Re: [PATCH v5] audit: log nftables configuration change events once per table
On Fri, Mar 26, 2021 at 01:38:59PM -0400, Richard Guy Briggs wrote:
Reduce logging of nftables events to a level similar to iptables.
Restore the table field to list the table, adding the generation.
Indicate the op as the most significant operation in the event.
There's a UAF, Florian reported. I'm attaching an incremental fix.
nf_tables_commit_audit_collect() refers to the trans object which
might have been already released.
Attachments:
- fix-uaf.patch (text/x-diff — 1.1 KB)