audit message type) from the audit tree. I fixed it up (see below) and can carry the fix as necessary (no action is required). -- Cheers, Stephen Rothwells...@canb.auug.org.au diff --cc security/lsm_audit.c index 1d34277dc402,07fc99724d41.. --- a/security/lsm_audit.c +++ b/security/lsm_audit.c @@@ -281,10 -281,8 +281,10 @@@ static void dump_common_audit_data(stru if (tsk) { pid_t pid = task_pid_nr(tsk); if (pid) { + char comm[sizeof(tsk-comm)]; - audit_log_format(ab, pid=%d comm=, pid); + audit_log_format(ab, opid=%d ocomm=, pid); - audit_log_untrustedstring(ab, tsk-comm); + audit_log_untrustedstring(ab, + memcpy(comm, tsk-comm, sizeof(comm))); } } break; pgphJsRyaC6Ul.pgp Description: OpenPGP digital signature
Re: linux-next: manual merge of the audit tree with Linus' tree
On 15/06/01, Stephen Rothwell wrote: Hi Paul, Today's linux-next merge of the audit tree got a conflict in security/lsm_audit.c between commit 5deeb5cece3f (lsm: copy comm before calling audit_log to avoid race in string printing) from Linus' tree and commit 5c5bc97e2fc8 (lsm: rename duplicate labels in LSM_AUDIT_DATA_TASK audit message type) from the audit tree. I fixed it up (see below) and can carry the fix as necessary (no action is required). Perfect, thanks, fix looks right. Cheers! Stephen Rothwells...@canb.auug.org.au diff --cc security/lsm_audit.c index 1d34277dc402,07fc99724d41.. --- a/security/lsm_audit.c +++ b/security/lsm_audit.c @@@ -281,10 -281,8 +281,10 @@@ static void dump_common_audit_data(stru if (tsk) { pid_t pid = task_pid_nr(tsk); if (pid) { +char comm[sizeof(tsk-comm)]; - audit_log_format(ab, pid=%d comm=, pid); + audit_log_format(ab, opid=%d ocomm=, pid); -audit_log_untrustedstring(ab, tsk-comm); +audit_log_untrustedstring(ab, +memcpy(comm, tsk-comm, sizeof(comm))); } } break; - RGB -- Richard Guy Briggs rbri...@redhat.com Senior Software Engineer, Kernel Security, AMER ENG Base Operating Systems, Red Hat Remote, Ottawa, Canada Voice: +1.647.777.2635, Internal: (81) 32635, Alt: +1.613.693.0684x3545 -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: linux-next: manual merge of the audit tree with Linus' tree
On Mon, Jan 19, 2015 at 11:04 PM, Stephen Rothwell wrote: > Hi Paul, > > Today's linux-next merge of the audit tree got a conflict in > include/linux/audit.h between commit 041d7b98ffe5 ("audit: restore > AUDIT_LOGINUID unset ABI") from Linus' tree and commit e80da768eae4 > ("audit: remove vestiges of vers_ops") from the audit tree. I suspect rebasing the audit next branch will resolve this issue as well. -- paul moore www.paul-moore.com -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: linux-next: manual merge of the audit tree with Linus' tree
On Mon, Jan 19, 2015 at 11:04 PM, Stephen Rothwell s...@canb.auug.org.au wrote: Hi Paul, Today's linux-next merge of the audit tree got a conflict in include/linux/audit.h between commit 041d7b98ffe5 (audit: restore AUDIT_LOGINUID unset ABI) from Linus' tree and commit e80da768eae4 (audit: remove vestiges of vers_ops) from the audit tree. I suspect rebasing the audit next branch will resolve this issue as well. -- paul moore www.paul-moore.com -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
linux-next: manual merge of the audit tree with Linus' tree
Hi Paul, Today's linux-next merge of the audit tree got a conflict in include/linux/audit.h between commit 041d7b98ffe5 ("audit: restore AUDIT_LOGINUID unset ABI") from Linus' tree and commit e80da768eae4 ("audit: remove vestiges of vers_ops") from the audit tree. I fixed it up (see below) and can carry the fix as necessary (no action is required). -- Cheers, Stephen Rothwells...@canb.auug.org.au diff --cc include/linux/audit.h index af84234e1f6e,26710c5b9443.. --- a/include/linux/audit.h +++ b/include/linux/audit.h @@@ -46,8 -46,6 +46,7 @@@ struct audit_tree struct sk_buff; struct audit_krule { - int vers_ops; + u32 pflags; u32 flags; u32 listnr; u32 action; pgpQnucCiVshD.pgp Description: OpenPGP digital signature
linux-next: manual merge of the audit tree with Linus' tree
Hi Paul, Today's linux-next merge of the audit tree got a conflict in fs/exec.c between commit 51f39a1f0cea ("syscalls: implement execveat() system call") from Linus' tree and commit 5dc5218840e1 ("fs: create proper filename objects using getname_kernel()") from the audit tree. I fixed it up (see below) and can carry the fix as necessary (no action is required). -- Cheers, Stephen Rothwells...@canb.auug.org.au diff --cc fs/exec.c index ad8798e26be9,d067771af6d4.. --- a/fs/exec.c +++ b/fs/exec.c @@@ -794,8 -789,15 +794,15 @@@ exit struct file *open_exec(const char *name) { - struct filename tmp = { .name = name }; - return do_open_execat(AT_FDCWD, , 0); + struct file *file; + struct filename *tmp; + + tmp = getname_kernel(name); + if (unlikely(IS_ERR(tmp))) + return (void *)tmp; - file = do_open_exec(tmp); ++ file = do_open_execat(AT_FDCWD, tmp, 0); + putname(tmp); + return file; } EXPORT_SYMBOL(open_exec); pgpVRt02SUbD_.pgp Description: OpenPGP digital signature
