[patch 3/3] simplify audit_free() locking
by akpm@osdl.org
From: Ingo Molnar <mingo(a)elte.hu>
Simplify audit_free()'s locking: no need to lock a task that we are tearing
down. [the extra locking also caused false positives in the lock
validator]
Signed-off-by: Ingo Molnar <mingo(a)elte.hu>
Cc: David Woodhouse <dwmw2(a)infradead.org>
Signed-off-by: Andrew Morton <akpm(a)osdl.org>
---
kernel/auditsc.c | 10 +++++++---
1 files changed, 7 insertions(+), 3 deletions(-)
diff -puN kernel/auditsc.c~simplify-audit_free-locking kernel/auditsc.c
--- devel/kernel/auditsc.c~simplify-audit_free-locking 2006-02-21 19:11:13.000000000 -0800
+++ devel-akpm/kernel/auditsc.c 2006-02-21 19:11:13.000000000 -0800
@@ -686,10 +686,14 @@ void audit_free(struct task_struct *tsk)
{
struct audit_context *context;
- task_lock(tsk);
+ /*
+ * No need to lock the task - when we execute audit_free()
+ * then the task has no external references anymore, and
+ * we are tearing it down. (The locking also confuses
+ * DEBUG_LOCKDEP - this freeing may occur in softirq
+ * contexts as well, via RCU.)
+ */
context = audit_get_context(tsk, 0, 0);
- task_unlock(tsk);
-
if (likely(!context))
return;
_
19 years, 1 month
[patch 2/3] sem2mutex: audit_netlink_sem
by akpm@osdl.org
From: Ingo Molnar <mingo(a)elte.hu>
Semaphore to mutex conversion.
The conversion was generated via scripts, and the result was validated
automatically via a script as well.
Signed-off-by: Ingo Molnar <mingo(a)elte.hu>
Cc: David Woodhouse <dwmw2(a)infradead.org>
Signed-off-by: Andrew Morton <akpm(a)osdl.org>
---
kernel/audit.c | 6 +++---
kernel/audit.h | 3 ++-
kernel/auditfilter.c | 16 ++++++++--------
3 files changed, 13 insertions(+), 12 deletions(-)
diff -puN kernel/audit.c~sem2mutex-audit_netlink_sem kernel/audit.c
--- devel/kernel/audit.c~sem2mutex-audit_netlink_sem 2006-03-03 00:55:30.000000000 -0800
+++ devel-akpm/kernel/audit.c 2006-03-03 00:55:30.000000000 -0800
@@ -114,7 +114,7 @@ static DECLARE_WAIT_QUEUE_HEAD(audit_bac
/* The netlink socket is only to be read by 1 CPU, which lets us assume
* that list additions and deletions never happen simultaneously in
* auditsc.c */
-DECLARE_MUTEX(audit_netlink_sem);
+DEFINE_MUTEX(audit_netlink_mutex);
/* AUDIT_BUFSIZ is the size of the temporary buffer used for formatting
* audit records. Since printk uses a 1024 byte buffer, this buffer
@@ -538,14 +538,14 @@ static void audit_receive(struct sock *s
struct sk_buff *skb;
unsigned int qlen;
- down(&audit_netlink_sem);
+ mutex_lock(&audit_netlink_mutex);
for (qlen = skb_queue_len(&sk->sk_receive_queue); qlen; qlen--) {
skb = skb_dequeue(&sk->sk_receive_queue);
audit_receive_skb(skb);
kfree_skb(skb);
}
- up(&audit_netlink_sem);
+ mutex_unlock(&audit_netlink_mutex);
}
diff -puN kernel/auditfilter.c~sem2mutex-audit_netlink_sem kernel/auditfilter.c
--- devel/kernel/auditfilter.c~sem2mutex-audit_netlink_sem 2006-03-03 00:55:30.000000000 -0800
+++ devel-akpm/kernel/auditfilter.c 2006-03-03 00:55:30.000000000 -0800
@@ -329,7 +329,7 @@ static int audit_compare_rule(struct aud
}
/* Add rule to given filterlist if not a duplicate. Protected by
- * audit_netlink_sem. */
+ * audit_netlink_mutex. */
static inline int audit_add_rule(struct audit_entry *entry,
struct list_head *list)
{
@@ -359,7 +359,7 @@ static inline int audit_add_rule(struct
}
/* Remove an existing rule from filterlist. Protected by
- * audit_netlink_sem. */
+ * audit_netlink_mutex. */
static inline int audit_del_rule(struct audit_entry *entry,
struct list_head *list)
{
@@ -394,10 +394,10 @@ static int audit_list(void *_dest)
seq = dest[1];
kfree(dest);
- down(&audit_netlink_sem);
+ mutex_lock(&audit_netlink_mutex);
/* The *_rcu iterators not needed here because we are
- always called with audit_netlink_sem held. */
+ always called with audit_netlink_mutex held. */
for (i=0; i<AUDIT_NR_FILTERS; i++) {
list_for_each_entry(entry, &audit_filter_list[i], list) {
struct audit_rule *rule;
@@ -412,7 +412,7 @@ static int audit_list(void *_dest)
}
audit_send_reply(pid, seq, AUDIT_LIST, 1, 1, NULL, 0);
- up(&audit_netlink_sem);
+ mutex_unlock(&audit_netlink_mutex);
return 0;
}
@@ -428,10 +428,10 @@ static int audit_list_rules(void *_dest)
seq = dest[1];
kfree(dest);
- down(&audit_netlink_sem);
