diff --git a/audit-3.0.9.tar.gz b/audit-3.0.9.tar.gz deleted file mode 100644 index 214d6ae6994e716baa96a003d2044b158d7b602e..0000000000000000000000000000000000000000 Binary files a/audit-3.0.9.tar.gz and /dev/null differ diff --git a/audit-3.1.1.tar.gz b/audit-3.1.1.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..565d79e5b2382a357955a35f86a974df24b7d758 Binary files /dev/null and b/audit-3.1.1.tar.gz differ diff --git a/audit-Add-sw64-architecture.patch b/audit-Add-sw64-architecture.patch index cb3260e841761a140570b56acd8844cc500fec2c..8e3f73fb4f56b31f13f629c0c532257a199fedec 100644 --- a/audit-Add-sw64-architecture.patch +++ b/audit-Add-sw64-architecture.patch @@ -62,14 +62,14 @@ diff --git a/lib/libaudit.h b/lib/libaudit.h index 3a8e8c8..16af222 100644 --- a/lib/libaudit.h +++ b/lib/libaudit.h -@@ -561,6 +561,7 @@ typedef enum { +@@ -594,6 +594,7 @@ typedef enum { MACH_S390X, MACH_S390, MACH_ALPHA, // Deprecated but has to stay + MACH_SW_64, // Deprecated but has to stay MACH_ARM, MACH_AARCH64, - MACH_PPC64LE + MACH_PPC64LE, diff --git a/src/libev/ev.c b/src/libev/ev.c index 5ff936c..72765b5 100644 --- a/src/libev/ev.c diff --git a/audit.spec b/audit.spec index 95b7c48c3cbac42804417bc3ad6fe138a2c2e0db..581ae2e64cc7faf5aaf9e08b850fda98581e567a 100644 --- a/audit.spec +++ b/audit.spec @@ -1,8 +1,8 @@ Summary: User space tools for kernel auditing Name: audit Epoch: 1 -Version: 3.0.9 -Release: 2 +Version: 3.1.1 +Release: 1 License: GPLv2+ and LGPLv2+ URL: https://people.redhat.com/sgrubb/audit/ Source0: https://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz @@ -14,7 +14,7 @@ Patch2: bugfix-audit-reload-coredump.patch Patch3: audit-Add-sw64-architecture.patch Patch4: backport-audit-flex-array-workaround.patch Patch5: backport-audit-undo-flex-array.patch -Patch6: backport-Try-to-interpret-OPENAT2-fields-correctly.patch +Patch6: backport-auditswig.i-avoid-setter-generation-for-audit_rule_d.patch BuildRequires: gcc swig libtool systemd kernel-headers >= 2.6.29 BuildRequires: openldap-devel krb5-devel libcap-ng-devel @@ -325,6 +325,7 @@ fi %config(noreplace) %attr(640,root,root) /etc/audit/plugins.d/syslog.conf %attr(750,root,root) /sbin/audisp-remote %attr(750,root,root) /sbin/audisp-syslog +%attr(750,root,root) /sbin/audisp-af_unix %attr(700,root,root) %dir %{_var}/spool/audit %files -n audispd-plugins-zos @@ -365,6 +366,9 @@ fi %attr(644,root,root) %{_mandir}/man8/*.8.gz %changelog +* Mon Jul 24 2023 zhengxiaoxiao - 1:3.1.1-1 +- update version to 3.1.1 + * Fri Mar 24 2023 dongyuzhen - 1:3.0.9-2 - backport patches from upstream diff --git a/backport-Try-to-interpret-OPENAT2-fields-correctly.patch b/backport-Try-to-interpret-OPENAT2-fields-correctly.patch deleted file mode 100644 index d9a412957a82efc4cfaa8b703bb4338fde7e125f..0000000000000000000000000000000000000000 --- a/backport-Try-to-interpret-OPENAT2-fields-correctly.patch +++ /dev/null @@ -1,75 +0,0 @@ -From 83214d7469274dbd60959e32f6c26dda016de048 Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Wed, 8 Feb 2023 13:45:32 -0500 -Subject: [PATCH] Try to interpret OPENAT2 fields correctly - -Conflict: delete ChangeLog -Reference:https://github.com/linux-audit/audit-userspace/commit/83214d7469274dbd60959e32f6c26dda016de048 ---- - auparse/interpret.c | 18 +++++++++--------- - 1 file changed, 9 insertions(+), 9 deletions(-) - -diff --git a/auparse/interpret.c b/auparse/interpret.c -index 373851f..4d2f0d4 100644 ---- a/auparse/interpret.c -+++ b/auparse/interpret.c -@@ -1490,15 +1490,15 @@ static const char *print_success(const char *val) - return strdup(val); - } - --static const char *print_open_flags(const char *val) -+static const char *print_open_flags(const char *val, int base) - { - size_t i; -- unsigned int flags; -+ unsigned long flags; - int cnt = 0; - char *out, buf[sizeof(open_flag_strings)+OPEN_FLAG_NUM_ENTRIES+1]; - - errno = 0; -- flags = strtoul(val, NULL, 16); -+ flags = strtoul(val, NULL, base); - if (errno) { - if (asprintf(&out, "conversion error(%s)", val) < 0) - out = NULL; -@@ -2504,10 +2504,10 @@ static const char *print_a1(const char *val, const idata *id) - else if (strcmp(sys, "mknod") == 0) - return print_mode(val, 16); - else if (strcmp(sys, "mq_open") == 0) -- return