Bug fixes pulled from upstrean
This commit is contained in:
parent
894f78aa4a
commit
1f866afd4b
285
audit-3.9-1-aureport.patch
Normal file
285
audit-3.9-1-aureport.patch
Normal file
@ -0,0 +1,285 @@
|
||||
commit 5ccc65eba1807c12e603c4bdf6590d91cc52499a
|
||||
Author: Steve Grubb <sgrubb@redhat.com>
|
||||
Date: Sat Sep 2 09:58:46 2023 -0400
|
||||
|
||||
Speed up aureport --summary reports
|
||||
|
||||
diff --git a/src/ausearch-string.c b/src/ausearch-string.c
|
||||
index 8dbec53..484c232 100644
|
||||
--- a/src/ausearch-string.c
|
||||
+++ b/src/ausearch-string.c
|
||||
@@ -1,27 +1,28 @@
|
||||
/*
|
||||
-* ausearch-string.c - Minimal linked list library for strings
|
||||
-* Copyright (c) 2005,2008,2014 Red Hat Inc., Durham, North Carolina.
|
||||
-* All Rights Reserved.
|
||||
-*
|
||||
-* This software may be freely redistributed and/or modified under the
|
||||
-* terms of the GNU General Public License as published by the Free
|
||||
-* Software Foundation; either version 2, or (at your option) any
|
||||
-* later version.
|
||||
-*
|
||||
-* This program is distributed in the hope that it will be useful,
|
||||
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
-* GNU General Public License for more details.
|
||||
-*
|
||||
-* You should have received a copy of the GNU General Public License
|
||||
-* along with this program; see the file COPYING. If not, write to the
|
||||
-* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor
|
||||
-* Boston, MA 02110-1335, USA.
|
||||
-*
|
||||
-* Authors:
|
||||
-* Steve Grubb <sgrubb@redhat.com>
|
||||
-*/
|
||||
-
|
||||
+ * ausearch-string.c - Minimal linked list library for strings
|
||||
+ * Copyright (c) 2005,2008,2014,2023 Red Hat Inc.
|
||||
+ * All Rights Reserved.
|
||||
+ *
|
||||
+ * This software may be freely redistributed and/or modified under the
|
||||
+ * terms of the GNU General Public License as published by the Free
|
||||
+ * Software Foundation; either version 2, or (at your option) any
|
||||
+ * later version.
|
||||
+ *
|
||||
+ * This program is distributed in the hope that it will be useful,
|
||||
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
+ * GNU General Public License for more details.
|
||||
+ *
|
||||
+ * You should have received a copy of the GNU General Public License
|
||||
+ * along with this program; see the file COPYING. If not, write to the
|
||||
+ * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor
|
||||
+ * Boston, MA 02110-1335, USA.
|
||||
+ *
|
||||
+ * Authors:
|
||||
+ * Steve Grubb <sgrubb@redhat.com>
|
||||
+ */
|
||||
+
|
||||
+#pragma GCC optimize("O3,inline")
|
||||
#include "ausearch-string.h"
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
@@ -31,28 +32,10 @@ void slist_create(slist *l)
|
||||
{
|
||||
l->head = NULL;
|
||||
l->cur = NULL;
|
||||
+ l->last = NULL;
|
||||
l->cnt = 0;
|
||||
}
|
||||
|
||||
-void slist_last(slist *l)
|
||||
-{
|
||||
- register snode* cur;
|
||||
-
|
||||
- if (l->head == NULL)
|
||||
- return;
|
||||
-
|
||||
- // Try using cur so that we don't have to start at beginnning
|
||||
- if (l->cur)
|
||||
- cur = l->cur;
|
||||
- else
|
||||
- cur = l->head;
|
||||
-
|
||||
- // Loop until no next value
|
||||
- while (cur->next)
|
||||
- cur = cur->next;
|
||||
- l->cur = cur;
|
||||
-}
|
||||
-
|
||||
snode *slist_next(slist *l)
|
||||
{
|
||||
if (l->cur == NULL)
|
||||
@@ -80,14 +63,14 @@ void slist_append(slist *l, snode *node)
|
||||
newnode->hits = node->hits;
|
||||
newnode->next = NULL;
|
||||
|
||||
- // Make sure cursor is at the end
|
||||
- slist_last(l);
|
||||
-
|
||||
- // if we are at top, fix this up
|
||||
- if (l->head == NULL)
|
||||
+ // if the top is empty, add it there
|
||||
+ if (l->head == NULL) {
|
||||
l->head = newnode;
|
||||
- else // Otherwise add pointer to newnode
|
||||
- l->cur->next = newnode;
|
||||
+ l->last = newnode;
|
||||