+ mutex_lock(&audit_netlink_mutex);
/* The *_rcu iterators not needed here because we are
- always called with audit_netlink_sem held. */
+ always called with audit_netlink_mutex held. */
for (i=0; i<AUDIT_NR_FILTERS; i++) {
list_for_each_entry(e, &audit_filter_list[i], list) {
struct audit_rule_data *data;
@@ -446,7 +446,7 @@ static int audit_list_rules(void *_dest)
}
audit_send_reply(pid, seq, AUDIT_LIST_RULES, 1, 1, NULL, 0);
- up(&audit_netlink_sem);
+ mutex_unlock(&audit_netlink_mutex);
return 0;
}
diff -puN kernel/audit.h~sem2mutex-audit_netlink_sem kernel/audit.h
--- devel/kernel/audit.h~sem2mutex-audit_netlink_sem 2006-03-03 00:55:30.000000000 -0800
+++ devel-akpm/kernel/audit.h 2006-03-03 00:55:30.000000000 -0800
@@ -19,6 +19,7 @@
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
+#include <linux/mutex.h>
#include <linux/fs.h>
#include <linux/audit.h>
@@ -84,4 +85,4 @@ extern void audit_send_reply(int pi
void *payload, int size);
extern void audit_log_lost(const char *message);
extern void audit_panic(const char *message);
-extern struct semaphore audit_netlink_sem;
+extern struct mutex audit_netlink_mutex;
_
19 years, 1 month
Another slab size-32 leak 2.6.16-rc4-mm2
by Valdis.Kletnieks@vt.edu
My system isn't leaking as badly after the first patch, but I still
currently have about 174,000+ leaked size-32 from <ipcperms+0xf/0x91>
after about an hour's uptime.
Looks like if audit_ipc_context() is called from elsewhere in kernel/auditsc.c,
it's cleaned up after. However, the call from ipc/util.c in ipcperms() doesn't
seem to get cleaned up after (and, in fact, it isn't clear why it's even called
there, at least to me...)
diff --git a/ipc/util.c b/ipc/util.c
index 8626219..e37e1e9 100644
--- a/ipc/util.c
+++ b/ipc/util.c
@@ -27,6 +27,7 @@
#include <linux/workqueue.h>
#include <linux/seq_file.h>
#include <linux/proc_fs.h>
+#include <linux/audit.h>
#include <asm/unistd.h>
@@ -468,6 +469,7 @@ int ipcperms (struct kern_ipc_perm *ipcp
{ /* flag will most probably be 0 or S_...UGO from <linux/stat.h> */
int requested_mode, granted_mode;
+ audit_ipc_context(ipcp);
requested_mode = (flag >> 6) | (flag >> 3) | flag;
granted_mode = ipcp->mode;
if (current->euid == ipcp->cuid || current->euid == ipcp->uid)
Looks like the source of my problem...
19 years, 1 month
[PATCH] fix audit_init failure path
by Amy Griffis
Make audit_init() failure path handle situations where the audit_panic()
action is not AUDIT_FAIL_PANIC (default is AUDIT_FAIL_PRINTK). Other uses
of audit_sock are not reached unless audit's netlink message handler is
properly registered. Bug noticed by Peter Staubach.
Signed-off-by: Amy Griffis <amy.griffis(a)hp.com>
diff --git a/kernel/audit.c b/kernel/audit.c
index 0a813d2..75861e3 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -519,8 +519,9 @@ static int __init audit_init(void)
THIS_MODULE);
if (!audit_sock)
audit_panic("cannot initialize netlink socket");
+ else
+ audit_sock->sk_sndtimeo = MAX_SCHEDULE_TIMEOUT;
- audit_sock->sk_sndtimeo = MAX_SCHEDULE_TIMEOUT;
skb_queue_head_init(&audit_skb_queue);
audit_initialized = 1;
audit_enabled = audit_default;
19 years, 1 month
[fwd] Re: + git-audit-master-build-fix.patch added to -mm tree
by Alexander Viro
[resent from the account used to subscribe on the list]
[replacement patch below is put into audit-current.git]
On Fri, Mar 03, 2006 at 02:32:21AM -0800, akpm(a)osdl.org wrote:
>
> The patch titled
>
> git-audit-master build fix
>
> has been added to the -mm tree. Its filename is
>
> git-audit-master-build-fix.patch
>
> See http://www.zip.com.au/~akpm/linux/patches/stuff/added-to-mm.txt to find
> out what to do about this
>
>
> From: Andrew Morton <akpm(a)osdl.org>
>
> CONFIG_AUDIT=y, CONFIG_AUDITSYSCALL=n:
>
> kernel/auditfilter.c: In function `audit_add_rule':
> kernel/auditfilter.c:329: error: invalid lvalue in increment
> kernel/auditfilter.c: In function `audit_del_rule':
> kernel/auditfilter.c:348: error: invalid lvalue in increment
> kernel/auditfilter.c:350: error: invalid lvalue in decrement
>
> possibly-hacky-fix:
No, that defeats the purpose of that thing. It's increments and
decrements that should be conditional. Patch below should fix
that; it, or better will be folded into Jason's patch at the next
rebase.
