From: Ricardo Robaina <rrobaina@redhat.com>
To: audit@vger.kernel.org, linux-kernel@vger.kernel.org
Cc: paul@paul-moore.com, eparis@redhat.com, sgrubb@redhat.com,
Ricardo Robaina <rrobaina@redhat.com>
Subject: [PATCH] audit: handle unknown status requests in audit_receive_msg
Date: Tue, 3 Mar 2026 09:42:29 -0300 [thread overview]
Message-ID: <20260303124229.700524-1-rrobaina@redhat.com> (raw)
Currently, audit_receive_msg() ignores unknown status bits in AUDIT_SET
requests, incorrectly returning success to newer user space tools
querying unsupported features. This breaks forward compatibility.
Fix this by defining AUDIT_STATUS_ALL in the UAPI header and returning
-EINVAL if any unrecognized bits are set (s.mask & ~AUDIT_STATUS_ALL).
This ensures invalid requests are safely rejected, allowing user space
to reliably test for and gracefully handle feature detection on older
kernels.
Suggested-by: Steve Grubb <sgrubb@redhat.com>
Signed-off-by: Ricardo Robaina <rrobaina@redhat.com>
---
include/uapi/linux/audit.h | 9 +++++++++
kernel/audit.c | 2 ++
2 files changed, 11 insertions(+)
diff --git a/include/uapi/linux/audit.h b/include/uapi/linux/audit.h
index 14a1c1fe013a..1d5122b9274a 100644
--- a/include/uapi/linux/audit.h
+++ b/include/uapi/linux/audit.h
@@ -356,6 +356,15 @@ enum {
#define AUDIT_STATUS_LOST 0x0040
#define AUDIT_STATUS_BACKLOG_WAIT_TIME_ACTUAL 0x0080
+#define AUDIT_STATUS_ALL (AUDIT_STATUS_ENABLED | \
+ AUDIT_STATUS_FAILURE | \
+ AUDIT_STATUS_PID | \
+ AUDIT_STATUS_RATE_LIMIT | \
+ AUDIT_STATUS_BACKLOG_LIMIT | \
+ AUDIT_STATUS_BACKLOG_WAIT_TIME | \
+ AUDIT_STATUS_LOST | \
+ AUDIT_STATUS_BACKLOG_WAIT_TIME_ACTUAL)
+
#define AUDIT_FEATURE_BITMAP_BACKLOG_LIMIT 0x00000001
#define AUDIT_FEATURE_BITMAP_BACKLOG_WAIT_TIME 0x00000002
#define AUDIT_FEATURE_BITMAP_EXECUTABLE_PATH 0x00000004
diff --git a/kernel/audit.c b/kernel/audit.c
index 5a0216056524..592383dce090 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -1295,6 +1295,8 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh,
memset(&s, 0, sizeof(s));
/* guard against past and future API changes */
memcpy(&s, data, min_t(size_t, sizeof(s), data_len));
+ if (s.mask & ~AUDIT_STATUS_ALL)
+ return -EINVAL;
if (s.mask & AUDIT_STATUS_ENABLED) {
err = audit_set_enabled(s.enabled);
if (err < 0)
--
2.53.0
next reply other threads:[~2026-03-03 12:42 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-03 12:42 Ricardo Robaina [this message]
2026-03-06 3:22 ` [PATCH] audit: handle unknown status requests in audit_receive_msg Paul Moore
2026-03-09 12:24 ` Ricardo Robaina
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260303124229.700524-1-rrobaina@redhat.com \
--to=rrobaina@redhat.com \
--cc=audit@vger.kernel.org \
--cc=eparis@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=paul@paul-moore.com \
--cc=sgrubb@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox