!83 update to 3.1.1

From: @zhengxiaoxiaoGitee 
Reviewed-by: @huangzq6 
Signed-off-by: @huangzq6

audit-Add-sw64-architecture.patch

@@ -62,14 +62,14 @@ diff --git a/lib/libaudit.h b/lib/libaudit.h
 index 3a8e8c8..16af222 100644
 --- a/lib/libaudit.h
 +++ b/lib/libaudit.h
-@@ -561,6 +561,7 @@ typedef enum {
+@@ -594,6 +594,7 @@ typedef enum {
  	MACH_S390X,
  	MACH_S390,
  	MACH_ALPHA,	// Deprecated but has to stay
 +	MACH_SW_64,	// Deprecated but has to stay
  	MACH_ARM,
  	MACH_AARCH64,
- 	MACH_PPC64LE
+ 	MACH_PPC64LE,
 diff --git a/src/libev/ev.c b/src/libev/ev.c
 index 5ff936c..72765b5 100644
 --- a/src/libev/ev.c

audit.spec

@@ -1,8 +1,8 @@
 Summary:            User space tools for kernel auditing
 Name:               audit
 Epoch:              1
-Version:            3.0.9
+Version:            3.1.1
-Release:            2
+Release:            1
 License:            GPLv2+ and LGPLv2+
 URL:                https://people.redhat.com/sgrubb/audit/
 Source0:            https://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
@@ -14,7 +14,7 @@ Patch2:          bugfix-audit-reload-coredump.patch
 Patch3:          audit-Add-sw64-architecture.patch
 Patch4:          backport-audit-flex-array-workaround.patch
 Patch5:          backport-audit-undo-flex-array.patch
-Patch6:          backport-Try-to-interpret-OPENAT2-fields-correctly.patch
+Patch6:          backport-auditswig.i-avoid-setter-generation-for-audit_rule_d.patch
 
 BuildRequires:      gcc swig libtool systemd kernel-headers >= 2.6.29
 BuildRequires:      openldap-devel krb5-devel libcap-ng-devel
@@ -325,6 +325,7 @@ fi
 %config(noreplace) %attr(640,root,root) /etc/audit/plugins.d/syslog.conf
 %attr(750,root,root) /sbin/audisp-remote
 %attr(750,root,root) /sbin/audisp-syslog
+%attr(750,root,root) /sbin/audisp-af_unix
 %attr(700,root,root) %dir %{_var}/spool/audit
 
 %files -n audispd-plugins-zos
@@ -365,6 +366,9 @@ fi
 %attr(644,root,root) %{_mandir}/man8/*.8.gz
 
 %changelog
+* Mon Jul 24 2023 zhengxiaoxiao<zhengxiaoxiao2@huawei.com> - 1:3.1.1-1
+- update version to 3.1.1
+
 * Fri Mar 24 2023 dongyuzhen <dongyuzhen@h-partners.com> - 1:3.0.9-2
 - backport patches from upstream
 

backport-Try-to-interpret-OPENAT2-fields-correctly.patch

@@ -1,75 +0,0 @@
-From 83214d7469274dbd60959e32f6c26dda016de048 Mon Sep 17 00:00:00 2001
-From: Steve Grubb <sgrubb@redhat.com>
-Date: Wed, 8 Feb 2023 13:45:32 -0500
-Subject: [PATCH] Try to interpret OPENAT2 fields correctly
-
-Conflict: delete ChangeLog
-Reference:https://github.com/linux-audit/audit-userspace/commit/83214d7469274dbd60959e32f6c26dda016de048
----
- auparse/interpret.c | 18 +++++++++---------
- 1 file changed, 9 insertions(+), 9 deletions(-)
-
-diff --git a/auparse/interpret.c b/auparse/interpret.c
-index 373851f..4d2f0d4 100644
---- a/auparse/interpret.c
-+++ b/auparse/interpret.c
-@@ -1490,15 +1490,15 @@ static const char *print_success(const char *val)
- 		return strdup(val);
- }
- 
--static const char *print_open_flags(const char *val)
-+static const char *print_open_flags(const char *val, int base)
- {
- 	size_t i;
--	unsigned int flags;
-+	unsigned long flags;
- 	int cnt = 0;
- 	char *out, buf[sizeof(open_flag_strings)+OPEN_FLAG_NUM_ENTRIES+1];
- 
- 	errno = 0;
--	flags = strtoul(val, NULL, 16);
-+	flags = strtoul(val, NULL, base);
-         if (errno) {
- 		if (asprintf(&out, "conversion error(%s)", val) < 0)
- 			out = NULL;
-@@ -2504,10 +2504,10 @@ static const char *print_a1(const char *val, const idata *id)
- 			else if (strcmp(sys, "mknod") == 0)
- 				return print_mode(val, 16);
- 			else if (strcmp(sys, "mq_open") == 0)
--				return print_open_flags(val);
-+				return print_open_flags(val, 16);
- 		}
- 		else if (strcmp(sys, "open") == 0)
--			return print_open_flags(val);
-+			return print_open_flags(val, 16);
- 		else if (strcmp(sys, "access") == 0)
- 			return print_access(val);
- 		else if (strcmp(sys, "epoll_ctl") == 0)
-@@ -2581,11 +2581,11 @@ static const char *print_a2(const char *val, const idata *id)
- 				goto normal;
- 		} else if (*sys == 'o') {
- 			if (strcmp(sys, "openat") == 0)
--				return print_open_flags(val);
-+				return print_open_flags(val, 16);
- 			if ((strcmp(sys, "open") == 0) && (id->a1 & O_CREAT))
- 				return print_mode_short(val, 16);
- 			if (strcmp(sys, "open_by_handle_at") == 0)
--			    return print_open_flags(val);
-+			    return print_open_flags(val, 16);
- 		} else if (*sys == 'f') {
- 			if (strcmp(sys, "fchmodat") == 0)
- 				return print_mode_short(val, 16);
-@@ -3256,8 +3256,8 @@ unknown:
- 		case AUPARSE_TYPE_SECCOMP:
- 			out = print_seccomp_code(id->val);
- 			break;
--		case AUPARSE_TYPE_OFLAG:
--			out = print_open_flags(id->val);
-+		case AUPARSE_TYPE_OFLAG: // AUDIT_OPENAT2,MQ_OPEN
-+			out = print_open_flags(id->val, 0);
- 			break;
- 		case AUPARSE_TYPE_MMAP:
- 			out = print_mmap(id->val);
--- 
-2.33.0
-