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index aeaba84..f31e6b6 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -334,7 +334,9 @@ static inline int audit_add_rule(struct
struct list_head *list)
{
struct audit_entry *e;
+#ifdef CONFIG_AUDITSYSCALL
int dont_count = 0;
+#endif
/* Do not use the _rcu iterator here, since this is the only
* addition routine. */
@@ -344,16 +346,20 @@ static inline int audit_add_rule(struct
}
/* If either of these, don't count towards total */
+#ifdef CONFIG_AUDITSYSCALL
if (entry->rule.listnr == AUDIT_FILTER_USER ||
entry->rule.listnr == AUDIT_FILTER_TYPE)
dont_count = 1;
+#endif
if (entry->rule.flags & AUDIT_FILTER_PREPEND) {
list_add_rcu(&entry->list, list);
} else {
list_add_tail_rcu(&entry->list, list);
}
+#ifdef CONFIG_AUDITSYSCALL
if (!dont_count)
audit_n_rules++;
+#endif
return 0;
}
@@ -370,11 +376,15 @@ static inline int audit_del_rule(struct
list_for_each_entry(e, list, list) {
if (!audit_compare_rule(&entry->rule, &e->rule)) {
list_del_rcu(&e->list);
+#ifdef CONFIG_AUDITSYSCALL
if (entry->rule.listnr == AUDIT_FILTER_USER ||
entry->rule.listnr == AUDIT_FILTER_TYPE)
audit_n_rules++;
+#endif
call_rcu(&e->rcu, audit_free_rule_rcu);
+#ifdef CONFIG_AUDITSYSCALL
audit_n_rules--;
+#endif
return 0;
}
}
19 years, 1 month
avc messages getting separated
by Steve Grubb
Hi,
I was noticing a behavior that in the past we said should never happen. I was
running the lspp.10 kernel and confirmed the same issue with a rawhide
kernel. The problem is that an event starts to output a record, and then
another event takes over, then the first event continues:
type=AVC msg=audit(03/05/2006 07:58:36.011:19) : avc: denied { unlink } for
pid=1622 comm=mount name=blkid.tab.old dev=hda7 ino=11403719
scontext=system_u:system_r:mount_t:s0 tcontext=root:object_r:etc_t:s0
tclass=file
----
type=PATH msg=audit(03/05/2006 07:58:36.015:20) : item=0 name=/bin/sh
flags=nonetype=CWD msg=audit(03/05/2006 07:58:36.015:20) : cwd=/
type=SYSCALL msg=audit(03/05/2006 07:58:36.015:20) : arch=x86_64
syscall=execve
success=no exit=-13(Permission denied) a0=2ac24fcc014d a1=7fffff855ea0
a2=7fffff859d08 a3=8 items=1 pid=1623 auid=unknown(4294967295) uid=root
gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root
comm=avc_skel exe=/sbin/avc_skel
type=AVC msg=audit(03/05/2006 07:58:36.015:20) : avc: denied { search } for
pid=1623 comm=avc_skel name=bin dev=hda7 ino=6258689
scontext=system_u:system_r:auditd_t:s0 tcontext=system_u:object_r:bin_t:s0
tclass=dir
----
type=PATH msg=audit(03/05/2006 07:58:36.011:19) : item=0
name=/etc/blkid.tab.old flags=parent inode=11403265 dev=03:07 mode=dir,755
ouid=root ogid=root rdev=00:00
type=CWD msg=audit(03/05/2006 07:58:36.011:19) : cwd=/
type=SYSCALL msg=audit(03/05/2006 07:58:36.011:19) : arch=x86_64
syscall=unlink
success=no exit=-13(Permission denied) a0=617d30 a1=378f9070a4 a2=617d42 a3=0
items=1 pid=1622 auid=unknown(4294967295) uid=root gid=root euid=root
suid=root fsuid=root egid=root sgid=root fsgid=root comm=mount exe=/bin/mount
You should be able to find this in your logs if you are running with the lspp
rules. Look for the unlink syscall.
Any ideas?
