[GIT PULL] Audit patches for v4.21

[Paul Moore]

Hi Linus,

In the finest of holiday of traditions, I have a number of gifts to
share today.  While most of them are re-gifts from others, unlike the
typical re-gift, these are things you will want in and around your
tree; I promise.

This pull request is perhaps a bit larger than our typical PR, but
most of it comes from Jan's rework of audit's fanotify code; a very
welcome improvement.  We ran this through our normal regression tests,
as well as some newly created stress tests and everything looks good.
Richard added a few patches, mostly cleaning up a few things and and
shortening some of the audit records that we send to userspace; a
change the userspace folks are quite happy about.  Finally YueHaibing
and I kick in a few patches to simplify things a bit and make the code
less prone to errors.

Lastly, I want to say thanks one more time to everyone who has
contributed patches, testing, and code reviews for the audit subsystem
over the past year.  The project is what it is due to your help and
contributions - thank you.

Thanks,
-Paul

--
The following changes since commit 651022382c7f8da46cb4872a545ee1da6d097d2a:

 Linux 4.20-rc1 (2018-11-04 15:37:52 -0800)

are available in the Git repository at:

 git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git
   tags/audit-pr-20181224

for you to fetch changes up to d406db524c32ca35bd85cada28a547fff3115715:

 audit: remove duplicated include from audit.c (2018-12-14 12:09:30 -0500)

----------------------------------------------------------------
audit/stable-4.21 PR 20181224

----------------------------------------------------------------
Jan Kara (14):
     audit_tree: Remove mark->lock locking
     audit: Fix possible spurious -ENOSPC error
     audit: Fix possible tagging failures
     audit: Embed key into chunk
     audit: Make hash table insertion safe against concurrent lookups
     audit: Factor out chunk replacement code
     audit: Remove pointless check in insert_hash()
     audit: Provide helper for dropping mark's chunk reference
     audit: Allocate fsnotify mark independently of chunk
     audit: Guarantee forward progress of chunk untagging
     audit: Drop all unused chunk nodes during deletion
     audit: Simplify locking around untag_chunk()
     audit: Replace chunk attached to mark instead of replacing mark
     audit: Use 'mark' name for fsnotify_mark variables

Paul Moore (2):
     audit: minimize our use of audit_log_format()
     audit: use current whenever possible

Richard Guy Briggs (5):
     audit: print empty EXECVE args
     audit: localize audit_log_session_info prototype
     audit: use session_info helper
     audit: remove WATCH and TREE config options
     audit: shorten PATH cap values when zero

YueHaibing (1):
     audit: remove duplicated include from audit.c

drivers/tty/tty_audit.c          |  13 +-
include/linux/audit.h            |   8 +-
init/Kconfig                     |   9 -
kernel/Makefile                  |   4 +-
kernel/audit.c                   |  62 ++---
kernel/audit.h                   |  10 +-
kernel/audit_fsnotify.c          |   6 +-
kernel/audit_tree.c              | 498 ++++++++++++++++++++----------------
kernel/audit_watch.c             |   6 +-
kernel/auditsc.c                 | 150 ++++++------
security/integrity/ima/ima_api.c |   2 +-
11 files changed, 395 insertions(+), 373 deletions(-)

-- 
paul moore
www.paul-moore.com