+ } else { // Otherwise put at the end
|
||||
+ l->last->next = newnode;
|
||||
+ l->last = newnode;
|
||||
+ }
|
||||
|
||||
// make newnode current
|
||||
l->cur = newnode;
|
||||
@@ -109,25 +92,25 @@ void slist_clear(slist* l)
|
||||
}
|
||||
l->head = NULL;
|
||||
l->cur = NULL;
|
||||
+ l->last = NULL;
|
||||
l->cnt = 0;
|
||||
}
|
||||
|
||||
-/* This function dominates the timing of aureport. Needs to be more efficient */
|
||||
int slist_add_if_uniq(slist *l, const char *str)
|
||||
{
|
||||
snode sn;
|
||||
- register snode *cur;
|
||||
+ register snode *cur;
|
||||
|
||||
if (str == NULL)
|
||||
return -1;
|
||||
|
||||
- cur = l->head;
|
||||
+ cur = l->head;
|
||||
while (cur) {
|
||||
if (strcmp(str, cur->str) == 0) {
|
||||
cur->hits++;
|
||||
l->cur = cur;
|
||||
return 0;
|
||||
- } else
|
||||
+ } else
|
||||
cur = cur->next;
|
||||
}
|
||||
|
||||
@@ -140,7 +123,7 @@ int slist_add_if_uniq(slist *l, const char *str)
|
||||
}
|
||||
|
||||
// If lprev would be NULL, use l->head
|
||||
-static void swap_nodes(snode *lprev, snode *left, snode *right)
|
||||
+static inline void swap_nodes(snode *lprev, snode *left, snode *right)
|
||||
{
|
||||
snode *t = right->next;
|
||||
if (lprev)
|
||||
@@ -150,17 +133,13 @@ static void swap_nodes(snode *lprev, snode *left, snode *right)
|
||||
}
|
||||
|
||||
// This will sort the list from most hits to least
|
||||
-void slist_sort_by_hits(slist *l)
|
||||
+static void old_sort_by_hits(slist *l)
|
||||
{
|
||||
register snode* cur, *prev;
|
||||
-
|
||||
- if (l->cnt <= 1)
|
||||
- return;
|
||||
-
|
||||
prev = cur = l->head;
|
||||
|
||||
while (cur && cur->next) {
|
||||
- /* If the next node is bigger */
|
||||
+ // If the next node is bigger
|
||||
if (cur->hits < cur->next->hits) {
|
||||
if (cur == l->head) {
|
||||
// Update the actual list head
|
||||
@@ -180,3 +159,82 @@ void slist_sort_by_hits(slist *l)
|
||||
l->cur = l->head;
|
||||
}
|
||||
|
||||
+// Merge two sorted lists
|
||||
+static snode* slist_merge_sorted_lists(snode *a, snode *b)
|
||||
+{
|
||||
+ snode dummy;
|
||||
+ snode *tail = &dummy;
|
||||
+ dummy.next = NULL;
|
||||
+
|
||||
+ while (a && b) {
|
||||
+ if (a->hits >= b->hits) {
|
||||
+ tail->next = a;
|
||||
+ a = a->next;
|
||||
+ } else {
|
||||
+ tail->next = b;
|
||||
+ b = b->next;
|
||||
+ }
|
||||
+ tail = tail->next;
|
||||
+ }
|
||||
+ tail->next = a ? a : b;
|
||||
+ return dummy.next;
|
||||
+}
|
||||
+
|
||||
+// Split the list into two halves
|
||||
+static void slist_split_list(snode *head, snode **front, snode **back)
|
||||
+{
|
||||
+ snode *fast, *slow;
|
||||
+ slow = head;
|
||||
+ fast = head->next;
|
||||
+
|
||||
+ while (fast) {
|
||||
+ fast = fast->next;
|
||||
+ if (fast) {
|
||||
+ slow = slow->next;
|
||||
+ fast = fast->next;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ *front = head;
|
||||
+ *back = slow->next;
|
||||
+ slow->next = NULL;
|
||||
+}
|
||||
+
|
||||
+// Merge sort for linked list
|
||||
+static void slist_merge_sort(snode **head_ref)
|
||||
+{
|
||||
+ snode *head = *head_ref;
|
||||
+ snode *a, *b;
|
||||
+
|
||||
+ if (!head || !head->next)
|
||||
+ return;
|
||||
+
|
||||
+ slist_split_list(head, &a, &b);
|
||||
+
|
||||
+ slist_merge_sort(&a);
|
||||
+ slist_merge_sort(&b);
|
||||
+
|
||||
+ *head_ref = slist_merge_sorted_lists(a, b);
|
||||
+}
|
||||
+
|
||||
+// This function dominates aureport --summary --kind output
|
||||
+void slist_sort_by_hits(slist *l)
|
||||
+{
|
||||
+ if (l->cnt <= 1)
|
||||
+ return;
|
||||
+
|
||||
+ // If the list is small, use old algorithm because
|
||||
+ // the new one has some overhead that makes it slower
|
||||
+ // until the list is big enough that the inefficiencies
|
||||
+ // of the old algorithm cause slowness. The value chosen
|
||||
+ // below is just a guess. At 100, the old algorithm is
|
||||
+ // faster. At 1000, the new one is 5x faster.