-Steve
19 years, 1 month
+ git-audit-fixes.patch added to -mm tree
by akpm@osdl.org
The patch titled
git-audit-fixes
has been added to the -mm tree. Its filename is
git-audit-fixes.patch
See http://www.zip.com.au/~akpm/linux/patches/stuff/added-to-mm.txt to find
out what to do about this
From: Andrew Morton <akpm(a)osdl.org>
kernel/auditfilter.c: In function `audit_comparator':
kernel/auditfilter.c:554: warning: control reaches end of non-void function
kernel/auditfilter.c: At top level:
kernel/auditfilter.c:58: warning: `audit_unpack_string' defined but not used
Cc: <linux-audit(a)redhat.com>
Cc: Al Viro <viro(a)ftp.linux.org.uk>
Signed-off-by: Andrew Morton <akpm(a)osdl.org>
---
kernel/auditfilter.c | 31 ++-----------------------------
1 files changed, 2 insertions(+), 29 deletions(-)
diff -puN kernel/auditfilter.c~git-audit-fixes kernel/auditfilter.c
--- devel/kernel/auditfilter.c~git-audit-fixes 2006-03-03 01:09:08.000000000 -0800
+++ devel-akpm/kernel/auditfilter.c 2006-03-03 01:09:08.000000000 -0800
@@ -52,33 +52,6 @@ static inline void audit_free_rule_rcu(s
audit_free_rule(e);
}
-/* Unpack a filter field's string representation from user-space
- * buffer. */
-static char *audit_unpack_string(void **bufp, size_t *remain, size_t len)
-{
- char *str;
-
- if (!*bufp || (len == 0) || (len > *remain))
- return ERR_PTR(-EINVAL);
-
- /* Of the currently implemented string fields, PATH_MAX
- * defines the longest valid length.
- */
- if (len > PATH_MAX)
- return ERR_PTR(-ENAMETOOLONG);
-
- str = kmalloc(len + 1, GFP_KERNEL);
- if (unlikely(!str))
- return ERR_PTR(-ENOMEM);
-
- memcpy(str, *bufp, len);
- str[len] = 0;
- *bufp += len;
- *remain -= len;
-
- return str;
-}
-
/* Common user-space to kernel rule translation. */
static inline struct audit_entry *audit_to_entry_common(struct audit_rule *rule)
{
@@ -551,10 +524,10 @@ int audit_comparator(const u32 left, con
case AUDIT_GREATER_THAN_OR_EQUAL:
return (left >= right);
}
+ BUG();
+ return 0;
}
-
-
static int audit_filter_user_rules(struct netlink_skb_parms *cb,
struct audit_krule *rule,
enum audit_state *state)
_
Patches currently in -mm which might be from akpm(a)osdl.org are
linus.patch
i386-port-ati-timer-fix-from-x86_64-to-i386-ii-fixes.patch
fix-ide-locking-error-tidy.patch
multiple-exports-of-strpbrk.patch
git-acpi-up-fix.patch
git-acpi-up-fix-2.patch
git-alsa.patch
git-audit-master.patch
git-audit-fixes.patch
revert-gregkh-driver-put_device-might_sleep.patch
revert-gregkh-driver-fix-up-the-sysfs-pollable-patch.patch
revert-gregkh-driver-allow-sysfs-attribute-files-to-be-pollable.patch
sysfs_h-cleanup.patch
get_cpu_sysdev-signedness-fix.patch
topologyc-tweaks.patch
cpuc-section-fixes.patch
git-dvb.patch
git-input.patch
input-pcspkr-device-and-driver-separation-fix.patch
input-pcspkr-device-and-driver-separation-fix-2.patch
input-pcspkr-device-and-driver-separation-fix-3.patch
git-kbuild.patch
git-libata-all.patch
m25p80-printk-warning-fix.patch
git-netdev-all.patch
ipw2200-warning-fix.patch
drivers-net-ns83820c-add-paramter-to-disable-auto-tidy.patch
3c509-bus-registration-fix.patch
3c509-use-proper-suspend-resume-api-fix.patch
pm-suspend-eisa-and-mca-devices-fix.patch
net-allow-32-bit-socket-ioctl-in-64-bit-kernel-tidy.patch
net-socket-timestamp-32-bit-handler-for-64-bit-kernel-tidy.patch
net-socket-timestamp-32-bit-handler-for-64-bit-kernel-fix.patch
x25-ioctl-conversion-32-bit-user-to-64-bit-kernel-tidy.patch
x25-ioctl-conversion-32-bit-user-to-64-bit-kernel-tidy-fix.patch
x25-allow-itu-t-dte-facilities-for-x25-tidy.patch
nfs-unify-nfs-superblocks-per-protocol-per-server-fix.patch
revert-gregkh-pci-x86-pci-domain-support-the-meat.patch
git-pcmcia.patch
git-scsi-misc.patch
megaraid-unused-variable.patch
git-sas-jg.patch
git-sparc64.patch
gregkh-usb-usb-optimise-devio.c-usbdev_read-fix.patch