linux-next: manual merge of the audit tree with Linus' tree
Hi Paul, Today's linux-next merge of the audit tree got a conflict in kernel/auditsc.c between commit 4a92843601ad ("audit: correctly record file names with different path name types") and fcf22d8267ad ("audit: create private file name copies when auditing inodes") from Linus' tree and commits 997f7ee82a98 ("audit: enable filename recording via getname_kernel()"), 2b1b63a2b7d3 ("audit: fix filename matching in __audit_inode() and __audit_inode_child()") and 49463ee9d929 ("audit: replace getname()/putname() hacks with reference counters") from the audit tree. It would have been nice if these new audit tree commits had been based on v3.19-rc3 instead of v3.16 ... (especially since their Author dates match their Committer dates). I fixed it up (basically I used the audit tree versions - based on the commit comments - see below) and can carry the fix as necessary (no action is required). -- Cheers, Stephen Rothwells...@canb.auug.org.au diff --cc kernel/auditsc.c index 55f82fce2526,459a54555151.. --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@@ -1878,48 -1802,17 +1804,15 @@@ void __audit_inode(struct filename *nam } out_alloc: - /* unable to find the name from a previous getname(). Allocate a new - * anonymous entry. - */ + /* unable to find an entry with both a matching name and type */ - n = audit_alloc_name(context, AUDIT_TYPE_UNKNOWN); + n = audit_alloc_name(context, AUDIT_TYPE_NORMAL); if (!n) return; - /* unfortunately, while we may have a path name to record with the -* inode, we can't always rely on the string lasting until the end of -* the syscall so we need to create our own copy, it may fail due to -* memory allocation issues, but we do our best */ if (name) { - /* we can't use getname_kernel() due to size limits */ - size_t len = strlen(name->name) + 1; - struct filename *new = __getname(); - - if (unlikely(!new)) - goto out; - - if (len <= (PATH_MAX - sizeof(*new))) { - new->name = (char *)(new) + sizeof(*new); - new->separate = false; - } else if (len <= PATH_MAX) { - /* this looks odd, but is due to final_putname() */ - struct filename *new2; - - new2 = kmalloc(sizeof(*new2), GFP_KERNEL); - if (unlikely(!new2)) { - __putname(new); - goto out; - } - new2->name = (char *)new; - new2->separate = true; - new = new2; - } else { - /* we should never get here, but let's be safe */ - __putname(new); - goto out; - } - strlcpy((char *)new->name, name->name, len); - new->uptr = NULL; - new->aname = n; - n->name = new; - n->name_put = true; + n->name = name; + name->refcnt++; } + out: if (parent) { n->name_len = n->name ? parent_len(n->name->name) : AUDIT_NAME_FULL; pgp6_OmcN6TBN.pgp Description: OpenPGP digital signature
linux-next: manual merge of the audit tree with Linus' tree
Hi Paul, Today's linux-next merge of the audit tree got a conflict in fs/exec.c between commit 51f39a1f0cea (syscalls: implement execveat() system call) from Linus' tree and commit 5dc5218840e1 (fs: create proper filename objects using getname_kernel()) from the audit tree. I fixed it up (see below) and can carry the fix as necessary (no action is required). -- Cheers, Stephen Rothwells...@canb.auug.org.au diff --cc fs/exec.c index ad8798e26be9,d067771af6d4.. --- a/fs/exec.c +++ b/fs/exec.c @@@ -794,8 -789,15 +794,15 @@@ exit struct file *open_exec(const char *name) { - struct filename tmp = { .name = name }; - return do_open_execat(AT_FDCWD, tmp, 0); + struct file *file; + struct filename *tmp; + + tmp = getname_kernel(name); + if (unlikely(IS_ERR(tmp))) + return (void *)tmp; - file = do_open_exec(tmp); ++ file = do_open_execat(AT_FDCWD, tmp, 0); + putname(tmp); + return file; } EXPORT_SYMBOL(open_exec); pgpVRt02SUbD_.pgp Description: OpenPGP digital signature
linux-next: manual merge of the audit tree with Linus' tree
Hi Paul, Today's linux-next merge of the audit tree got a conflict in include/linux/audit.h between commit 041d7b98ffe5 (audit: restore AUDIT_LOGINUID unset ABI) from Linus' tree and commit e80da768eae4 (audit: remove vestiges of vers_ops) from the audit tree. I fixed it up (see below) and can carry the fix as necessary (no action is required). -- Cheers, Stephen Rothwells...@canb.auug.org.au diff --cc include/linux/audit.h index af84234e1f6e,26710c5b9443.. --- a/include/linux/audit.h +++ b/include/linux/audit.h @@@ -46,8 -46,6 +46,7 @@@ struct audit_tree struct sk_buff; struct audit_krule { - int vers_ops; + u32 pflags; u32 flags; u32 listnr; u32 action; pgpQnucCiVshD.pgp Description: OpenPGP digital signature
linux-next: manual merge of the audit tree with Linus' tree
