Re: [PATCH v2] audit: handle unknown status requests in audit_receive_msg

Next message: Arnd Bergmann: "Re: [PATCH 2/2] [RFC] iommu: io-pgtable-arm-v7s: avoid gcc-16.0.1 section mismatch"
Previous message: Andrew Lunn: "Re: [RFC PATCH 1/9] leds: Load trigger modules on-demand if used as hw control trigger"
In reply to: Paul Moore: "Re: [PATCH v2] audit: handle unknown status requests in audit_receive_msg"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Ricardo Robaina

Date: Tue Mar 10 2026 - 15:25:08 EST

On Tue, Mar 10, 2026 at 4:22 PM Paul Moore <paul@xxxxxxxxxxxxxx> wrote:
>
> On Mar 9, 2026 Ricardo Robaina <rrobaina@xxxxxxxxxx> wrote:
> >
> > Currently, audit_receive_msg() ignores unknown status bits in AUDIT_SET
> > requests, incorrectly returning success to newer user space tools
> > querying unsupported features. This breaks forward compatibility.
> >
> > Fix this by defining AUDIT_STATUS_ALL and returning -EINVAL if any
> > unrecognized bits are set (s.mask & ~AUDIT_STATUS_ALL).
> > This ensures invalid requests are safely rejected, allowing user space
> > to reliably test for and gracefully handle feature detection on older
> > kernels.
> >
> > Suggested-by: Steve Grubb <sgrubb@xxxxxxxxxx>
> > Signed-off-by: Ricardo Robaina <rrobaina@xxxxxxxxxx>
> > ---
> > v1 -> v2:
> > - Moved AUDIT_STATUS_ALL from include/uapi/linux/audit.h to
> > include/linux/audit.h.
> >
> > include/linux/audit.h | 9 +++++++++
> > kernel/audit.c | 2 ++
> > 2 files changed, 11 insertions(+)
>
> Merged into audit/dev, thanks.
>
> --
> paul-moore.com
>

Thanks, Paul!