print_open_flags(val); -+ return print_open_flags(val, 16); - } - else if (strcmp(sys, "open") == 0) -- return print_open_flags(val); -+ return print_open_flags(val, 16); - else if (strcmp(sys, "access") == 0) - return print_access(val); - else if (strcmp(sys, "epoll_ctl") == 0) -@@ -2581,11 +2581,11 @@ static const char *print_a2(const char *val, const idata *id) - goto normal; - } else if (*sys == 'o') { - if (strcmp(sys, "openat") == 0) -- return print_open_flags(val); -+ return print_open_flags(val, 16); - if ((strcmp(sys, "open") == 0) && (id->a1 & O_CREAT)) - return print_mode_short(val, 16); - if (strcmp(sys, "open_by_handle_at") == 0) -- return print_open_flags(val); -+ return print_open_flags(val, 16); - } else if (*sys == 'f') { - if (strcmp(sys, "fchmodat") == 0) - return print_mode_short(val, 16); -@@ -3256,8 +3256,8 @@ unknown: - case AUPARSE_TYPE_SECCOMP: - out = print_seccomp_code(id->val); - break; -- case AUPARSE_TYPE_OFLAG: -- out = print_open_flags(id->val); -+ case AUPARSE_TYPE_OFLAG: // AUDIT_OPENAT2,MQ_OPEN -+ out = print_open_flags(id->val, 0); - break; - case AUPARSE_TYPE_MMAP: - out = print_mmap(id->val); --- -2.33.0 - diff --git a/backport-audit-flex-array-workaround.patch b/backport-audit-flex-array-workaround.patch index d5228f111cd42de578d7b5f120e818ef81418b37..471fd08b783424bcec3903febe67eec22bf413a0 100644 --- a/backport-audit-flex-array-workaround.patch +++ b/backport-audit-flex-array-workaround.patch @@ -5,9 +5,8 @@ Subject: workaround a kernel change that breaks the build --- bindings/swig/src.auditswig.i | 2 +- - lib/audit.h | 2 +- lib/libaudit.h | 2 +- - 3 files changed, 3 insertions(+)m 3 deletions(-) + 2 files changed, 2 insertions(+)m 2 deletions(-) diff --git a/bindings/swig/src/auditswig.i b/bindings/swig/src/auditswig.i --- a/bindings/swig/src/auditswig.i @@ -21,18 +20,6 @@ diff --git a/bindings/swig/src/auditswig.i b/bindings/swig/src/auditswig.i #define __extension__ /*nothing*/ %include %include "../lib/libaudit.h" -diff --git a/lib/audit.h b/lib/audit.h ---- a/lib/audit.h -+++ b/lib/audit.h -@@ -514,7 +514,7 @@ struct audit_rule_data { - __u32 values[AUDIT_MAX_FIELDS]; - __u32 fieldflags[AUDIT_MAX_FIELDS]; - __u32 buflen; /* total length of string fields */ -- char buf[]; /* string fields buffer */ -+ char buf[0]; /* string fields buffer */ - }; - - #endif /* _LINUX_AUDIT_H_ */ diff --git a/lib/libaudit.h b/lib/libaudit.h --- a/lib/libaudit.h +++ b/lib/libaudit.h diff --git a/backport-auditswig.i-avoid-setter-generation-for-audit_rule_d.patch b/backport-auditswig.i-avoid-setter-generation-for-audit_rule_d.patch new file mode 100644 index 0000000000000000000000000000000000000000..76452d30be20998c79cd2b58370a212450372aa1 --- /dev/null +++ b/backport-auditswig.i-avoid-setter-generation-for-audit_rule_d.patch @@ -0,0 +1,39 @@ +From 1ca7e2b07bdc962695611ee1d0852f549d5ca21c Mon Sep 17 00:00:00 2001 +From: Sergei Trofimovich +Date: Wed, 23 Mar 2022 07:27:05 +0000 +Subject: [PATCH 10/12] auditswig.i: avoid setter generation for + audit_rule_data::buf + +As it's a flexible array generated code was never safe to use. +With kernel's https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ed98ea2128b6fd83bce13716edf8f5fe6c47f574 +change it's a build failure now: + + audit> audit_wrap.c:5010:15: error: invalid use of flexible array member + audit> 5010 | arg1->buf = (char [])(char *)memcpy(malloc((size)*sizeof(char)), (const char *)(arg2), sizeof(char)*(size)); + audit> | ^ + +Let's avoid setter generation entirely. + +Closes: https://github.com/linux-audit/audit-userspace/issues/252 +--- + bindings/swig/src/auditswig.i | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/bindings/swig/src/auditswig.i b/bindings/swig/src/auditswig.i +index 21aafca..9a2c566 100644 +--- a/bindings/swig/src/auditswig.i ++++ b/bindings/swig/src/auditswig.i +@@ -39,6 +39,10 @@ signed + #define __attribute(X) /*nothing*/ + typedef unsigned __u32; + typedef unsigned uid_t; ++/* Sidestep SWIG's limitation of handling c99 Flexible arrays by not: ++ * generating setters against them: https://github.com/swig/swig/issues/1699 ++ */ ++%ignore audit_rule_data::buf; + %include "../lib/audit.h" + #define __extension__ /*nothing*/ + %include +-- +2.33.0 +