[RFC PATCH ghau10 v1] fix FEATURE_VERSION vs FEATURE_BITMAP

Richard Guy Briggs rgb at redhat.com
Fri Dec 4 03:42:36 UTC 2020 

Untangle AUDIT_FEATURE_VERSION and AUDIT_FEATURE_BITMAP since they have nothing
to do with each other.

AUDIT_FEATURE_VERSION is a method to enable and lock certain audit features in
the kernel.  Threre are currently only two.

AUDIT_FEATURE_BITMAP is a method to determine what features exist in the kernel
implementation of audit.  There are currently seven.

fixes: a22f13a548d2f26b3fb05b31599f5b12f56d3d07 ("Fix compile time feature detection in auditctl")
fixes: 74327320a25b2d889708002908d6a051b4dfea51 ("Fix compile time feature detection in auditctl")
fixes: f588248775b4f8180b846bbc1681bc54e07871ed ("Better detect struct audit_status existence")
fixes: bed754a651f47f5a83bbf565609e4936b0270269 ("Fix building on old kernels")
Please see issue page https://github.com/linux-audit/audit-userspace/issues/10

Signed-off-by: Richard Guy Briggs <rgb at redhat.com>
---
 lib/libaudit.c         | 12 ++++--------
 lib/libaudit.h         |  2 +-
 lib/netlink.c          |  6 ++----
 src/auditctl-listing.c |  3 +--
 src/auditctl.c         |  6 ++----
 5 files changed, 10 insertions(+), 19 deletions(-)

diff --git a/lib/libaudit.c b/lib/libaudit.c
index 37bf508cf07a..de22e9281969 100644
--- a/lib/libaudit.c
+++ b/lib/libaudit.c
@@ -540,8 +540,7 @@ int audit_reset_lost(int fd)
 
 int audit_set_feature(int fd, unsigned feature, unsigned value, unsigned lock)
 {
-#if defined(HAVE_DECL_AUDIT_FEATURE_VERSION) && \
-    defined(HAVE_STRUCT_AUDIT_STATUS_FEATURE_BITMAP)
+#if defined(HAVE_DECL_AUDIT_FEATURE_VERSION)
 	int rc;
 	struct audit_features f;
 
@@ -565,8 +564,7 @@ int audit_set_feature(int fd, unsigned feature, unsigned value, unsigned lock)
 
 int audit_request_features(int fd)
 {
-#if defined(HAVE_DECL_AUDIT_FEATURE_VERSION) && \
-    defined(HAVE_STRUCT_AUDIT_STATUS_FEATURE_BITMAP)
+#if defined(HAVE_DECL_AUDIT_FEATURE_VERSION)
 	int rc;
 	struct audit_features f;
 
@@ -585,8 +583,7 @@ int audit_request_features(int fd)
 
 extern int  audit_set_loginuid_immutable(int fd)
 {
-#if defined(HAVE_DECL_AUDIT_FEATURE_VERSION) && \
-    defined(HAVE_STRUCT_AUDIT_STATUS_FEATURE_BITMAP)
+#if defined(HAVE_DECL_AUDIT_FEATURE_VERSION)
 	return audit_set_feature(fd, AUDIT_FEATURE_LOGINUID_IMMUTABLE, 1, 1);
 #else
 	errno = EINVAL;
@@ -607,8 +604,7 @@ static void load_feature_bitmap(void)
 		return;
 	}
 
