Linux 6.13 Released

22 Jan 2025 tags: audit lsm selinux

Linux v6.13 was released on Sunday, January 19th. I already wrote up a post highlighting the LSM, SELinux, and audit changes that were submitted during the merge window, however there were additional changes that went in during the release candidate process which are described below.

LSM

• Leverage the new get_task_comm() API to get the current task’s “comm” string as opposed to accessing it directly. While minor, this affects the LSM framework’s common auditing code as well as SELinux.

• Minor IMA variable renaming to fix a variable name collision related to the lsm_prop changes merged during the v6.13 merge window.

SELinux

• Make better use of the sk_to_full_sk() helper in the SELinux networking code to fix a regression caused by networking changes introduced during the v6.13 merge window.

• Fix a problem when both the ioctl and netlink extended permissions, aka “xperms”, are used in a single domain.

• Ignore unknown extended permissions, aka “xperms”, when loading SELinux policy. This should make it easier to support newer policies on older kernels in the future as unknown xperms will no longer result in an error.

Audit

• Minor code shuffling to work around a GCC bug that was falsely reporting a write beyond the bounds of an object. There should be no user visible impact to this change.

In addition to my highlights, LWN.net provides a nice overall summary of the kernel changes made during the first and second weeks of the merge window.