Hi Paul, Today's linux-next merge of the audit tree got a conflict in kernel/auditsc.c between commit 4a92843601ad (audit: correctly record file names with different path name types) and fcf22d8267ad (audit: create private file name copies when auditing inodes) from Linus' tree and commits 997f7ee82a98 (audit: enable filename recording via getname_kernel()), 2b1b63a2b7d3 (audit: fix filename matching in __audit_inode() and __audit_inode_child()) and 49463ee9d929 (audit: replace getname()/putname() hacks with reference counters) from the audit tree. It would have been nice if these new audit tree commits had been based on v3.19-rc3 instead of v3.16 ... (especially since their Author dates match their Committer dates). I fixed it up (basically I used the audit tree versions - based on the commit comments - see below) and can carry the fix as necessary (no action is required). -- Cheers, Stephen Rothwells...@canb.auug.org.au diff --cc kernel/auditsc.c index 55f82fce2526,459a54555151.. --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@@ -1878,48 -1802,17 +1804,15 @@@ void __audit_inode(struct filename *nam } out_alloc: - /* unable to find the name from a previous getname(). Allocate a new - * anonymous entry. - */ + /* unable to find an entry with both a matching name and type */ - n = audit_alloc_name(context, AUDIT_TYPE_UNKNOWN); + n = audit_alloc_name(context, AUDIT_TYPE_NORMAL); if (!n) return; - /* unfortunately, while we may have a path name to record with the -* inode, we can't always rely on the string lasting until the end of -* the syscall so we need to create our own copy, it may fail due to -* memory allocation issues, but we do our best */ if (name) { - /* we can't use getname_kernel() due to size limits */ - size_t len = strlen(name-name) + 1; - struct filename *new = __getname(); - - if (unlikely(!new)) - goto out; - - if (len = (PATH_MAX - sizeof(*new))) { - new-name = (char *)(new) + sizeof(*new); - new-separate = false; - } else if (len = PATH_MAX) { - /* this looks odd, but is due to final_putname() */ - struct filename *new2; - - new2 = kmalloc(sizeof(*new2), GFP_KERNEL); - if (unlikely(!new2)) { - __putname(new); - goto out; - } - new2-name = (char *)new; - new2-separate = true; - new = new2; - } else { - /* we should never get here, but let's be safe */ - __putname(new); - goto out; - } - strlcpy((char *)new-name, name-name, len); - new-uptr = NULL; - new-aname = n; - n-name = new; - n-name_put = true; + n-name = name; + name-refcnt++; } + out: if (parent) { n-name_len = n-name ? parent_len(n-name-name) : AUDIT_NAME_FULL; pgp6_OmcN6TBN.pgp Description: OpenPGP digital signature
linux-next: manual merge of the audit tree with Linus' tree
Hi Eric, Today's linux-next merge of the audit tree got a conflict in arch/mips/kernel/ptrace.c between commits 6e34574603f6 ("MIPS: asm: syscall: Define syscall_get_arch") and 1225eb825208("MIPS: ptrace: Move away from secure_computing_strict") from Linus' tree and commit 8ea408a0c1e7 ("ARCH: AUDIT: audit_syscall_entry() should not require the arch") from the audit tree. I fixed it up (see below) and can carry the fix as necessary (no action is required). -- Cheers, Stephen Rothwells...@canb.auug.org.au diff --cc arch/mips/kernel/ptrace.c index 71f85f427034,8b393bcf7919.. --- a/arch/mips/kernel/ptrace.c +++ b/arch/mips/kernel/ptrace.c @@@ -649,11 -677,8 +649,9 @@@ asmlinkage long syscall_trace_enter(str if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) trace_sys_enter(regs, regs->regs[2]); - audit_syscall_entry(syscall_get_arch(), - syscall, - regs->regs[4], regs->regs[5], - audit_syscall_entry(regs->regs[2], regs->regs[4], regs->regs[5], ++ audit_syscall_entry(syscall, regs->regs[4], regs->regs[5], regs->regs[6], regs->regs[7]); + return syscall; } /* pgpm_h4k4dA2y.pgp Description: PGP signature
linux-next: manual merge of the audit tree with Linus' tree
Hi Eric, Today's linux-next merge of the audit tree got a conflict in arch/mips/kernel/ptrace.c between commits 6e34574603f6 (MIPS: asm: syscall: Define syscall_get_arch) and 1225eb825208(MIPS: ptrace: Move away from secure_computing_strict) from Linus' tree and commit 8ea408a0c1e7 (ARCH: AUDIT: audit_syscall_entry() should not require the arch) from the audit tree. I fixed it up (see below) and can carry the fix as necessary (no action is required). -- Cheers, Stephen Rothwells...@canb.auug.org.au diff --cc arch/mips/kernel/ptrace.c index 71f85f427034,8b393bcf7919.. --- a/arch/mips/kernel/ptrace.c +++ b/arch/mips/kernel/ptrace.c @@@ -649,11 -677,8 +649,9 @@@ asmlinkage long syscall_trace_enter(str if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) trace_sys_enter(regs, regs-regs[2]); - audit_syscall_entry(syscall_get_arch(), - syscall, - regs-regs[4], regs-regs[5], - audit_syscall_entry(regs-regs[2], regs-regs[4], regs-regs[5], ++ audit_syscall_entry(syscall, regs-regs[4], regs-regs[5], regs-regs[6], regs-regs[7]); + return syscall; } /* pgpm_h4k4dA2y.pgp Description: PGP signature
