summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRichard Guy Briggs <rgb@redhat.com>2018-05-12 21:58:20 -0400
committerPaul Moore <paul@paul-moore.com>2018-05-14 17:24:18 -0400
commitcdfb6b341f0f2409aba24b84f3b4b2bba50be5c5 (patch)
treecb31684487723bae90c53e58d97b7b9e6aa53020
parentf0b752168d7091f38e7d61a80de2542e8b71d266 (diff)
audit: use inline function to get audit context
Recognizing that the audit context is an internal audit value, use an access function to retrieve the audit context pointer for the task rather than reaching directly into the task struct to get it. Signed-off-by: Richard Guy Briggs <rgb@redhat.com> [PM: merge fuzz in auditsc.c and selinuxfs.c, checkpatch.pl fixes] Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat
-rw-r--r--include/linux/audit.h15
-rw-r--r--include/net/xfrm.h2
-rw-r--r--kernel/audit.c6
-rw-r--r--kernel/audit_watch.c2
-rw-r--r--kernel/auditsc.c66
-rw-r--r--net/bridge/netfilter/ebtables.c2
-rw-r--r--net/core/dev.c18
-rw-r--r--net/netfilter/x_tables.c2
-rw-r--r--net/netlabel/netlabel_user.c2
-rw-r--r--security/integrity/ima/ima_api.c2
-rw-r--r--security/integrity/integrity_audit.c2
-rw-r--r--security/lsm_audit.c2
-rw-r--r--security/selinux/hooks.c7
-rw-r--r--security/selinux/selinuxfs.c6
-rw-r--r--security/selinux/ss/services.c12
15 files changed, 77 insertions, 69 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 2d15bce7aa3c..831a4684df40 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -237,9 +237,14 @@ extern void audit_seccomp_actions_logged(const char *names,
237 const char *old_names, int res); 237 const char *old_names, int res);
238extern void __audit_ptrace(struct task_struct *t); 238extern void __audit_ptrace(struct task_struct *t);
239 239
240static inline struct audit_context *audit_context(void)
241{
242 return current->audit_context;
243}
244
240static inline bool audit_dummy_context(void) 245static inline bool audit_dummy_context(void)
241{ 246{
242 void *p = current->audit_context; 247 void *p = audit_context();
243 return !p || *(int *)p; 248 return !p || *(int *)p;
244} 249}
245static inline void audit_free(struct task_struct *task) 250static inline void audit_free(struct task_struct *task)
@@ -251,12 +256,12 @@ static inline void audit_syscall_entry(int major, unsigned long a0,
251 unsigned long a1, unsigned long a2, 256 unsigned long a1, unsigned long a2,
252 unsigned long a3) 257 unsigned long a3)
253{ 258{
254 if (unlikely(current->audit_context)) 259 if (unlikely(audit_context()))
255 __audit_syscall_entry(major, a0, a1, a2, a3); 260 __audit_syscall_entry(major, a0, a1, a2, a3);
256} 261}
257static inline void audit_syscall_exit(void *pt_regs) 262static inline void audit_syscall_exit(void *pt_regs)
258{ 263{
259 if (unlikely(current->audit_context)) { 264 if (unlikely(audit_context())) {
260 int success = is_syscall_success(pt_regs); 265 int success = is_syscall_success(pt_regs);
261 long return_code = regs_return_value(pt_regs); 266 long return_code = regs_return_value(pt_regs);
262 267
@@ -464,6 +469,10 @@ static inline bool audit_dummy_context(void)
464{ 469{
465 return true; 470 return true;
466} 471}
472static inline struct audit_context *audit_context(void)
473{
474 return NULL;
475}
467static inline struct filename *audit_reusename(const __user char *name) 476static inline struct filename *audit_reusename(const __user char *name)
468{ 477{
469 return NULL; 478 return NULL;
diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index fcce8eef6c70..7f2e31aa3d65 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -736,7 +736,7 @@ static inline struct audit_buffer *xfrm_audit_start(const char *op)
736 736
737 if (audit_enabled == 0) 737 if (audit_enabled == 0)
738 return NULL; 738 return NULL;