git-watchdog.patch
x86_64-mm-dmi-year-fix.patch
revert-x86_64-mm-dmi-early.patch
x86_64-mm-c3-timer-check-amd-fix.patch
git-xfs.patch
drivers-block-floppyc-dont-free_irq-from-irq-context-fix.patch
slab-cleanup.patch
slab-remove-slab_no_reap-option-fix.patch
on_each_cpu-disable-local-interupts.patch
slab-use-on_each_cpu.patch
vmscan-scan_control-cleanup.patch
vmscan-use-unsigned-longs.patch
vmscan-return-nr_reclaimed.patch
vmscan-rename-functions.patch
mm-prep_zero_page-in-irq-is-a-bug.patch
hugepage-small-fixes-to-hugepage-clear-copy-path-tidy.patch
hugepage-serialize-hugepage-allocation-and-instantiation-tidy.patch
mm-implement-swap-prefetching-fix.patch
acx1xx-wireless-driver.patch
via-pmu-warning-fix.patch
x86-early-printk-remove-max_ypos-and-max_xpos-macros.patch
register-the-boot-cpu-in-the-cpu-maps-earlier-fix.patch
i386-actively-synchronize-vmalloc-area-when-registering-certain-callbacks-tidy.patch
fix-the-imlicit-declaration-of-mtrr_centaur_report_mcr-in-arch-i386-kernel-cpu-centaurc-fix.patch
revert-swsusp-fix-breakage-with-swap-on-lvm.patch
pm-print-name-of-failed-suspend-function.patch
swsusp-resume-parsing-fix.patch
ext3_readdir-use-generic-readahead.patch
sem2mutex-blockdev-2-git-blktrace-fix.patch
pause_on_oops-command-line-option.patch
more-for_each_cpu-conversions.patch
free_uid-locking-improvement.patch
percpu_counter_sum.patch
filemap_fdata_write-api-fix-end-parameter.patch
fadvise-async-write-commands.patch
balance_dirty_pages_ratelimited-take-nr_pages-arg.patch
set_page_dirty-return-value-fixes.patch
msync-perform-dirty-page-levelling.patch
msync-ms_sync-dont-hold-mmap_sem-while-syncing.patch
msync-fix-return-value.patch
fsync-extract-internal-code.patch
msync-use-do_fsync.patch
sys_setrlimit-cleanup.patch
rlimit_cpu-fix-handling-of-a-zero-limit.patch
rlimit_cpu-document-wrong-return-value.patch
fix-file-counting-fixes.patch
jbd-embed-j_commit_timer-in-journal-struct.patch
jbd-convert-kjournald-to-kthread-api.patch
hysdn-remove-custom-types.patch
remove-module_parm-fix.patch
sysrq-cleanup.patch
initcall-failure-reporting.patch
3c59x-use-mii_check_media-tidy.patch
permit-dual-mit-gpl-licenses.patch
2tb-files-add-blkcnt_t-fixes.patch
ext3-get-blocks-maping-multiple-blocks-at-a-once-vs-ext3_readdir-use-generic-readahead.patch
pass-b_size-to-get_block-speedup.patch
pass-b_size-to-get_block-remove-unneeded-assignments.patch
map-multiple-blocks-for-mpage_readpages-tidy.patch
time-clocksource-infrastructure-remove-nsec_t.patch
time-generic-timekeeping-infrastructure-remove-nsec_t.patch
time-fix-cpu-frequency-detection.patch
kretprobe-instance-recycled-by-parent-process-tidy.patch
kretprobe-instance-recycled-by-parent-process-fix.patch
edac-switch-to-kthread_-api-tidy.patch
cmpci-dont-use-generig_hweight32.patch
unify-pfn_to_page-sparc64-pfn_to_page-fix.patch
uninline-zone-helpers-fix.patch
uninline-zone-helpers-prefetch-fix.patch
lightweight-robust-futexes-arch-defaults-fix.patch
rtc-subsystem-class-fix.patch
rtc-subsystem-class-fix-2.patch
proc-dont-lock-task_structs-indefinitely-git-nfs-fix.patch
proc-use-sane-permission-checks-on-the-proc-pid-fd-fix.patch
reiser4-only.patch
reiser4-only-stop-using-__put_page.patch
reiser4-swsusp-build-fix.patch
reiser4-printk-warning-fix.patch
reiser4-mm-remove-pg_highmem-fix.patch
reiser4-big-update-bug-fix-for-readpage-fix.patch
reiser4-big-update-rename-print_address.patch
reiser4-page-private-fixes.patch
reiser4-big-update-div64-fix.patch
reiser4-remove-c99isms.patch
reiser4_releasepage-gfp_t-fixes.patch
reiser4-big-update-update_atime-fixes.patch
ide_generic_all_on-warning-fix.patch
fbdev-framebuffer-driver-for-geode-gx-warning-fix.patch
dm-remove-sector_format.patch
ia64-const-f_ops-fix.patch
kgdb-ga-remove-stuff.patch
kgdb-remove-NO_CPUS.patch