Re: linux-next: manual merge of the audit tree with Linus' tree
On Wed, 2014-04-16 at 14:02 +1000, Stephen Rothwell wrote: > You could have avoided this by doing a fast forward merge of v3.15-rc1 > instead of the v3.14 merge (since everything in your tree before that > merge was also in Linus' tree by v3.15-rc1). This is a situation I've never really known the right way to handle. I certainly could/can fast forward to 3.15-rc1, but then I have a random crap development base for the audit tree. Which is especially bad sine -rc1 doesn't even boot on my main machine. What I've always done is to merge the last release right after the pull and go from there, but it clearly leaves conflict potential Which is preferred? I've always enjoyed having my trees based on a release -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: linux-next: manual merge of the audit tree with Linus' tree
On Wed, 2014-04-16 at 14:02 +1000, Stephen Rothwell wrote: You could have avoided this by doing a fast forward merge of v3.15-rc1 instead of the v3.14 merge (since everything in your tree before that merge was also in Linus' tree by v3.15-rc1). This is a situation I've never really known the right way to handle. I certainly could/can fast forward to 3.15-rc1, but then I have a random crap development base for the audit tree. Which is especially bad sine -rc1 doesn't even boot on my main machine. What I've always done is to merge the last release right after the pull and go from there, but it clearly leaves conflict potential Which is preferred? I've always enjoyed having my trees based on a release -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
linux-next: manual merge of the audit tree with Linus' tree
Hi Eric, Today's linux-next merge of the audit tree got conflicts in arch/mips/include/asm/syscall.h, arch/x86/Kconfig and kernel/audit.c between commits from Linus' tree and commit 596b0569084b ("Merge tag 'v3.14' into mergeing") from the audit tree. This happened because you merged Linus' tag v3.14 into your tree. In this case, that merge had conflicts that you resolved differently to the way Linus had resolved them when he merged your tree for v3.15-rc1. I fixed it up (by using Linus' version) and can carry the fix as necessary (no action is required). You could have avoided this by doing a fast forward merge of v3.15-rc1 instead of the v3.14 merge (since everything in your tree before that merge was also in Linus' tree by v3.15-rc1). -- Cheers, Stephen Rothwells...@canb.auug.org.au pgp3sjGSfJRsq.pgp Description: PGP signature
linux-next: manual merge of the audit tree with Linus' tree
Hi Eric, Today's linux-next merge of the audit tree got conflicts in arch/mips/include/asm/syscall.h, arch/x86/Kconfig and kernel/audit.c between commits from Linus' tree and commit 596b0569084b (Merge tag 'v3.14' into mergeing) from the audit tree. This happened because you merged Linus' tag v3.14 into your tree. In this case, that merge had conflicts that you resolved differently to the way Linus had resolved them when he merged your tree for v3.15-rc1. I fixed it up (by using Linus' version) and can carry the fix as necessary (no action is required). You could have avoided this by doing a fast forward merge of v3.15-rc1 instead of the v3.14 merge (since everything in your tree before that merge was also in Linus' tree by v3.15-rc1). -- Cheers, Stephen Rothwells...@canb.auug.org.au pgp3sjGSfJRsq.pgp Description: PGP signature
Re: linux-next: manual merge of the audit tree with Linus' tree
Hi Richard, On Tue, 1 Apr 2014 08:54:13 -0400 Richard Guy Briggs wrote: > > > [Eric: that audit tree commit has no Signed-off-by from you even though > > you committed it ... there are a few like that] > > I added my Signed-off to the list posting. The point is that Eric (Paris) committed your patch to his "audit" tree (at least the commit in his tree indicates that he was the committer) and (presumably) will ask Linus to pull his tree, but did not add his Signed-off-by to the commit (which he should have done). -- Cheers, Stephen Rothwells...@canb.auug.org.au pgp2E7KNcWauN.pgp Description: PGP signature
Re: linux-next: manual merge of the audit tree with Linus' tree