|
||||
+ if (l->cnt < 200)
|
||||
+ return old_sort_by_hits(l);
|
||||
+
|
||||
+ slist_merge_sort(&l->head);
|
||||
+
|
||||
+ // End with cur pointing at first record
|
||||
+ l->cur = l->head;
|
||||
+}
|
||||
+
|
||||
diff --git a/src/ausearch-string.h b/src/ausearch-string.h
|
||||
index 1cfc4a6..5fcf1ee 100644
|
||||
--- a/src/ausearch-string.h
|
||||
+++ b/src/ausearch-string.h
|
||||
@@ -1,6 +1,6 @@
|
||||
/*
|
||||
* ausearch-string.h - Header file for ausearch-string.c
|
||||
-* Copyright (c) 2005,2008 Red Hat Inc., Durham, North Carolina.
|
||||
+* Copyright (c) 2005,2008,2023 Red Hat Inc.
|
||||
* All Rights Reserved.
|
||||
*
|
||||
* This software may be freely redistributed and/or modified under the
|
||||
@@ -15,7 +15,7 @@
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; see the file COPYING. If not, write to the
|
||||
-* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor
|
||||
+* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor
|
||||
* Boston, MA 02110-1335, USA.
|
||||
*
|
||||
* Authors:
|
||||
@@ -41,6 +41,7 @@ typedef struct _snode{
|
||||
typedef struct {
|
||||
snode *head; // List head
|
||||
snode *cur; // Pointer to current node
|
||||
+ snode *last; // Pointer to current node
|
||||
unsigned int cnt; // How many items in this list
|
||||
} slist;
|
||||
|
19
audit-3.9-2-no-io_uring.patch
Normal file
19
audit-3.9-2-no-io_uring.patch
Normal file
@ -0,0 +1,19 @@
|
||||
commit b4cc077dac3e9bee1df59ee04cb2c466bc603033
|
||||
Author: Steve Grubb <sgrubb@redhat.com>
|
||||
Date: Wed Nov 1 15:14:25 2023 -0400
|
||||
|
||||
completely disable io_uring code in libev
|
||||
|
||||
diff --git a/src/libev/ev.c b/src/libev/ev.c
|
||||
index a4ef36f..c4a0070 100644
|
||||
--- a/src/libev/ev.c
|
||||
+++ b/src/libev/ev.c
|
||||
@@ -128,7 +128,7 @@
|
||||
|
||||
# if HAVE_LINUX_FS_H && HAVE_SYS_TIMERFD_H && HAVE_KERNEL_RWF_T
|
||||
# ifndef EV_USE_IOURING
|
||||
-# define EV_USE_IOURING EV_FEATURE_BACKENDS
|
||||
+# define EV_USE_IOURING 0 // Intentionally drop the io_uring backend
|
||||
# endif
|
||||
# else
|
||||
# undef EV_USE_IOURING
|
19
audit-3.9-3-fix-arg.patch
Normal file
19
audit-3.9-3-fix-arg.patch
Normal file
@ -0,0 +1,19 @@
|
||||
commit 59c886a671c53741399fe9dea710c2bf1ae3d8f4
|
||||
Author: Steve Grubb <sgrubb@redhat.com>
|
||||
Date: Wed Nov 1 15:40:32 2023 -0400
|
||||
|
||||
use correct arg in audit_add_perm_syscalls
|
||||
|
||||
diff --git a/lib/libaudit.c b/lib/libaudit.c
|
||||
index 563cc2f..0a52285 100644
|
||||
--- a/lib/libaudit.c
|
||||
+++ b/lib/libaudit.c
|
||||
@@ -1522,7 +1522,7 @@ static int audit_add_perm_syscalls(int perm, struct audit_rule_data *rule)
|
||||
_audit_syscalladded = 1;
|
||||
break;
|
||||
case -1: // Should never happen
|
||||
- audit_msg(LOG_ERR, "Syscall name unknown: %s", syscall);
|
||||
+ audit_msg(LOG_ERR, "Syscall name unknown: %s", syscalls);
|
||||
break;
|
||||
default: // Error reported - do nothing here
|
||||
break;
|
25
audit-3.9-4-fix-leak.patch
Normal file
25
audit-3.9-4-fix-leak.patch
