On Tue, Jul 28, 2020 at 5:09 PM Paul Moore <p...@paul-moore.com> wrote:
>
> Unfortunately the commit listed in the subject line above failed
> to ensure that the task's audit_context was properly initialized/set
> before enabling the "accompanying records". Depending on the
> sitation, the resulting audit_context could have invalid values in
> some of it's fields which could cause a kernel panic/oops when the
> task/syscall exists and the audit records are generated.
>
> We will revisit the original patch, with the necessary fixes, in a
> future kernel but right now we just want to fix the kernel panic
> with the least amount of added risk.
>
> Cc: sta...@vger.kernel.org
> Fixes: 1320a4052ea1 ("audit: trigger accompanying records when no rules
> present")
> Reported-by: j24...@googlemail.com
> Signed-off-by: Paul Moore <p...@paul-moore.com>
> ---
> kernel/audit.c | 1 -
> kernel/audit.h | 8 --------
> kernel/auditsc.c | 3 +++
> 3 files changed, 3 insertions(+), 9 deletions(-)
William pointed out a misspelling in the patch description above,
which I just fixed. Unfortunately I had already pushed the patch to
audit/stable-5.8 so I did a force-push to correct the spelling;
normally I wouldn't do something like that for such a trivial matter,
but since it is unlikely anyone is based of the audit/stable-5.8
branch this seemed like an okay time to do that.
I'll be sending a PR to Linus shortly.
--
paul moore
www.paul-moore.com
--
Linux-audit mailing list
Linux-audit@redhat.com
https://www.redhat.com/mailman/listinfo/linux-audit
