audit: Fix compile error for audit_2.8.5

Fix below compile errors 1. Fix build with linux 5.17+ audit errors out due to swig munging it does with kernel headers | audit_wrap.c: In function '_wrap_audit_rule_data_buf_set': | audit_wrap.c:4701:17: error: cast specifies array type | 4701 | arg1->buf = (char [])(char *)memcpy(malloc((size)*sizeof(char)), (const char *)(arg2), sizeof(char)*(size)); | | ^ | audit_wrap.c:4701:15: error: invalid use of flexible array member | 4701 | arg1->buf = (char [])(char *)memcpy(malloc((size)*sizeof(char)), (const char *)(arg2), sizeof(char)*(size)); | | ^ | audit_wrap.c:4703:15: error: invalid use of flexible array member | 4703 | arg1->buf = 0; | | ^ These errors are due to VLAIS from kernel headers, so we copy linux/audit.h and make the needed change in local audit.h and make needed arrangements in build to use it when building audit package Take reference of upstream commit ee3c680c3 audit: Upgrade to 3.0.8 and fix build with linux 5.17+ Update 0002-Fixed-swig-host-contamination-issue.patch 2. Fix ipx.h missing file bug for kernel 5.15 ipx.h header file is removed in kernel 5.15 Link: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/include/net?id=6c9b40844751ea30c72f7a2f92f4d704bc6b2927 which is causing below error for system with kernel equal and higher than 5.15 | ../../git/auparse/interpret.c:48:10: fatal error: linux/ipx.h: No such file or directory | 48 | #include <linux/ipx.h> | | ^~~~~~~~~~~~~ Add below patch to fix this issue. 0001-Make-IPX-packet-interpretation-dependent-on-the-ipx-header.patch Link: https://github.com/linux-audit/audit-userspace/commit/6b09724c69d91668418ddb3af00da6db6755208c Signed-off-by: Akash Hadke <akash.hadke@kpit.com> Signed-off-by: Akash Hadke <hadkeakash4@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2026-06-05 02:50:46 +00:00 · 2022-10-21 15:12:11 +02:00
parent cfac82c560
commit 51a12d6e8e
3 changed files with 78 additions and 2 deletions
@@ -0,0 +1,65 @@
+From 6b09724c69d91668418ddb3af00da6db6755208c Mon Sep 17 00:00:00 2001
+From: Steve Grubb <sgrubb@redhat.com>
+Date: Thu, 2 Sep 2021 15:01:12 -0400
+Subject: [PATCH] Make IPX packet interpretation dependent on the ipx header
+ file existing
+
+Upstream-Status: Backport [https://github.com/linux-audit/audit-userspace/commit/6b09724c69d91668418ddb3af00da6db6755208c.patch]
+Comment: Remove one hunk from changelog file and refresh rest hunks as per codebase of audit_2.8.5
+Signed-off-by: Akash Hadke <akash.hadke@kpit.com>
+---
+ auparse/interpret.c | 8 ++++++--
+ configure.ac        | 6 ++++++
+ 2 files changed, 12 insertions(+), 2 deletions(-)
+
+diff --git a/auparse/interpret.c b/auparse/interpret.c
+index 63829aa0e..6c316456d 100644
+--- a/auparse/interpret.c	2022-10-14 11:22:20.833880000 +0200
+++ b/auparse/interpret.c	2022-10-14 11:35:13.196455950 +0200
+@@ -44,8 +44,10 @@
+ #include <linux/ax25.h>
+ #include <linux/atm.h>
+ #include <linux/x25.h>
+-#include <linux/if.h>   // FIXME: remove when ipx.h is fixed
+-#include <linux/ipx.h>
+#ifdef HAVE_IPX_HEADERS
+  #include <linux/if.h>   // FIXME: remove when ipx.h is fixed
+  #include <linux/ipx.h>
+#endif
