Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

x-pack/auditbeat/module/socket/guess: fix creds trigger for newer kernels (backport #37136) #38027

Merged
merged 2 commits into from
Feb 16, 2024

Conversation

mergify[bot]
Copy link
Contributor

@mergify mergify bot commented Feb 14, 2024

This is an automatic backport of pull request #37136 done by Mergify.


Mergify commands and options

More conditions and actions can be found in the documentation.

You can also trigger Mergify actions by commenting on this pull request:

  • @Mergifyio refresh will re-evaluate the rules
  • @Mergifyio rebase will rebase this PR on its base branch
  • @Mergifyio update will merge the base branch into this PR
  • @Mergifyio backport <destination> will backport this PR on <destination> branch

Additionally, on Mergify dashboard you can:

  • look at your merge queues
  • generate the Mergify configuration with the config editor.

Finally, you can contact us on https://mergify.com

…nels (#37136)

In kernel commit 981ee95c (into v6.3) calls to access_override_creds
were gated behind a test for the requirement for the call. This change
results in non-execution of prepare_creds and so failure of the guess.

An alternative has been identified that does not exhibit this behaviour,
mq_open which calls dentry_open with creds in the third parameter. So
replace the sys_access trigger with sys_mq_open and add the probe to
dentry_open with P3 for the address.

Approach developed by Christiano Haesbaert.

(cherry picked from commit 284683d)
@mergify mergify bot requested a review from a team as a code owner February 14, 2024 19:21
@botelastic botelastic bot added the needs_team Indicates that the issue/PR needs a Team:* label label Feb 14, 2024
@botelastic
Copy link

botelastic bot commented Feb 14, 2024

This pull request doesn't have a Team:<team> label.

@andrewkroh
Copy link
Member

This should fix #37953.

@elasticmachine
Copy link
Collaborator

elasticmachine commented Feb 14, 2024

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview preview

Expand to view the summary

Build stats

  • Duration: 36 min 42 sec

❕ Flaky test report

No test was executed to be analysed.

🤖 GitHub comments

Expand to view the GitHub comments

To re-run your PR in the CI, just comment with:

  • /test : Re-trigger the build.

  • /package : Generate the packages and run the E2E tests.

  • /beats-tester : Run the installation tests with beats-tester.

  • run elasticsearch-ci/docs : Re-trigger the docs validation. (use unformatted text in the comment!)

@andrewkroh andrewkroh merged commit a0acfd6 into 7.17 Feb 16, 2024
16 of 18 checks passed
@andrewkroh andrewkroh deleted the mergify/bp/7.17/pr-37136 branch February 16, 2024 04:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Auditbeat bug needs_team Indicates that the issue/PR needs a Team:* label
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants