Bug fixes pulled from upstrean

This commit is contained in:
Steve Grubb 2023-11-04 11:13:13 -04:00
parent 894f78aa4a
commit 1f866afd4b
6 changed files with 381 additions and 1 deletions

285
audit-3.9-1-aureport.patch Normal file
View File

@ -0,0 +1,285 @@
commit 5ccc65eba1807c12e603c4bdf6590d91cc52499a
Author: Steve Grubb <sgrubb@redhat.com>
Date: Sat Sep 2 09:58:46 2023 -0400
Speed up aureport --summary reports
diff --git a/src/ausearch-string.c b/src/ausearch-string.c
index 8dbec53..484c232 100644
--- a/src/ausearch-string.c
+++ b/src/ausearch-string.c
@@ -1,27 +1,28 @@
/*
-* ausearch-string.c - Minimal linked list library for strings
-* Copyright (c) 2005,2008,2014 Red Hat Inc., Durham, North Carolina.
-* All Rights Reserved.
-*
-* This software may be freely redistributed and/or modified under the
-* terms of the GNU General Public License as published by the Free
-* Software Foundation; either version 2, or (at your option) any
-* later version.
-*
-* This program is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-* GNU General Public License for more details.
-*
-* You should have received a copy of the GNU General Public License
-* along with this program; see the file COPYING. If not, write to the
-* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor
-* Boston, MA 02110-1335, USA.
-*
-* Authors:
-* Steve Grubb <sgrubb@redhat.com>
-*/
-
+ * ausearch-string.c - Minimal linked list library for strings
+ * Copyright (c) 2005,2008,2014,2023 Red Hat Inc.
+ * All Rights Reserved.
+ *
+ * This software may be freely redistributed and/or modified under the
+ * terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2, or (at your option) any
+ * later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; see the file COPYING. If not, write to the
+ * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor
+ * Boston, MA 02110-1335, USA.
+ *
+ * Authors:
+ * Steve Grubb <sgrubb@redhat.com>
+ */
+
+#pragma GCC optimize("O3,inline")
#include "ausearch-string.h"
#include <stdlib.h>
#include <string.h>
@@ -31,28 +32,10 @@ void slist_create(slist *l)
{
l->head = NULL;
l->cur = NULL;
+ l->last = NULL;
l->cnt = 0;
}
-void slist_last(slist *l)
-{
- register snode* cur;
-
- if (l->head == NULL)
- return;
-
- // Try using cur so that we don't have to start at beginnning
- if (l->cur)
- cur = l->cur;
- else
- cur = l->head;
-
- // Loop until no next value
- while (cur->next)
- cur = cur->next;
- l->cur = cur;
-}
-
snode *slist_next(slist *l)
{
if (l->cur == NULL)
@@ -80,14 +63,14 @@ void slist_append(slist *l, snode *node)
newnode->hits = node->hits;
newnode->next = NULL;
- // Make sure cursor is at the end
- slist_last(l);
-
- // if we are at top, fix this up
- if (l->head == NULL)
+ // if the top is empty, add it there
+ if (l->head == NULL) {
l->head = newnode;
- else // Otherwise add pointer to newnode
- l->cur->next = newnode;
+ l->last = newnode;
+ } else { // Otherwise put at the end
+ l->last->next = newnode;
+ l->last = newnode;
+ }
// make newnode current
l->cur = newnode;
@@ -109,25 +92,25 @@ void slist_clear(slist* l)
}
l->head = NULL;
l->cur = NULL;
+ l->last = NULL;
l->cnt = 0;
}
-/* This function dominates the timing of aureport. Needs to be more efficient */
int slist_add_if_uniq(slist *l, const char *str)
{
snode sn;
- register snode *cur;
+ register snode *cur;
if (str == NULL)
return -1;
- cur = l->head;
+ cur = l->head;
while (cur) {
if (strcmp(str, cur->str) == 0) {
