Hi Linus, Twelve audit patches for v4.19 and they run the full gamut from fixes to features. Notable changes include the ability to use the "exe" audit filter field in a wider variety of filter types, a fix for our comparison of GID/EGID in audit filter rules, better association of related audit records (connecting related audit records together into one audit event), and a fix for a potential use-after-free in audit_add_watch(). All the patches pass the audit-testsuite and merge cleanly on your current master branch. Please pull, thanks. -Paul -- The following changes since commit ce397d215ccd07b8ae3f71db689aedb85d56ab40: Linux 4.18-rc1 (2018-06-17 08:04:49 +0900) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git tags/audit-pr-20180814 for you to fetch changes up to baa2a4fdd525c8c4b0f704d20457195b29437839: audit: fix use-after-free in audit_add_watch (2018-07-18 11:43:36 -0400) ---------------------------------------------------------------- audit/stable-4.18 PR 20180814 ---------------------------------------------------------------- Arnd Bergmann (1): audit: use ktime_get_coarse_ts64() for time access Ondrej Mosnáček (3): audit: allow other filter list types for AUDIT_EXE audit: Fix extended comparison of GID/EGID cred: conditionally declare groups-related functions Paul Moore (1): audit: use ktime_get_coarse_real_ts64() for timestamps Richard Guy Briggs (6): audit: tie SECCOMP records to syscall audit: tie ANOM_ABEND records to syscall audit: rename FILTER_TYPE to FILTER_EXCLUDE audit: eliminate audit_enabled magic number comparison audit: check audit_enabled in audit_tree_log_remove_rule() audit: simplify audit_enabled check in audit_watch_log_rule_change() Ronny Chevalier (1): audit: fix use-after-free in audit_add_watch drivers/tty/tty_audit.c | 2 +- include/linux/audit.h | 5 ++++- include/linux/cred.h | 15 ++++++++++----- include/net/xfrm.h | 2 +- include/uapi/linux/audit.h | 3 ++- kernel/audit.c | 7 ++----- kernel/audit_tree.c | 2 ++ kernel/audit_watch.c | 41 ++++++++++++++++++++++++-------------- kernel/auditfilter.c | 17 ++++++++++------- kernel/auditsc.c | 14 +++++++------- net/netfilter/xt_AUDIT.c | 2 +- net/netlabel/netlabel_user.c | 2 +- 12 files changed, 67 insertions(+), 45 deletions(-) -- paul moore www.paul-moore.com