kgdb-remove-KGDB_TS.patch
kgdb-remove-STACK_OVERFLOW_TEST.patch
kgdb-remove-TRAP_BAD_SYSCALL_EXITS.patch
kgdb-always-KGDB_CONSOLE.patch
kgdb-remove-CONFIG_KGDB_USER_CONSOLE.patch
kgdb-serial-cleanup.patch
kgdb-serial-cleanup-2.patch
kgdb-serial-cleanup-3.patch
kgdb-nmi-cleanup.patch
kgdb-cleanup-version.patch
kgdb-cleanup-includes.patch
kgdb-remove-KGDB_SYSRQ.patch
kgdb-rename-breakpoint.patch
kgdb-convert-for-cpu-helpers.patch
kgdb-select-debug_info.patch
nr_blockdev_pages-in_interrupt-warning.patch
device-suspend-debug.patch
revert-tty-buffering-comment-out-debug-code.patch
19 years, 1 month
+ git-audit-master-build-fix.patch added to -mm tree
by akpm@osdl.org
The patch titled
git-audit-master build fix
has been added to the -mm tree. Its filename is
git-audit-master-build-fix.patch
See http://www.zip.com.au/~akpm/linux/patches/stuff/added-to-mm.txt to find
out what to do about this
From: Andrew Morton <akpm(a)osdl.org>
CONFIG_AUDIT=y, CONFIG_AUDITSYSCALL=n:
kernel/auditfilter.c: In function `audit_add_rule':
kernel/auditfilter.c:329: error: invalid lvalue in increment
kernel/auditfilter.c: In function `audit_del_rule':
kernel/auditfilter.c:348: error: invalid lvalue in increment
kernel/auditfilter.c:350: error: invalid lvalue in decrement
possibly-hacky-fix:
Cc: <linux-audit(a)redhat.com>
Cc: Al Viro <viro(a)ftp.linux.org.uk>
Signed-off-by: Andrew Morton <akpm(a)osdl.org>
---
include/linux/audit.h | 5 +++--
kernel/audit.c | 3 +++
kernel/auditsc.c | 3 ---
auditfilter.c | 0
4 files changed, 6 insertions(+), 5 deletions(-)
diff -puN include/linux/audit.h~git-audit-master-build-fix include/linux/audit.h
--- 25-alpha/include/linux/audit.h~git-audit-master-build-fix 2006-03-03 02:26:45.000000000 -0800
+++ 25-alpha-akpm/include/linux/audit.h 2006-03-03 02:27:11.000000000 -0800
@@ -283,6 +283,9 @@ struct netlink_skb_parms;
#define AUDITSC_SUCCESS 1
#define AUDITSC_FAILURE 2
#define AUDITSC_RESULT(x) ( ((long)(x))<0?AUDITSC_FAILURE:AUDITSC_SUCCESS )
+
+extern int audit_n_rules;
+
#ifdef CONFIG_AUDITSYSCALL
/* These are defined in auditsc.c */
/* Public API */
@@ -321,7 +324,6 @@ extern int audit_sockaddr(int len, void
extern int audit_avc_path(struct dentry *dentry, struct vfsmount *mnt);
extern void audit_signal_info(int sig, struct task_struct *t);
extern int audit_set_macxattr(const char *name);
-extern int audit_n_rules;
static inline int audit_invoke_entry(void)
{
if (likely(!current->audit_context))
@@ -354,7 +356,6 @@ static inline int audit_invoke_exit(void
#define audit_avc_path(dentry, mnt) ({ 0; })
#define audit_signal_info(s,t) do { ; } while (0)
#define audit_set_macxattr(n) do { ; } while (0)
-#define audit_n_rules 0
#define audit_invoke_entry() ({ 0; })
#define audit_invoke_exit() ({ 0; })
#endif
diff -puN kernel/auditfilter.c~git-audit-master-build-fix kernel/auditfilter.c
diff -puN kernel/auditsc.c~git-audit-master-build-fix kernel/auditsc.c
--- 25-alpha/kernel/auditsc.c~git-audit-master-build-fix 2006-03-03 02:28:02.000000000 -0800
+++ 25-alpha-akpm/kernel/auditsc.c 2006-03-03 02:28:24.000000000 -0800
@@ -75,9 +75,6 @@ extern int audit_enabled;
* path_lookup. */
#define AUDIT_NAMES_RESERVED 7
-/* number of audit rules */
-int audit_n_rules;
-
/* When fs/namei.c:getname() is called, we store the pointer in name and
* we don't let putname() free it (instead we free all of the saved
* pointers at syscall exit time).
diff -puN kernel/audit.c~git-audit-master-build-fix kernel/audit.c
--- 25-alpha/kernel/audit.c~git-audit-master-build-fix 2006-03-03 02:28:09.000000000 -0800
+++ 25-alpha-akpm/kernel/audit.c 2006-03-03 02:28:32.000000000 -0800
@@ -56,6 +56,9 @@
#include <linux/skbuff.h>
#include <linux/netlink.h>
+/* number of audit rules */
+int audit_n_rules;
+
/* No auditing will take place until audit_initialized != 0.