cur->hits++;
l->cur = cur;
return 0;
- } else
+ } else
cur = cur->next;
}
@@ -140,7 +123,7 @@ int slist_add_if_uniq(slist *l, const char *str)
}
// If lprev would be NULL, use l->head
-static void swap_nodes(snode *lprev, snode *left, snode *right)
+static inline void swap_nodes(snode *lprev, snode *left, snode *right)
{
snode *t = right->next;
if (lprev)
@@ -150,17 +133,13 @@ static void swap_nodes(snode *lprev, snode *left, snode *right)
}
// This will sort the list from most hits to least
-void slist_sort_by_hits(slist *l)
+static void old_sort_by_hits(slist *l)
{
register snode* cur, *prev;
-
- if (l->cnt <= 1)
- return;
-
prev = cur = l->head;
while (cur && cur->next) {
- /* If the next node is bigger */
+ // If the next node is bigger
if (cur->hits < cur->next->hits) {
if (cur == l->head) {
// Update the actual list head
@@ -180,3 +159,82 @@ void slist_sort_by_hits(slist *l)
l->cur = l->head;
}
+// Merge two sorted lists
+static snode* slist_merge_sorted_lists(snode *a, snode *b)
+{
+ snode dummy;
+ snode *tail = &dummy;
+ dummy.next = NULL;
+
+ while (a && b) {
+ if (a->hits >= b->hits) {
+ tail->next = a;
+ a = a->next;
+ } else {
+ tail->next = b;
+ b = b->next;
+ }
+ tail = tail->next;
+ }
+ tail->next = a ? a : b;
+ return dummy.next;
+}
+
+// Split the list into two halves
+static void slist_split_list(snode *head, snode **front, snode **back)
+{
+ snode *fast, *slow;
+ slow = head;
+ fast = head->next;
+
+ while (fast) {
+ fast = fast->next;
+ if (fast) {
+ slow = slow->next;
+ fast = fast->next;
+ }
+ }
+
+ *front = head;
+ *back = slow->next;
+ slow->next = NULL;
+}
+
+// Merge sort for linked list
+static void slist_merge_sort(snode **head_ref)
+{
+ snode *head = *head_ref;
+ snode *a, *b;
+
+ if (!head || !head->next)
+ return;
+
+ slist_split_list(head, &a, &b);
+
+ slist_merge_sort(&a);
+ slist_merge_sort(&b);
+
+ *head_ref = slist_merge_sorted_lists(a, b);
+}
+
+// This function dominates aureport --summary --kind output
+void slist_sort_by_hits(slist *l)
+{
+ if (l->cnt <= 1)
+ return;
+
+ // If the list is small, use old algorithm because
+ // the new one has some overhead that makes it slower
+ // until the list is big enough that the inefficiencies
+ // of the old algorithm cause slowness. The value chosen
+ // below is just a guess. At 100, the old algorithm is
+ // faster. At 1000, the new one is 5x faster.
+ if (l->cnt < 200)
+ return old_sort_by_hits(l);
+
+ slist_merge_sort(&l->head);
+
+ // End with cur pointing at first record
+ l->cur = l->head;
+}
+
diff --git a/src/ausearch-string.h b/src/ausearch-string.h
index 1cfc4a6..5fcf1ee 100644
--- a/src/ausearch-string.h
+++ b/src/ausearch-string.h
@@ -1,6 +1,6 @@
/*
* ausearch-string.h - Header file for ausearch-string.c
-* Copyright (c) 2005,2008 Red Hat Inc., Durham, North Carolina.
+* Copyright (c) 2005,2008,2023 Red Hat Inc.
* All Rights Reserved.
*
* This software may be freely redistributed and/or modified under the
@@ -15,7 +15,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; see the file COPYING. If not, write to the
-* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor
+* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor
* Boston, MA 02110-1335, USA.
*
* Authors:
@@ -41,6 +41,7 @@ typedef struct _snode{
typedef struct {
snode *head; // List head
snode *cur; // Pointer to current node
+ snode *last; // Pointer to current node
unsigned int cnt; // How many items in this list
} slist;

