From nobody Thu Apr 9 10:30:35 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 98E7A3A785C for ; Mon, 9 Mar 2026 13:05:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773061547; cv=none; b=qQMdahb4+2MIjbWfmcN/ubPbe8KShrLQ1fXi9yibns7N5UCKBE5PA7QKRj+qGyoBfktjrRdMxgaeDp8GyYunlY8cUVvzikifonxE73Na2M1trgv/2AP5nJUyOB7yzIegRmT6jqnaHvZkZCipYMf6DcDzIiUzpPQpxldSxCywgiw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773061547; c=relaxed/simple; bh=BN6CNYDcs10KPHUi+3USETGYu398TkBNcKua7PLZ0nw=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=p/hckbGi0HzQzGy8Zgu+nIxi6MA02dslHcaJEuVsP2yDJmiJmdyuJZqvhsjY4IqCUYaVhdVT1+8cixmaoJ32zHJZOoQo0kyDP1zxwtu6JlSAnyLd1BhktCHT4Rzi1irmMsyNwTcHlrti8KzioEeuRrph4pX3NP4LmWJigmWHvMU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=bQ5QCkK1; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="bQ5QCkK1" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1773061545; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=XwyqZ9Vx6kvwiEtIowwrQwuy7UsMOdl+r6xAE+z2X54=; b=bQ5QCkK1vu7v/RZivCsR5oOdGsmDaAw7LoUqE33zatph1VpGXkfIZFXrWl1KDPOMExbw1x ivVFoz/VR5pnK0FK9gKBA+eFHHWhFaTSlrgunoImGoMYS55PU9hX4PYHZQBajKLZ8gd4Q4 K44vg7/5lr7YjVXJPsL9StVnAEkoBfc= Received: from mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-1-5Q0AXoHVP5KcIfj9T2q1Aw-1; Mon, 09 Mar 2026 09:05:41 -0400 X-MC-Unique: 5Q0AXoHVP5KcIfj9T2q1Aw-1 X-Mimecast-MFC-AGG-ID: 5Q0AXoHVP5KcIfj9T2q1Aw_1773061540 Received: from mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 524EA1956080; Mon, 9 Mar 2026 13:05:40 +0000 (UTC) Received: from wsxc.redhat.com (unknown [10.96.134.88]) by mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id A86883002D0D; Mon, 9 Mar 2026 13:05:37 +0000 (UTC) From: Ricardo Robaina To: audit@vger.kernel.org, linux-kernel@vger.kernel.org Cc: paul@paul-moore.com, eparis@redhat.com, Ricardo Robaina , Steve Grubb Subject: [PATCH v2] audit: handle unknown status requests in audit_receive_msg Date: Mon, 9 Mar 2026 10:05:33 -0300 Message-ID: <20260309130533.158095-1-rrobaina@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.4 Content-Type: text/plain; charset="utf-8" Currently, audit_receive_msg() ignores unknown status bits in AUDIT_SET requests, incorrectly returning success to newer user space tools querying unsupported features. This breaks forward compatibility. Fix this by defining AUDIT_STATUS_ALL and returning -EINVAL if any unrecognized bits are set (s.mask & ~AUDIT_STATUS_ALL). This ensures invalid requests are safely rejected, allowing user space to reliably test for and gracefully handle feature detection on older kernels. Suggested-by: Steve Grubb Signed-off-by: Ricardo Robaina --- v1 -> v2: - Moved AUDIT_STATUS_ALL from include/uapi/linux/audit.h to=20 include/linux/audit.h. include/linux/audit.h | 9 +++++++++ kernel/audit.c | 2 ++ 2 files changed, 11 insertions(+) diff --git a/include/linux/audit.h b/include/linux/audit.h index b642b5faca65..d79218bf075a 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h @@ -15,6 +15,15 @@ #include #include =20 +#define AUDIT_STATUS_ALL (AUDIT_STATUS_ENABLED | \ + AUDIT_STATUS_FAILURE | \ + AUDIT_STATUS_PID | \ + AUDIT_STATUS_RATE_LIMIT | \ + AUDIT_STATUS_BACKLOG_LIMIT | \ + AUDIT_STATUS_BACKLOG_WAIT_TIME | \ + AUDIT_STATUS_LOST | \ + AUDIT_STATUS_BACKLOG_WAIT_TIME_ACTUAL) + #define AUDIT_INO_UNSET ((unsigned long)-1) #define AUDIT_DEV_UNSET ((dev_t)-1) =20 diff --git a/kernel/audit.c b/kernel/audit.c index 5a0216056524..592383dce090 100644 --- a/kernel/audit.c +++ b/kernel/audit.c @@ -1295,6 +1295,8 @@ static int audit_receive_msg(struct sk_buff *skb, str= uct nlmsghdr *nlh, memset(&s, 0, sizeof(s)); /* guard against past and future API changes */ memcpy(&s, data, min_t(size_t, sizeof(s), data_len)); + if (s.mask & ~AUDIT_STATUS_ALL) + return -EINVAL; if (s.mask & AUDIT_STATUS_ENABLED) { err =3D audit_set_enabled(s.enabled); if (err < 0) --=20 2.53.0