+ #include <linux/capability.h>
+ #include <sys/personality.h>
+ #include <sys/prctl.h>
+@@ -1158,6 +1160,7 @@
+ 					      x->sax25_call.ax25_call[6]);
+                         }
+                         break;
+#ifdef HAVE_IPX_HEADERS
+                 case AF_IPX:
+                         {
+                                 const struct sockaddr_ipx *ip =
+@@ -1167,6 +1170,7 @@
+ 					str, ip->sipx_port, ip->sipx_network);
+                         }
+                         break;
+#endif
+                 case AF_ATMPVC:
+                         {
+                                 const struct sockaddr_atmpvc* at =
+diff --git a/configure.ac b/configure.ac
+index 8f541e4c0..005eb0b5b 100644
+--- a/configure.ac	2022-10-14 11:22:20.833880000 +0200
+++ b/configure.ac	2022-10-14 11:36:32.391044084 +0200
+@@ -414,6 +414,12 @@
+ 	AC_DEFINE_UNQUOTED(HAVE_LIBWRAP, [], Define if tcp_wrappers support is enabled )
+ fi
+ 
+# linux/ipx.h - deprecated in 2018
+AC_CHECK_HEADER(linux/ipx.h, ipx_headers=yes, ipx_headers=no)
+if test $ipx_headers = yes ; then
+	AC_DEFINE(HAVE_IPX_HEADERS,1,[IPX packet interpretation])
+fi
+
+ # See if we want to support lower capabilities for plugins
+ LIBCAP_NG_PATH
+ 
+
@@ -13,6 +13,11 @@ Upstream-Status: Inappropriate [embedded specific]
 Signed-off-by: Anders Hedlund <anders.hedlund@windriver.com>
 Signed-off-by: Joe Slater <jslater@windriver.com>
 Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
+
+Comment: Refresh hunk from auditswig.i to fix build with linux 5.17+
+Reference-Commit: ee3c680c3 audit: Upgrade to 3.0.8 and fix build with linux 5.17+
+Signed-off-by: Akash Hadke <akash.hadke@kpit.com>
+Signed-off-by: Akash Hadke <hadkeakash4@gmail.com>
 ---
 bindings/swig/python3/Makefile.am | 3 ++-
 bindings/swig/src/auditswig.i     | 2 +-
@@ -43,12 +48,12 @@ diff --git a/bindings/swig/src/auditswig.i b/bindings/swig/src/auditswig.i
 index 7ebb373..424fb68 100644
 --- a/bindings/swig/src/auditswig.i
 +++ b/bindings/swig/src/auditswig.i
-@@ -39,7 +39,7 @@ signed
+@@ -39,7 +39,7 @@
 #define __attribute(X) /*nothing*/
 typedef unsigned __u32;
 typedef unsigned uid_t;
 -%include "/usr/include/linux/audit.h"
-+%include "linux/audit.h"
+%include "../lib/audit.h"
 #define __extension__ /*nothing*/
 #include <stdint.h>
 %include "../lib/libaudit.h"
@@ -14,6 +14,7 @@ SRC_URI = "git://github.com/linux-audit/${BPN}-userspace.git;branch=2.8_maintena
           file://auditd \
           file://auditd.service \
           file://audit-volatile.conf \
+           file://0001-Make-IPX-packet-interpretation-dependent-on-the-ipx-header.patch \
 "

 S = "${WORKDIR}/git"
@@ -72,6 +73,11 @@ FILES:${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}"
 CONFFILES:auditd = "${sysconfdir}/audit/audit.rules"
 RDEPENDS:auditd = "bash"

+do_configure:prepend() {
+        sed -e 's|buf\[];|buf[0];|g'  ${STAGING_INCDIR}/linux/audit.h > ${S}/lib/audit.h
+        sed -i -e 's|#include <linux/audit.h>|#include "audit.h"|g' ${S}/lib/libaudit.h
+}
+
 do_install:append() {
 	rm -f ${D}/${libdir}/python${PYTHON_BASEVERSION}/site-packages/*.a
 	rm -f ${D}/${libdir}/python${PYTHON_BASEVERSION}/site-packages/*.la