View File

@ -0,0 +1,19 @@
commit b4cc077dac3e9bee1df59ee04cb2c466bc603033
Author: Steve Grubb <sgrubb@redhat.com>
Date: Wed Nov 1 15:14:25 2023 -0400
completely disable io_uring code in libev
diff --git a/src/libev/ev.c b/src/libev/ev.c
index a4ef36f..c4a0070 100644
--- a/src/libev/ev.c
+++ b/src/libev/ev.c
@@ -128,7 +128,7 @@
# if HAVE_LINUX_FS_H && HAVE_SYS_TIMERFD_H && HAVE_KERNEL_RWF_T
# ifndef EV_USE_IOURING
-# define EV_USE_IOURING EV_FEATURE_BACKENDS
+# define EV_USE_IOURING 0 // Intentionally drop the io_uring backend
# endif
# else
# undef EV_USE_IOURING

19
audit-3.9-3-fix-arg.patch Normal file
View File

@ -0,0 +1,19 @@
commit 59c886a671c53741399fe9dea710c2bf1ae3d8f4
Author: Steve Grubb <sgrubb@redhat.com>
Date: Wed Nov 1 15:40:32 2023 -0400
use correct arg in audit_add_perm_syscalls
diff --git a/lib/libaudit.c b/lib/libaudit.c
index 563cc2f..0a52285 100644
--- a/lib/libaudit.c
+++ b/lib/libaudit.c
@@ -1522,7 +1522,7 @@ static int audit_add_perm_syscalls(int perm, struct audit_rule_data *rule)
_audit_syscalladded = 1;
break;
case -1: // Should never happen
- audit_msg(LOG_ERR, "Syscall name unknown: %s", syscall);
+ audit_msg(LOG_ERR, "Syscall name unknown: %s", syscalls);
break;
default: // Error reported - do nothing here
break;

View File

@ -0,0 +1,25 @@
commit e1b75c41b3bd4f7de981b1c89b3a23c64cda53e1
Author: cgzones <cgzones@googlemail.com>
Date: Wed Nov 1 20:35:40 2023 +0100
lib: close audit socket in load_feature_bitmap() (#334)
diff --git a/lib/libaudit.c b/lib/libaudit.c
index 0a52285..72b25a9 100644
--- a/lib/libaudit.c
+++ b/lib/libaudit.c
@@ -657,12 +657,14 @@ static void load_feature_bitmap(void)
/* Found it... */
features_bitmap = rep.status->feature_bitmap;
+ audit_close(fd);
return;
}
}
}
#endif
features_bitmap = AUDIT_FEATURES_UNSUPPORTED;
+ audit_close(fd);
}
uint32_t audit_get_features(void)

View File

@ -0,0 +1,19 @@
commit 73c9ce37b15a963c6e609906d232b0a6ea9c741f
Author: Steve Grubb <sgrubb@redhat.com>
Date: Wed Nov 1 17:22:47 2023 -0400
declare file local function static
diff --git a/lib/libaudit.c b/lib/libaudit.c
index 72b25a9..cfbad1d 100644
--- a/lib/libaudit.c
+++ b/lib/libaudit.c
@@ -997,7 +997,7 @@ uint32_t audit_get_session(void)
return ses;
}
-int audit_rule_syscall_data(struct audit_rule_data *rule, int scall)
+static int audit_rule_syscall_data(struct audit_rule_data *rule, int scall)
{
int word = AUDIT_WORD(scall);
int bit = AUDIT_BIT(scall);

View File

@ -2,11 +2,16 @@
Summary: User space tools for kernel auditing
Name: audit
Version: 3.1.2
Release: 4%{?dist}
Release: 5%{?dist}
License: GPL-2.0-or-later AND LGPL-2.0-or-later
URL: http://people.redhat.com/sgrubb/audit/
Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
Source1: https://www.gnu.org/licenses/lgpl-2.1.txt
Patch1: audit-3.9-1-aureport.patch
Patch2: audit-3.9-2-no-io_uring.patch
Patch3: audit-3.9-3-fix-arg.patch
Patch4: audit-3.9-4-fix-leak.patch
Patch5: audit-3.9-5-mk-static.patch
BuildRequires: make gcc
BuildRequires: krb5-devel
@ -89,6 +94,11 @@ Management Facility) database, through an IBM Tivoli Directory Server
%prep
%setup -q
cp %{SOURCE1} .
%patch 1 -p1
%patch 2 -p1
%patch 3 -p1
%patch 4 -p1
%patch 5 -p1
# Remove the ids code, its not ready
sed -i 's/ ids / /' audisp/plugins/Makefile.am
@ -268,6 +278,9 @@ fi
%attr(750,root,root) %{_sbindir}/audispd-zos-remote
%changelog
* Sat Nov 04 2023 Steve Grubb <sgrubb@redhat.com> 3.1.2-5
- Bug fixes pulled from upstrean
* Wed Sep 13 2023 Dusty Mabe <dusty@dustymabe.com> 3.1.2-4
- Remove initscripts-service from Requires(postun)