Linux 6.3 Released

Linux v6.3 was released on Sunday, April 23rd; the SELinux and audit highlights are below. Beyond these highlights, LWN.net has summarized the major changes in this release made during the first and second weeks of the merge window.

SELinux

• Minor changes to support the ID-mapped mounts work and some newly created virtual memory flag accessor functions.

Audit

• The AUDIT_FANOTIFY record was updated to record the full event response. The patch’s author, Richard Guy Briggs, provides a description of the change, as well as sample record types, in the commit description:

  Currently the only type of fanotify info that is defined is an audit rule number, but convert it to hex encoding to future-proof the field. Hex encoding suggested by Paul Moore.

  The {subj,obj}_trust values are {0,1,2}, corresponding to no, yes, unknown.

  type=FANOTIFY msg=audit(1600385147.372:590): resp=2 fan_type=1 fan_info=3137 subj_trust=3 obj_trust=5
  type=FANOTIFY msg=audit(1659730979.839:284): resp=1 fan_type=0 fan_info=0 subj_trust=2 obj_trust=2
  

• Minor changes to support the ID-mapped mounts work and the conversion of the kernel’s capabilities data type from a u32[2] array to a single u64.

• Update the upstream Linux Kernel audit mailing list in MAINTAINERS to avoid the moderation problems with the old list. The new mailing list can be found in the MAINTAINERS file under the AUDIT SUBSYSTEM section.