-#if defined(HAVE_DECL_AUDIT_FEATURE_VERSION) && \
-    defined(HAVE_STRUCT_AUDIT_STATUS_FEATURE_BITMAP)
+#if defined(HAVE_STRUCT_AUDIT_STATUS_FEATURE_BITMAP)
 	if ((rc = audit_request_status(fd)) > 0) {
 		struct audit_reply rep;
 		int i;
diff --git a/lib/libaudit.h b/lib/libaudit.h
index ec880eeb89ec..2305cf55d166 100644
--- a/lib/libaudit.h
+++ b/lib/libaudit.h
@@ -514,7 +514,7 @@ struct audit_reply {
 	struct nlmsgerr         *error;
 	struct audit_sig_info   *signal_info;
 	struct daemon_conf      *conf;
-#ifdef AUDIT_FEATURE_BITMAP_ALL
+#ifdef AUDIT_FEATURE_VERSION
 	struct audit_features	*features;
 #endif
 	};
diff --git a/lib/netlink.c b/lib/netlink.c
index 5b2028fda7e8..9525b8d833c0 100644
--- a/lib/netlink.c
+++ b/lib/netlink.c
@@ -147,8 +147,7 @@ static int adjust_reply(struct audit_reply *rep, int len)
 	rep->error    = NULL;
 	rep->signal_info = NULL;
 	rep->conf     = NULL;
-#if defined(HAVE_DECL_AUDIT_FEATURE_VERSION) && \
-    defined(HAVE_STRUCT_AUDIT_STATUS_FEATURE_BITMAP)
+#if defined(HAVE_DECL_AUDIT_FEATURE_VERSION)
 	rep->features = NULL;
 #endif
 	if (!NLMSG_OK(rep->nlh, (unsigned int)len)) {
@@ -173,8 +172,7 @@ static int adjust_reply(struct audit_reply *rep, int len)
 		case AUDIT_GET:   
 			rep->status  = NLMSG_DATA(rep->nlh); 
 			break;
-#if defined(HAVE_DECL_AUDIT_FEATURE_VERSION) && \
-    defined(HAVE_STRUCT_AUDIT_STATUS_FEATURE_BITMAP)
+#if defined(HAVE_DECL_AUDIT_FEATURE_VERSION)
 		case AUDIT_GET_FEATURE:
 			rep->features =  NLMSG_DATA(rep->nlh);
 			break;
diff --git a/src/auditctl-listing.c b/src/auditctl-listing.c
index 6eb3b56bbc79..2b4b43caa9d2 100644
--- a/src/auditctl-listing.c
+++ b/src/auditctl-listing.c
@@ -567,8 +567,7 @@ int audit_print_reply(struct audit_reply *rep, int fd)
 #endif
 			printed = 1;
 			break;
-#if defined(HAVE_DECL_AUDIT_FEATURE_VERSION) && \
-    defined(HAVE_STRUCT_AUDIT_STATUS_FEATURE_BITMAP)
+#if defined(HAVE_DECL_AUDIT_FEATURE_VERSION)
 		case AUDIT_GET_FEATURE:
 			{
 			uint32_t mask = AUDIT_FEATURE_TO_MASK(
diff --git a/src/auditctl.c b/src/auditctl.c
index 29f7215b94b6..3891db56bee7 100644
--- a/src/auditctl.c
+++ b/src/auditctl.c
@@ -133,8 +133,7 @@ static void usage(void)
      "    -v                  Version\n"
      "    -w <path>           Insert watch at <path>\n"
      "    -W <path>           Remove watch at <path>\n"
-#if defined(HAVE_DECL_AUDIT_FEATURE_VERSION) && \
-    defined(HAVE_STRUCT_AUDIT_STATUS_FEATURE_BITMAP)
+#if defined(HAVE_DECL_AUDIT_FEATURE_VERSION)
      "    --loginuid-immutable  Make loginuids unchangeable once set\n"
 #endif
 #if HAVE_DECL_AUDIT_VERSION_BACKLOG_WAIT_TIME == 1 || \
@@ -449,8 +448,7 @@ static int parse_syscall(const char *optarg)
 
 static struct option long_opts[] =
 {
-#if defined(HAVE_DECL_AUDIT_FEATURE_VERSION) && \
-    defined(HAVE_STRUCT_AUDIT_STATUS_FEATURE_BITMAP)
+#if defined(HAVE_DECL_AUDIT_FEATURE_VERSION)
   {"loginuid-immutable", 0, NULL, 1},
 #endif
 #if HAVE_DECL_AUDIT_VERSION_BACKLOG_WAIT_TIME == 1 || \
-- 
2.18.4

More information about the Linux-audit mailing list