Normal file
@ -0,0 +1,25 @@
|
||||
commit e1b75c41b3bd4f7de981b1c89b3a23c64cda53e1
|
||||
Author: cgzones <cgzones@googlemail.com>
|
||||
Date: Wed Nov 1 20:35:40 2023 +0100
|
||||
|
||||
lib: close audit socket in load_feature_bitmap() (#334)
|
||||
|
||||
diff --git a/lib/libaudit.c b/lib/libaudit.c
|
||||
index 0a52285..72b25a9 100644
|
||||
--- a/lib/libaudit.c
|
||||
+++ b/lib/libaudit.c
|
||||
@@ -657,12 +657,14 @@ static void load_feature_bitmap(void)
|
||||
|
||||
/* Found it... */
|
||||
features_bitmap = rep.status->feature_bitmap;
|
||||
+ audit_close(fd);
|
||||
return;
|
||||
}
|
||||
}
|
||||
}
|
||||
#endif
|
||||
features_bitmap = AUDIT_FEATURES_UNSUPPORTED;
|
||||
+ audit_close(fd);
|
||||
}
|
||||
|
||||
uint32_t audit_get_features(void)
|
19
audit-3.9-5-mk-static.patch
Normal file
19
audit-3.9-5-mk-static.patch
Normal file
@ -0,0 +1,19 @@
|
||||
commit 73c9ce37b15a963c6e609906d232b0a6ea9c741f
|
||||
Author: Steve Grubb <sgrubb@redhat.com>
|
||||
Date: Wed Nov 1 17:22:47 2023 -0400
|
||||
|
||||
declare file local function static
|
||||
|
||||
diff --git a/lib/libaudit.c b/lib/libaudit.c
|
||||
index 72b25a9..cfbad1d 100644
|
||||
--- a/lib/libaudit.c
|
||||
+++ b/lib/libaudit.c
|
||||
@@ -997,7 +997,7 @@ uint32_t audit_get_session(void)
|
||||
return ses;
|
||||
}
|
||||
|
||||
-int audit_rule_syscall_data(struct audit_rule_data *rule, int scall)
|
||||
+static int audit_rule_syscall_data(struct audit_rule_data *rule, int scall)
|
||||
{
|
||||
int word = AUDIT_WORD(scall);
|
||||
int bit = AUDIT_BIT(scall);
|
15
audit.spec
15
audit.spec
@ -2,11 +2,16 @@
|
||||
Summary: User space tools for kernel auditing
|
||||
Name: audit
|
||||
Version: 3.1.2
|
||||
Release: 4%{?dist}
|
||||
Release: 5%{?dist}
|
||||
License: GPL-2.0-or-later AND LGPL-2.0-or-later
|
||||
URL: http://people.redhat.com/sgrubb/audit/
|
||||
Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
|
||||
Source1: https://www.gnu.org/licenses/lgpl-2.1.txt
|
||||
Patch1: audit-3.9-1-aureport.patch
|
||||
Patch2: audit-3.9-2-no-io_uring.patch
|
||||
Patch3: audit-3.9-3-fix-arg.patch
|
||||
Patch4: audit-3.9-4-fix-leak.patch
|
||||
Patch5: audit-3.9-5-mk-static.patch
|
||||
|
||||
BuildRequires: make gcc
|
||||
BuildRequires: krb5-devel
|
||||
@ -89,6 +94,11 @@ Management Facility) database, through an IBM Tivoli Directory Server
|
||||
%prep
|
||||
%setup -q
|
||||
cp %{SOURCE1} .
|
||||
%patch 1 -p1
|
||||
%patch 2 -p1
|
||||
%patch 3 -p1
|
||||
%patch 4 -p1
|
||||
%patch 5 -p1
|
||||
|
||||
# Remove the ids code, its not ready
|
||||
sed -i 's/ ids / /' audisp/plugins/Makefile.am
|
||||
@ -268,6 +278,9 @@ fi
|
||||
%attr(750,root,root) %{_sbindir}/audispd-zos-remote
|
||||
|
||||
%changelog
|
||||
* Sat Nov 04 2023 Steve Grubb <sgrubb@redhat.com> 3.1.2-5
|
||||
- Bug fixes pulled from upstrean
|
||||
|
||||
* Wed Sep 13 2023 Dusty Mabe <dusty@dustymabe.com> 3.1.2-4
|
||||
- Remove initscripts-service from Requires(postun)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user