* (Initialization happens after skb_init is called.) */
static int audit_initialized;
_
Patches currently in -mm which might be from akpm(a)osdl.org are
linus.patch
i386-port-ati-timer-fix-from-x86_64-to-i386-ii-fixes.patch
fix-ide-locking-error-tidy.patch
multiple-exports-of-strpbrk.patch
git-acpi-up-fix.patch
git-acpi-up-fix-2.patch
git-alsa.patch
git-audit-master.patch
git-audit-fixes.patch
revert-gregkh-driver-put_device-might_sleep.patch
revert-gregkh-driver-fix-up-the-sysfs-pollable-patch.patch
revert-gregkh-driver-allow-sysfs-attribute-files-to-be-pollable.patch
sysfs_h-cleanup.patch
get_cpu_sysdev-signedness-fix.patch
topologyc-tweaks.patch
cpuc-section-fixes.patch
git-dvb.patch
git-infiniband-build-fix.patch
git-input.patch
input-pcspkr-device-and-driver-separation-fix.patch
input-pcspkr-device-and-driver-separation-fix-2.patch
input-pcspkr-device-and-driver-separation-fix-3.patch
git-kbuild.patch
git-libata-all.patch
m25p80-printk-warning-fix.patch
git-netdev-all.patch
ipw2200-warning-fix.patch
drivers-net-ns83820c-add-paramter-to-disable-auto-tidy.patch
3c509-bus-registration-fix.patch
3c509-use-proper-suspend-resume-api-fix.patch
pm-suspend-eisa-and-mca-devices-fix.patch
git-net-vs-remove-module_parm.patch
net-allow-32-bit-socket-ioctl-in-64-bit-kernel-tidy.patch
net-socket-timestamp-32-bit-handler-for-64-bit-kernel-tidy.patch
net-socket-timestamp-32-bit-handler-for-64-bit-kernel-fix.patch
x25-ioctl-conversion-32-bit-user-to-64-bit-kernel-tidy.patch
x25-ioctl-conversion-32-bit-user-to-64-bit-kernel-tidy-fix.patch
x25-allow-itu-t-dte-facilities-for-x25-tidy.patch
nfs-apply-mount-root-dentry-override-to-filesystems-v9fs-fix.patch
nfs-unify-nfs-superblocks-per-protocol-per-server-fix.patch
revert-gregkh-pci-x86-pci-domain-support-the-meat.patch
git-pcmcia.patch
git-scsi-misc.patch
megaraid-unused-variable.patch
git-sas-jg.patch
git-sparc64.patch
gregkh-usb-usb-optimise-devio.c-usbdev_read-fix.patch
gregkh-usb-usbfs2-vs-nfs-apply-mount-root-dentry-override-to-filesystems.patch
git-watchdog.patch
x86_64-mm-dmi-year-fix.patch
revert-x86_64-mm-dmi-early.patch
x86_64-mm-c3-timer-check-amd-fix.patch
git-xfs.patch
drivers-block-floppyc-dont-free_irq-from-irq-context-fix.patch
slab-cleanup.patch
slab-remove-slab_no_reap-option-fix.patch
on_each_cpu-disable-local-interupts.patch
slab-use-on_each_cpu.patch
vmscan-scan_control-cleanup.patch
vmscan-use-unsigned-longs.patch
vmscan-return-nr_reclaimed.patch
vmscan-rename-functions.patch
mm-prep_zero_page-in-irq-is-a-bug.patch
hugepage-small-fixes-to-hugepage-clear-copy-path-tidy.patch
hugepage-serialize-hugepage-allocation-and-instantiation-tidy.patch
mm-implement-swap-prefetching-fix.patch
acx1xx-wireless-driver.patch
via-pmu-warning-fix.patch
x86-early-printk-remove-max_ypos-and-max_xpos-macros.patch
register-the-boot-cpu-in-the-cpu-maps-earlier-fix.patch
i386-actively-synchronize-vmalloc-area-when-registering-certain-callbacks-tidy.patch
fix-the-imlicit-declaration-of-mtrr_centaur_report_mcr-in-arch-i386-kernel-cpu-centaurc-fix.patch
revert-swsusp-fix-breakage-with-swap-on-lvm.patch
pm-print-name-of-failed-suspend-function.patch
swsusp-resume-parsing-fix.patch
ext3_readdir-use-generic-readahead.patch
sem2mutex-blockdev-2-git-blktrace-fix.patch
pause_on_oops-command-line-option.patch
more-for_each_cpu-conversions.patch
free_uid-locking-improvement.patch
percpu_counter_sum.patch
filemap_fdata_write-api-fix-end-parameter.patch
fadvise-async-write-commands.patch
balance_dirty_pages_ratelimited-take-nr_pages-arg.patch
set_page_dirty-return-value-fixes.patch
msync-perform-dirty-page-levelling.patch
msync-ms_sync-dont-hold-mmap_sem-while-syncing.patch
msync-fix-return-value.patch
fsync-extract-internal-code.patch
msync-use-do_fsync.patch
sys_setrlimit-cleanup.patch
rlimit_cpu-fix-handling-of-a-zero-limit.patch
rlimit_cpu-document-wrong-return-value.patch
fix-file-counting-fixes.patch
jbd-embed-j_commit_timer-in-journal-struct.patch
jbd-convert-kjournald-to-kthread-api.patch
hysdn-remove-custom-types.patch
remove-module_parm-fix.patch
sysrq-cleanup.patch
initcall-failure-reporting.patch