backport-audit-flex-array-workaround.patch

@@ -5,9 +5,8 @@ Subject: workaround a kernel change that breaks the build
 
 ---
  bindings/swig/src.auditswig.i | 2 +-
- lib/audit.h                   | 2 +-
  lib/libaudit.h                | 2 +-
- 3 files changed, 3 insertions(+)m 3 deletions(-)
+ 2 files changed, 2 insertions(+)m 2 deletions(-)
 
 diff --git a/bindings/swig/src/auditswig.i b/bindings/swig/src/auditswig.i
 --- a/bindings/swig/src/auditswig.i
@@ -21,18 +20,6 @@ diff --git a/bindings/swig/src/auditswig.i b/bindings/swig/src/auditswig.i
  #define __extension__ /*nothing*/
  %include <stdint.i>
  %include "../lib/libaudit.h"
-diff --git a/lib/audit.h b/lib/audit.h
---- a/lib/audit.h
-+++ b/lib/audit.h
-@@ -514,7 +514,7 @@ struct audit_rule_data {
- 	__u32		values[AUDIT_MAX_FIELDS];
- 	__u32		fieldflags[AUDIT_MAX_FIELDS];
- 	__u32		buflen;	/* total length of string fields */
--	char		buf[];	/* string fields buffer */
-+	char		buf[0];	/* string fields buffer */
- };
- 
- #endif /* _LINUX_AUDIT_H_ */
 diff --git a/lib/libaudit.h b/lib/libaudit.h
 --- a/lib/libaudit.h
 +++ b/lib/libaudit.h

backport-auditswig.i-avoid-setter-generation-for-audit_rule_d.patch

@@ -0,0 +1,39 @@
+From 1ca7e2b07bdc962695611ee1d0852f549d5ca21c Mon Sep 17 00:00:00 2001
+From: Sergei Trofimovich <slyich@gmail.com>
+Date: Wed, 23 Mar 2022 07:27:05 +0000
+Subject: [PATCH 10/12] auditswig.i: avoid setter generation for
+ audit_rule_data::buf
+
+As it's a flexible array generated code was never safe to use.
+With kernel's https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ed98ea2128b6fd83bce13716edf8f5fe6c47f574
+change it's a build failure now:
+
+    audit> audit_wrap.c:5010:15: error: invalid use of flexible array member
+    audit>  5010 |     arg1->buf = (char [])(char *)memcpy(malloc((size)*sizeof(char)), (const char *)(arg2), sizeof(char)*(size));
+    audit>       |               ^
+
+Let's avoid setter generation entirely.
+
+Closes: https://github.com/linux-audit/audit-userspace/issues/252
+---
+ bindings/swig/src/auditswig.i | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/bindings/swig/src/auditswig.i b/bindings/swig/src/auditswig.i
+index 21aafca..9a2c566 100644
+--- a/bindings/swig/src/auditswig.i
++++ b/bindings/swig/src/auditswig.i
+@@ -39,6 +39,10 @@ signed
+ #define __attribute(X) /*nothing*/
+ typedef unsigned __u32;
+ typedef unsigned uid_t;
++/* Sidestep SWIG's limitation of handling c99 Flexible arrays by not:
++ * generating setters against them: https://github.com/swig/swig/issues/1699
++ */
++%ignore audit_rule_data::buf;
+ %include "../lib/audit.h"
+ #define __extension__ /*nothing*/
+ %include <stdint.i>
+-- 
+2.33.0
+