Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932418AbcLNS2X (ORCPT ); Wed, 14 Dec 2016 13:28:23 -0500 Received: from mail-qk0-f175.google.com ([209.85.220.175]:32996 "EHLO mail-qk0-f175.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753542AbcLNS2G (ORCPT ); Wed, 14 Dec 2016 13:28:06 -0500 From: Paul Moore To: Linus Torvalds Cc: linux-audit@redhat.com, linux-kernel@vger.kernel.org Subject: [GIT PULL] Audit patches for v4.10 Date: Wed, 14 Dec 2016 13:27:45 -0500 Message-ID: <1522672.4tJvQfugPF@sifl> Organization: Red Hat Inc User-Agent: KMail/5.3.3 (Linux/4.8.13-1-ARCH; KDE/5.28.0; x86_64; ; ) MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2994 Lines: 77 Hi Linus, After the small number of patches for v4.9, we've got a much bigger pile for v4.10. The bulk of these patches involve a rework of the audit backlog queue to enable us to move the netlink multicasting out of the task/thread that generates the audit record and into the kernel thread that emits the record (just like we do for the audit unicast to auditd). While we were playing with the backlog queue(s) we fixed a number of other little problems with the code, and from all the testing so far things look to be in much better shape now. Doing this also allowed us to re-enable disabling IRQs for some netns operations ("netns: avoid disabling irq for netns id"). The remaining patches fix some small problems that are well documented in the commit descriptions, as well as adding session ID filtering support. You will likely hit two merge conflicts, one in net/core/net_namespace.c and one in include/uapi/linux/audit.h, both are easily resolved so I won't bother you with that here. If you have questions, you know how to find me. Thanks, -Paul --- The following changes since commit c8d2bc9bc39ebea8437fd974fdbc21847bb897a3: Linux 4.8 (2016-10-02 16:24:33 -0700) are available in the git repository at: git://git.infradead.org/users/pcmoore/audit stable-4.10 for you to fetch changes up to 533c7b69c764ad5febb3e716899f43a75564fcab: audit: use proper refcount locking on audit_sock (2016-12-14 13:06:04 -0500) ---------------------------------------------------------------- Alexey Dobriyan (1): audit: less stack usage for /proc/*/loginuid Paul Moore (9): audit: fixup audit_init() audit: queue netlink multicast sends just like we do for unicast sends audit: rename the queues and kauditd related functions audit: rework the audit queue handling audit: rework audit_log_start() audit: wake up kauditd_thread after auditd registers audit: handle a clean auditd shutdown with grace audit: don't ever sleep on a command record/message netns: avoid disabling irq for netns id Richard Guy Briggs (5): audit: tame initialization warning len_abuf in audit_log_execve_info audit: skip sessionid sentinel value when auto-incrementing audit: add support for session ID user filter audit: move kaudit thread start from auditd registration to kaudit init (#2) audit: use proper refcount locking on audit_sock Steve Grubb (1): audit: fix formatting of AUDIT_CONFIG_CHANGE events fs/proc/base.c | 2 +- include/uapi/linux/audit.h | 5 +- kernel/audit.c | 532 ++++++++++++++++++++++++--------------- kernel/audit_fsnotify.c | 5 +- kernel/audit_tree.c | 3 +- kernel/audit_watch.c | 5 +- kernel/auditfilter.c | 5 +- kernel/auditsc.c | 12 +- net/core/net_namespace.c | 35 ++- 9 files changed, 361 insertions(+), 243 deletions(-) -- paul moore security @ redhat