Skip to content

Make auparse muti-thread safe #464

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
stevegrubb merged 12 commits into from
Jun 21, 2025
Merged

Make auparse muti-thread safe #464

stevegrubb merged 12 commits into from
Jun 21, 2025

Conversation

@stevegrubb
Copy link
Contributor

@stevegrubb stevegrubb commented Jun 21, 2025

See individual commits for descriptions.

stevegrubb added 12 commits June 15, 2025 12:06
@stevegrubb
auparse multi-threading patch
426e55a
@stevegrubb
update auparse.c
af72089
@stevegrubb
Fix leak
94e69fb
@stevegrubb
fix use after free
3a8839f
@stevegrubb
revert change
f19d3eb
@stevegrubb
move interpretations
d2f6e3a
@stevegrubb
Null pointer passed to interpretation helpers in ausearch
9ad5433 
ausearch_load_interpretations() directly calls
_auparse_load_interpretations(au, n->interp) but au is a global
pointer initialized only when CSV/TEXT output is selected. When
using the -i option (interpreted output) au remains NULL, leading
to a crash in free_interpretation_list().
@stevegrubb
Consolidate auparse stubs
d83ee2a 
There were identical stub declarations in various files. This patch
gathers them all up to make future maintenance easier.
@stevegrubb
Fix path_norm static array
fb98350 
path_norm uses a static array working to build paths and then returns a
copy. Concurrent calls may corrupt working before the copy is made.
Now it dynamically allocates a PATH_MAX-sized buffer, handles cleanup
on all return paths, and frees it before duplicating the final normalized
path.
@stevegrubb
Global LRU caches not thread safe
3e755c5 
interpret.c maintains global caches (uid_cache, gid_cache) without
synchronization, meaning concurrent lookups from multiple threads
could race. Calls such as _auparse_flush_caches() operate on these
globals, further suggesting they are shared process wide.

Move the caches into the auparse_state_t variable so that the cache
is private to the auparse_state_t instance.
@stevegrubb
Consolidate constant definition
a3a4294 
NEVER_LOADED is defined both in interpret.h and in the stub header.
Move it to a shared location.
@stevegrubb
Merge branch 'master' into auparse
4cf30b0
@stevegrubb stevegrubb merged commit 27d9db5 into linux-audit:master Jun 21, 2025
0 of 4 checks passed
@stevegrubb stevegrubb deleted the auparse branch June 21, 2025 17:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@stevegrubb