On 14/04/01, Stephen Rothwell wrote: > Hi Eric, Hi Stephen, > Today's linux-next merge of the audit tree got a conflict in > kernel/audit.c between commit aa4af831bb4f ("AUDIT: Allow login in > non-init namespaces") from Linus' tree and commit 5a3cb3b6c3a0 ("audit: > allow user processes to log from another PID namespace") from the audit > tree. > > I fixed it up (see below) and can carry the fix as necessary (no action > is required). I expected this conflict. Thanks for fixing it up! > [Eric: that audit tree commit has no Signed-off-by from you even though > you committed it ... there are a few like that] I added my Signed-off to the list posting. > -- > Cheers, > Stephen Rothwells...@canb.auug.org.au > > diff --cc kernel/audit.c > index 95a20f3f52f1,ad77d1e80895.. > --- a/kernel/audit.c > +++ b/kernel/audit.c > @@@ -607,20 -607,9 +607,19 @@@ static int audit_netlink_ok(struct sk_b > { > int err = 0; > > - /* Only support the initial namespaces for now. */ > + /* Only support initial user namespace for now. */ > +/* > + * We return ECONNREFUSED because it tricks userspace into thinking > + * that audit was not configured into the kernel. Lots of users > + * configure their PAM stack (because that's what the distro does) > + * to reject login if unable to send messages to audit. If we return > + * ECONNREFUSED the PAM stack thinks the kernel does not have audit > + * configured in and will let login proceed. If we return EPERM > + * userspace will reject all logins. This should be removed when we > + * support non init namespaces!! > + */ > - if ((current_user_ns() != _user_ns) || > - (task_active_pid_ns(current) != _pid_ns)) > + if ((current_user_ns() != _user_ns)) > -return -EPERM; > +return -ECONNREFUSED; > > switch (msg_type) { > case AUDIT_LIST: - RGB -- Richard Guy Briggs Senior Software Engineer, Kernel Security, AMER ENG Base Operating Systems, Red Hat Remote, Ottawa, Canada Voice: +1.647.777.2635, Internal: (81) 32635, Alt: +1.613.693.0684x3545 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: linux-next: manual merge of the audit tree with Linus' tree
On 14/04/01, Stephen Rothwell wrote: Hi Eric, Hi Stephen, Today's linux-next merge of the audit tree got a conflict in kernel/audit.c between commit aa4af831bb4f (AUDIT: Allow login in non-init namespaces) from Linus' tree and commit 5a3cb3b6c3a0 (audit: allow user processes to log from another PID namespace) from the audit tree. I fixed it up (see below) and can carry the fix as necessary (no action is required). I expected this conflict. Thanks for fixing it up! [Eric: that audit tree commit has no Signed-off-by from you even though you committed it ... there are a few like that] I added my Signed-off to the list posting. -- Cheers, Stephen Rothwells...@canb.auug.org.au diff --cc kernel/audit.c index 95a20f3f52f1,ad77d1e80895.. --- a/kernel/audit.c +++ b/kernel/audit.c @@@ -607,20 -607,9 +607,19 @@@ static int audit_netlink_ok(struct sk_b { int err = 0; - /* Only support the initial namespaces for now. */ + /* Only support initial user namespace for now. */ +/* + * We return ECONNREFUSED because it tricks userspace into thinking + * that audit was not configured into the kernel. Lots of users + * configure their PAM stack (because that's what the distro does) + * to reject login if unable to send messages to audit. If we return + * ECONNREFUSED the PAM stack thinks the kernel does not have audit + * configured in and will let login proceed. If we return EPERM + * userspace will reject all logins. This should be removed when we + * support non init namespaces!! + */ - if ((current_user_ns() != init_user_ns) || - (task_active_pid_ns(current) != init_pid_ns)) + if ((current_user_ns() != init_user_ns)) -return -EPERM; +return -ECONNREFUSED; switch (msg_type) { case AUDIT_LIST: - RGB -- Richard Guy Briggs rbri...@redhat.com Senior Software Engineer, Kernel Security, AMER ENG Base Operating Systems, Red Hat Remote, Ottawa, Canada Voice: +1.647.777.2635, Internal: (81) 32635, Alt: +1.613.693.0684x3545 -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: linux-next: manual merge of the audit tree with Linus' tree
Hi Richard, On Tue, 1 Apr 2014 08:54:13 -0400 Richard Guy Briggs r...@redhat.com wrote: [Eric: that audit tree commit has no Signed-off-by from you even though you committed it ... there are a few like that] I added my Signed-off to the list posting. The point is that Eric (Paris) committed your patch to his audit tree (at least the commit in his tree indicates that he was the committer) and (presumably) will ask Linus to pull his tree, but did not add his Signed-off-by to the commit (which he should have done). -- Cheers, Stephen Rothwells...@canb.auug.org.au pgp2E7KNcWauN.pgp Description: PGP signature
linux-next: manual merge of the audit tree with Linus' tree