3c59x-use-mii_check_media-tidy.patch
permit-dual-mit-gpl-licenses.patch
2tb-files-add-blkcnt_t-fixes.patch
ext3-get-blocks-maping-multiple-blocks-at-a-once-vs-ext3_readdir-use-generic-readahead.patch
pass-b_size-to-get_block-speedup.patch
pass-b_size-to-get_block-remove-unneeded-assignments.patch
map-multiple-blocks-for-mpage_readpages-tidy.patch
time-clocksource-infrastructure-remove-nsec_t.patch
time-generic-timekeeping-infrastructure-remove-nsec_t.patch
time-fix-cpu-frequency-detection.patch
kretprobe-instance-recycled-by-parent-process-tidy.patch
kretprobe-instance-recycled-by-parent-process-fix.patch
edac-switch-to-kthread_-api-tidy.patch
cmpci-dont-use-generig_hweight32.patch
unify-pfn_to_page-sparc64-pfn_to_page-fix.patch
uninline-zone-helpers-fix.patch
uninline-zone-helpers-prefetch-fix.patch
lightweight-robust-futexes-arch-defaults-fix.patch
rtc-subsystem-class-fix.patch
rtc-subsystem-class-fix-2.patch
proc-dont-lock-task_structs-indefinitely-git-nfs-fix.patch
proc-use-sane-permission-checks-on-the-proc-pid-fd-fix.patch
reiser4-only.patch
reiser4-only-stop-using-__put_page.patch
reiser4-swsusp-build-fix.patch
reiser4-printk-warning-fix.patch
reiser4-mm-remove-pg_highmem-fix.patch
reiser4-big-update-bug-fix-for-readpage-fix.patch
reiser4-big-update-rename-print_address.patch
reiser4-page-private-fixes.patch
reiser4-big-update-div64-fix.patch
reiser4-remove-c99isms.patch
reiser4_releasepage-gfp_t-fixes.patch
reiser4-big-update-update_atime-fixes.patch
reiser4-vs-nfs-apply-mount-root-dentry-override-to-filesystems.patch
ide_generic_all_on-warning-fix.patch
fbdev-framebuffer-driver-for-geode-gx-warning-fix.patch
dm-remove-sector_format.patch
ia64-const-f_ops-fix.patch
kgdb-ga-remove-stuff.patch
kgdb-remove-NO_CPUS.patch
kgdb-remove-KGDB_TS.patch
kgdb-remove-STACK_OVERFLOW_TEST.patch
kgdb-remove-TRAP_BAD_SYSCALL_EXITS.patch
kgdb-always-KGDB_CONSOLE.patch
kgdb-remove-CONFIG_KGDB_USER_CONSOLE.patch
kgdb-serial-cleanup.patch
kgdb-serial-cleanup-2.patch
kgdb-serial-cleanup-3.patch
kgdb-nmi-cleanup.patch
kgdb-cleanup-version.patch
kgdb-cleanup-includes.patch
kgdb-remove-KGDB_SYSRQ.patch
kgdb-rename-breakpoint.patch
kgdb-convert-for-cpu-helpers.patch
kgdb-select-debug_info.patch
nr_blockdev_pages-in_interrupt-warning.patch
device-suspend-debug.patch
revert-tty-buffering-comment-out-debug-code.patch
git-audit-master-build-fix.patch
19 years, 1 month
No audit records on FC5-t3 when arch is specified
by Loulwa Salem
Hi,
I just fresh installed a FC5-t3 (2.6.15-1.1955_FC5) on a ppc64 system
and noticed the following behavior with auditctl:
Inserting an audit rule in following manner works (ie. there is record
for rule addition, and it generates a record when the syscall is executed)
auditctl -a action,list -S syscall
However, the following does not work (ie. there is a record that a rule
was added in log, but no record is generated when syscall is executed)
auditctl -a action,list -F arch=b32 -S syscall or
auditctl -a action,list -F arch=b64 -S syscall
The version of auditctl on the system is audit-1.1.4-5.1
Michael tried this on an i386 FC5-t3 and he sees the same problem. But
on an i386 with latest lspp.10 kernel everything works fine.
Has anyone experienced this problem?
- Loulwa
19 years, 1 month
[PATCH] fix audit_init failure path
by Amy Griffis
This bug was pointed out by Peter Staubach in a recent patch review:
Make audit_init() failure path handle situations where audit_panic()
action is not AUDIT_FAIL_PANIC. Other uses of audit_sock are not
reached unless audit_receive() is properly registered with netlink.
Signed-off-by: Amy Griffis <amy.griffis(a)hp.com>
diff --git a/kernel/audit.c b/kernel/audit.c
index 4eb97b6..c32b864 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -558,8 +558,9 @@ static int __init audit_init(void)
THIS_MODULE);
if (!audit_sock)
audit_panic("cannot initialize netlink socket");
+ else
+ audit_sock->sk_sndtimeo = MAX_SCHEDULE_TIMEOUT;
- audit_sock->sk_sndtimeo = MAX_SCHEDULE_TIMEOUT;
skb_queue_head_init(&audit_skb_queue);
audit_initialized = 1;
audit_enabled = audit_default;
19 years, 1 month
