BUG: auditd_reset() bypasses the multicast send

linux-audit / audit-kernel

GitHub mirror of the Linux Kernel's audit repository

https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git

Other

140 stars 37 forks source link

BUG: auditd_reset() bypasses the multicast send #41

Closed pcmoore closed 7 years ago

pcmoore commented 7 years ago

The auditd_reset() function, used to break the kernel/auditd connection, flushes the main backlog queue to the hold queue and in doing so bypasses the multicast send in kauditd_thread.

pcmoore commented 7 years ago

Upstream patch posted:

https://www.redhat.com/archives/linux-audit/2017-June/msg00056.html

pcmoore commented 7 years ago

Resolved via cd33f5f2cbfaadc21270f3ddac7c3c33e0a1a28c.