Hi Eric, Today's linux-next merge of the audit tree got a conflict in kernel/audit.c between commit aa4af831bb4f ("AUDIT: Allow login in non-init namespaces") from Linus' tree and commit 5a3cb3b6c3a0 ("audit: allow user processes to log from another PID namespace") from the audit tree. I fixed it up (see below) and can carry the fix as necessary (no action is required). [Eric: that audit tree commit has no Signed-off-by from you even though you committed it ... there are a few like that] -- Cheers, Stephen Rothwells...@canb.auug.org.au diff --cc kernel/audit.c index 95a20f3f52f1,ad77d1e80895.. --- a/kernel/audit.c +++ b/kernel/audit.c @@@ -607,20 -607,9 +607,19 @@@ static int audit_netlink_ok(struct sk_b { int err = 0; - /* Only support the initial namespaces for now. */ + /* Only support initial user namespace for now. */ + /* + * We return ECONNREFUSED because it tricks userspace into thinking + * that audit was not configured into the kernel. Lots of users + * configure their PAM stack (because that's what the distro does) + * to reject login if unable to send messages to audit. If we return + * ECONNREFUSED the PAM stack thinks the kernel does not have audit + * configured in and will let login proceed. If we return EPERM + * userspace will reject all logins. This should be removed when we + * support non init namespaces!! + */ - if ((current_user_ns() != _user_ns) || - (task_active_pid_ns(current) != _pid_ns)) + if ((current_user_ns() != _user_ns)) - return -EPERM; + return -ECONNREFUSED; switch (msg_type) { case AUDIT_LIST: pgp7HzzL6q27v.pgp Description: PGP signature
linux-next: manual merge of the audit tree with Linus' tree
Hi Eric, Today's linux-next merge of the audit tree got a conflict in kernel/audit.c between commit aa4af831bb4f (AUDIT: Allow login in non-init namespaces) from Linus' tree and commit 5a3cb3b6c3a0 (audit: allow user processes to log from another PID namespace) from the audit tree. I fixed it up (see below) and can carry the fix as necessary (no action is required). [Eric: that audit tree commit has no Signed-off-by from you even though you committed it ... there are a few like that] -- Cheers, Stephen Rothwells...@canb.auug.org.au diff --cc kernel/audit.c index 95a20f3f52f1,ad77d1e80895.. --- a/kernel/audit.c +++ b/kernel/audit.c @@@ -607,20 -607,9 +607,19 @@@ static int audit_netlink_ok(struct sk_b { int err = 0; - /* Only support the initial namespaces for now. */ + /* Only support initial user namespace for now. */ + /* + * We return ECONNREFUSED because it tricks userspace into thinking + * that audit was not configured into the kernel. Lots of users + * configure their PAM stack (because that's what the distro does) + * to reject login if unable to send messages to audit. If we return + * ECONNREFUSED the PAM stack thinks the kernel does not have audit + * configured in and will let login proceed. If we return EPERM + * userspace will reject all logins. This should be removed when we + * support non init namespaces!! + */ - if ((current_user_ns() != init_user_ns) || - (task_active_pid_ns(current) != init_pid_ns)) + if ((current_user_ns() != init_user_ns)) - return -EPERM; + return -ECONNREFUSED; switch (msg_type) { case AUDIT_LIST: pgp7HzzL6q27v.pgp Description: PGP signature
linux-next: manual merge of the audit tree with Linus' tree
Hi Eric, Today's linux-next merge of the audit tree got a conflict in include/net/xfrm.h between commit d511337a1eda ("xfrm.h: Remove extern from function prototypes") from Linus' tree and commit 4440e8548153 ("audit: convert all sessionid declaration to unsigned int") from the audit tree. I fixed it up (see below) and can carry the fix as necessary (no action is required). -- Cheers, Stephen Rothwells...@canb.auug.org.au diff --cc include/net/xfrm.h index cd7c46ff6f1f,f8d32b908423.. --- a/include/net/xfrm.h +++ b/include/net/xfrm.h @@@ -714,23 -713,23 +714,23 @@@ static inline void xfrm_audit_helper_us audit_log_task_context(audit_buf); } -extern void xfrm_audit_policy_add(struct xfrm_policy *xp, int result, -kuid_t auid, unsigned int ses, u32 secid); -extern void xfrm_audit_policy_delete(struct xfrm_policy *xp, int result, -kuid_t auid, unsigned int ses, u32 secid); -extern void xfrm_audit_state_add(struct xfrm_state *x, int result, - kuid_t auid, unsigned int ses, u32 secid); -extern void xfrm_audit_state_delete(struct xfrm_state *x, int result, - kuid_t auid, unsigned int ses, u32 secid); -extern void xfrm_audit_state_replay_overflow(struct xfrm_state *x, - struct sk_buff *skb); -extern void xfrm_audit_state_replay(struct xfrm_state *x, - struct sk_buff *skb, __be32 net_seq); -extern void xfrm_audit_state_notfound_simple(struct sk_buff *skb, u16 family); -extern void xfrm_audit_state_notfound(struct sk_buff *skb, u16 family, -__be32 net_spi, __be32 net_seq); -extern void xfrm_audit_state_icvfail(struct xfrm_state *x, - struct sk_buff *skb, u8 proto); +void xfrm_audit_policy_add(struct xfrm_policy *xp, int result, kuid_t auid, - u32 ses, u32 secid); ++ unsigned int ses, u32 secid); +void xfrm_audit_policy_delete(struct xfrm_policy *xp, int result, kuid_t auid, - u32 ses, u32 secid); ++unsigned int ses, u32 secid); +void xfrm_audit_state_add(struct xfrm_state *x, int result, kuid_t auid, - u32 ses, u32 secid); ++unsigned int ses, u32 secid); +void xfrm_audit_state_delete(struct xfrm_state *x, int result, kuid_t auid, -u32 ses, u32 secid); ++ unsigned int ses, u32 secid); +void xfrm_audit_state_replay_overflow(struct xfrm_state *x, +struct sk_buff *skb); +void xfrm_audit_state_replay(struct xfrm_state *x, struct sk_buff *skb, + __be32 net_seq); +void xfrm_audit_state_notfound_simple(struct sk_buff *skb, u16 family); +void xfrm_audit_state_notfound(struct sk_buff *skb, u16 family, __be32 net_spi, + __be32 net_seq); +void xfrm_audit_state_icvfail(struct xfrm_state *x, struct sk_buff *skb, +u8 proto); #else static inline void xfrm_audit_policy_add(struct xfrm_policy *xp, int result, pgpaVLYDBxn9h.pgp Description: PGP signature
