Hi Linus, In the finest of holiday of traditions, I have a number of gifts to share today. While most of them are re-gifts from others, unlike the typical re-gift, these are things you will want in and around your tree; I promise.
This pull request is perhaps a bit larger than our typical PR, but most of it comes from Jan's rework of audit's fanotify code; a very welcome improvement. We ran this through our normal regression tests, as well as some newly created stress tests and everything looks good. Richard added a few patches, mostly cleaning up a few things and and shortening some of the audit records that we send to userspace; a change the userspace folks are quite happy about. Finally YueHaibing and I kick in a few patches to simplify things a bit and make the code less prone to errors. Lastly, I want to say thanks one more time to everyone who has contributed patches, testing, and code reviews for the audit subsystem over the past year. The project is what it is due to your help and contributions - thank you. Thanks, -Paul -- The following changes since commit 651022382c7f8da46cb4872a545ee1da6d097d2a: Linux 4.20-rc1 (2018-11-04 15:37:52 -0800) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git tags/audit-pr-20181224 for you to fetch changes up to d406db524c32ca35bd85cada28a547fff3115715: audit: remove duplicated include from audit.c (2018-12-14 12:09:30 -0500) ---------------------------------------------------------------- audit/stable-4.21 PR 20181224 ---------------------------------------------------------------- Jan Kara (14): audit_tree: Remove mark->lock locking audit: Fix possible spurious -ENOSPC error audit: Fix possible tagging failures audit: Embed key into chunk audit: Make hash table insertion safe against concurrent lookups audit: Factor out chunk replacement code audit: Remove pointless check in insert_hash() audit: Provide helper for dropping mark's chunk reference audit: Allocate fsnotify mark independently of chunk audit: Guarantee forward progress of chunk untagging audit: Drop all unused chunk nodes during deletion audit: Simplify locking around untag_chunk() audit: Replace chunk attached to mark instead of replacing mark audit: Use 'mark' name for fsnotify_mark variables Paul Moore (2): audit: minimize our use of audit_log_format() audit: use current whenever possible Richard Guy Briggs (5): audit: print empty EXECVE args audit: localize audit_log_session_info prototype audit: use session_info helper audit: remove WATCH and TREE config options audit: shorten PATH cap values when zero YueHaibing (1): audit: remove duplicated include from audit.c drivers/tty/tty_audit.c | 13 +- include/linux/audit.h | 8 +- init/Kconfig | 9 - kernel/Makefile | 4 +- kernel/audit.c | 62 ++--- kernel/audit.h | 10 +- kernel/audit_fsnotify.c | 6 +- kernel/audit_tree.c | 498 ++++++++++++++++++++---------------- kernel/audit_watch.c | 6 +- kernel/auditsc.c | 150 ++++++------ security/integrity/ima/ima_api.c | 2 +- 11 files changed, 395 insertions(+), 373 deletions(-) -- paul moore www.paul-moore.com