linux-next: manual merge of the audit tree with Linus' tree
Hi Eric, Today's linux-next merge of the audit tree got a conflict in include/net/xfrm.h between commit d511337a1eda (xfrm.h: Remove extern from function prototypes) from Linus' tree and commit 4440e8548153 (audit: convert all sessionid declaration to unsigned int) from the audit tree. I fixed it up (see below) and can carry the fix as necessary (no action is required). -- Cheers, Stephen Rothwells...@canb.auug.org.au diff --cc include/net/xfrm.h index cd7c46ff6f1f,f8d32b908423.. --- a/include/net/xfrm.h +++ b/include/net/xfrm.h @@@ -714,23 -713,23 +714,23 @@@ static inline void xfrm_audit_helper_us audit_log_task_context(audit_buf); } -extern void xfrm_audit_policy_add(struct xfrm_policy *xp, int result, -kuid_t auid, unsigned int ses, u32 secid); -extern void xfrm_audit_policy_delete(struct xfrm_policy *xp, int result, -kuid_t auid, unsigned int ses, u32 secid); -extern void xfrm_audit_state_add(struct xfrm_state *x, int result, - kuid_t auid, unsigned int ses, u32 secid); -extern void xfrm_audit_state_delete(struct xfrm_state *x, int result, - kuid_t auid, unsigned int ses, u32 secid); -extern void xfrm_audit_state_replay_overflow(struct xfrm_state *x, - struct sk_buff *skb); -extern void xfrm_audit_state_replay(struct xfrm_state *x, - struct sk_buff *skb, __be32 net_seq); -extern void xfrm_audit_state_notfound_simple(struct sk_buff *skb, u16 family); -extern void xfrm_audit_state_notfound(struct sk_buff *skb, u16 family, -__be32 net_spi, __be32 net_seq); -extern void xfrm_audit_state_icvfail(struct xfrm_state *x, - struct sk_buff *skb, u8 proto); +void xfrm_audit_policy_add(struct xfrm_policy *xp, int result, kuid_t auid, - u32 ses, u32 secid); ++ unsigned int ses, u32 secid); +void xfrm_audit_policy_delete(struct xfrm_policy *xp, int result, kuid_t auid, - u32 ses, u32 secid); ++unsigned int ses, u32 secid); +void xfrm_audit_state_add(struct xfrm_state *x, int result, kuid_t auid, - u32 ses, u32 secid); ++unsigned int ses, u32 secid); +void xfrm_audit_state_delete(struct xfrm_state *x, int result, kuid_t auid, -u32 ses, u32 secid); ++ unsigned int ses, u32 secid); +void xfrm_audit_state_replay_overflow(struct xfrm_state *x, +struct sk_buff *skb); +void xfrm_audit_state_replay(struct xfrm_state *x, struct sk_buff *skb, + __be32 net_seq); +void xfrm_audit_state_notfound_simple(struct sk_buff *skb, u16 family); +void xfrm_audit_state_notfound(struct sk_buff *skb, u16 family, __be32 net_spi, + __be32 net_seq); +void xfrm_audit_state_icvfail(struct xfrm_state *x, struct sk_buff *skb, +u8 proto); #else static inline void xfrm_audit_policy_add(struct xfrm_policy *xp, int result, pgpaVLYDBxn9h.pgp Description: PGP signature
linux-next: manual merge of the audit tree with Linus' tree
Hi Eric, Today's linux-next merge of the audit tree got a conflict in fs/exec.c between commit(s) from Linus' tree and commit 9410d228a4cf ("audit: call audit_bprm() only once to add AUDIT_EXECVE information") from the audit tree. I fixed it up (using the supplied resolution - thanks - see below) and can carry the fix as necessary (no action is required). -- Cheers, Stephen Rothwells...@canb.auug.org.au diff --cc fs/exec.c index 8875dd10ae7a,c5c24f2fc44a.. --- a/fs/exec.c +++ b/fs/exec.c @@@ -1385,71 -1383,72 +1385,68 @@@ int search_binary_handler(struct linux_ if (retval) return retval; - retval = audit_bprm(bprm); - if (retval) - return retval; - + retval = -ENOENT; + retry: + read_lock(_lock); + list_for_each_entry(fmt, , lh) { + if (!try_module_get(fmt->module)) + continue; + read_unlock(_lock); + bprm->recursion_depth++; + retval = fmt->load_binary(bprm); + bprm->recursion_depth--; + if (retval >= 0 || retval != -ENOEXEC || + bprm->mm == NULL || bprm->file == NULL) { + put_binfmt(fmt); + return retval; + } + read_lock(_lock); + put_binfmt(fmt); + } + read_unlock(_lock); + + if (need_retry && retval == -ENOEXEC) { + if (printable(bprm->buf[0]) && printable(bprm->buf[1]) && + printable(bprm->buf[2]) && printable(bprm->buf[3])) + return retval; + if (request_module("binfmt-%04x", *(ushort *)(bprm->buf + 2)) < 0) + return retval; + need_retry = false; + goto retry; + } + + return retval; +} +EXPORT_SYMBOL(search_binary_handler); + +static int exec_binprm(struct linux_binprm *bprm) +{ + pid_t old_pid, old_vpid; + int ret; + /* Need to fetch pid before load_binary changes it */ old_pid = current->pid; rcu_read_lock(); old_vpid = task_pid_nr_ns(current, task_active_pid_ns(current->parent)); rcu_read_unlock(); - retval = -ENOENT; - for (try=0; try<2; try++) { - read_lock(_lock); - list_for_each_entry(fmt, , lh) { - int (*fn)(struct linux_binprm *) = fmt->load_binary; - if (!fn) - continue; - if (!try_module_get(fmt->module)) - continue; - read_unlock(_lock); - bprm->recursion_depth = depth + 1; - retval = fn(bprm); - bprm->recursion_depth = depth; - if (retval >= 0) { - if (depth == 0) { - audit_bprm(bprm); - trace_sched_process_exec(current, old_pid, bprm); - ptrace_event(PTRACE_EVENT_EXEC, old_vpid); - } - put_binfmt(fmt); - allow_write_access(bprm->file); - if (bprm->file) - fput(bprm->file); - bprm->file = NULL; - current->did_exec = 1; - proc_exec_connector(current); - return retval; - } - read_lock(_lock); - put_binfmt(fmt); - if (retval != -ENOEXEC || bprm->mm == NULL) - break; - if (!bprm->file) { - read_unlock(_lock); - return retval; - } + ret = search_binary_handler(bprm); + if (ret >= 0) { ++ audit_bprm(bprm); + trace_sched_process_exec(current, old_pid, bprm); + ptrace_event(PTRACE_EVENT_EXEC, old_vpid); + current->did_exec = 1; + proc_exec_connector(current); + + if (bprm->file) { + allow_write_access(bprm->file); + fput(bprm->file); + bprm->file = NULL; /* to catch use-after-free */ } - read_unlock(_lock); -#ifdef CONFIG_MODULES - if (retval != -ENOEXEC || bprm->mm == NULL) { - break; - } else { -#define printable(c) (((c)=='\t') || ((c)=='\n') || (0x20<=(c) && (c)<=0x7e)) - if (printable(bprm->buf[0]) && - printable(bprm->buf[1]) && -
linux-next: manual merge of the audit tree with Linus' tree
Hi Eric, Today's linux-next merge of the audit tree got a conflict in fs/exec.c between commit(s) from Linus' tree and commit 9410d228a4cf (audit: call audit_bprm() only once to add AUDIT_EXECVE information) from the audit tree. I fixed it up (using the supplied resolution - thanks - see below) and can carry the fix as necessary (no action is required). -- Cheers, Stephen Rothwells...@canb.auug.org.au diff --cc fs/exec.c index 8875dd10ae7a,c5c24f2fc44a.. --- a/fs/exec.c +++ b/fs/exec.c @@@ -1385,71 -1383,72 +1385,68 @@@ int search_binary_handler(struct linux_ if (retval) return retval; - retval = audit_bprm(bprm); - if (retval) - return retval; - + retval = -ENOENT; + retry: + read_lock(binfmt_lock); + list_for_each_entry(fmt, formats, lh) { + if (!try_module_get(fmt-module)) + continue; + read_unlock(binfmt_lock); + bprm-recursion_depth++; + retval = fmt-load_binary(bprm); + bprm-recursion_depth--; + if (retval = 0 || retval != -ENOEXEC || + bprm-mm == NULL || bprm-file == NULL) { + put_binfmt(fmt); + return retval; + } + read_lock(binfmt_lock); + put_binfmt(fmt); + } + read_unlock(binfmt_lock); + + if (need_retry retval == -ENOEXEC) { + if (printable(bprm-buf[0]) printable(bprm-buf[1]) + printable(bprm-buf[2]) printable(bprm-buf[3])) + return retval; + if (request_module(binfmt-%04x, *(ushort *)(bprm-buf + 2)) 0) + return retval; + need_retry = false; + goto retry; + } + + return retval; +} +EXPORT_SYMBOL(search_binary_handler); + +static int exec_binprm(struct linux_binprm *bprm) +{ + pid_t old_pid, old_vpid; + int ret; + /* Need to fetch pid before load_binary changes it */ old_pid = current-pid; rcu_read_lock(); old_vpid = task_pid_nr_ns(current, task_active_pid_ns(current-parent)); rcu_read_unlock(); - retval = -ENOENT; - for (try=0; try2; try++) { - read_lock(binfmt_lock); - list_for_each_entry(fmt, formats, lh) { - int (*fn)(struct linux_binprm *) = fmt-load_binary; - if (!fn) - continue; - if (!try_module_get(fmt-module)) - continue; - read_unlock(binfmt_lock); - bprm-recursion_depth = depth + 1; - retval = fn(bprm); - bprm-recursion_depth = depth; - if (retval = 0) { - if (depth == 0) { - audit_bprm(bprm); - trace_sched_process_exec(current, old_pid, bprm); - ptrace_event(PTRACE_EVENT_EXEC, old_vpid); - } - put_binfmt(fmt); - allow_write_access(bprm-file); - if (bprm-file) - fput(bprm-file); - bprm-file = NULL; - current-did_exec = 1; - proc_exec_connector(current); - return retval; - } - read_lock(binfmt_lock); - put_binfmt(fmt); - if (retval != -ENOEXEC || bprm-mm == NULL) - break; - if (!bprm-file) { - read_unlock(binfmt_lock); - return retval; - } + ret = search_binary_handler(bprm); + if (ret = 0) { ++ audit_bprm(bprm); + trace_sched_process_exec(current, old_pid, bprm); + ptrace_event(PTRACE_EVENT_EXEC, old_vpid); + current-did_exec = 1; + proc_exec_connector(current); + + if (bprm-file) { + allow_write_access(bprm-file); + fput(bprm-file); + bprm-file = NULL; /* to catch use-after-free */ } - read_unlock(binfmt_lock); -#ifdef CONFIG_MODULES - if (retval != -ENOEXEC || bprm-mm == NULL) { - break; - } else { -#define printable(c) (((c)=='\t') || ((c)=='\n') || (0x20=(c) (c)=0x7e)) - if (printable(bprm-buf[0]) - printable(bprm-buf[1]) -