739 audit_buf = audit_log_start(current->audit_context, GFP_ATOMIC, 739 audit_buf = audit_log_start(audit_context(), GFP_ATOMIC,
740 AUDIT_MAC_IPSEC_EVENT); 740 AUDIT_MAC_IPSEC_EVENT);
741 if (audit_buf == NULL) 741 if (audit_buf == NULL)
742 return NULL; 742 return NULL;
diff --git a/kernel/audit.c b/kernel/audit.c
index e9f9a90790e5..e7478cb58079 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -1099,8 +1099,7 @@ static void audit_log_feature_change(int which, u32 old_feature, u32 new_feature
1099 1099
1100 if (audit_enabled == AUDIT_OFF) 1100 if (audit_enabled == AUDIT_OFF)
1101 return; 1101 return;
1102 ab = audit_log_start(current->audit_context, 1102 ab = audit_log_start(audit_context(), GFP_KERNEL, AUDIT_FEATURE_CHANGE);
1103 GFP_KERNEL, AUDIT_FEATURE_CHANGE);
1104 if (!ab) 1103 if (!ab)
1105 return; 1104 return;
1106 audit_log_task_info(ab, current); 1105 audit_log_task_info(ab, current);
@@ -2317,8 +2316,7 @@ void audit_log_link_denied(const char *operation)
2317 return; 2316 return;
2318 2317
2319 /* Generate AUDIT_ANOM_LINK with subject, operation, outcome. */ 2318 /* Generate AUDIT_ANOM_LINK with subject, operation, outcome. */
2320 ab = audit_log_start(current->audit_context, GFP_KERNEL, 2319 ab = audit_log_start(audit_context(), GFP_KERNEL, AUDIT_ANOM_LINK);
2321 AUDIT_ANOM_LINK);
2322 if (!ab) 2320 if (!ab)
2323 return; 2321 return;
2324 audit_log_format(ab, "op=%s", operation); 2322 audit_log_format(ab, "op=%s", operation);
diff --git a/kernel/audit_watch.c b/kernel/audit_watch.c
index 9eb8b3511636..f1ba88994508 100644
--- a/kernel/audit_watch.c
+++ b/kernel/audit_watch.c
@@ -274,7 +274,7 @@ static void audit_update_watch(struct audit_parent *parent,
274 /* If the update involves invalidating rules, do the inode-based 274 /* If the update involves invalidating rules, do the inode-based
275 * filtering now, so we don't omit records. */ 275 * filtering now, so we don't omit records. */
276 if (invalidating && !audit_dummy_context()) 276 if (invalidating && !audit_dummy_context())
277 audit_filter_inodes(current, current->audit_context); 277 audit_filter_inodes(current, audit_context());
278 278
279 /* updating ino will likely change which audit_hash_list we 279 /* updating ino will likely change which audit_hash_list we
280 * are on so we need a new watch for the new list */ 280 * are on so we need a new watch for the new list */
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 378c45b92775..fce4acba576d 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -1509,8 +1509,7 @@ void __audit_free(struct task_struct *tsk)
1509void __audit_syscall_entry(int major, unsigned long a1, unsigned long a2, 1509void __audit_syscall_entry(int major, unsigned long a1, unsigned long a2,
1510 unsigned long a3, unsigned long a4) 1510 unsigned long a3, unsigned long a4)
1511{ 1511{
1512 struct task_struct *tsk = current; 1512 struct audit_context *context = audit_context();
1513 struct audit_context *context = tsk->audit_context;
1514 enum audit_state state; 1513 enum audit_state state;
1515 1514
1516 if (!audit_enabled || !context) 1515 if (!audit_enabled || !context)
@@ -1525,7 +1524,7 @@ void __audit_syscall_entry(int major, unsigned long a1, unsigned long a2,
1525 context->dummy = !audit_n_rules; 1524 context->dummy = !audit_n_rules;
1526 if (!context->dummy && state == AUDIT_BUILD_CONTEXT) { 1525 if (!context->dummy && state == AUDIT_BUILD_CONTEXT) {
1527 context->prio = 0; 1526 context->prio = 0;
1528 if (auditd_test_task(tsk)) 1527 if (auditd_test_task(current))
1529 return; 1528 return;
1530 } 1529 }
1531 1530
@@ -1563,12 +1562,12 @@ void __audit_syscall_exit(int success, long return_code)
1563 else 1562 else
1564 success = AUDITSC_FAILURE; 1563 success = AUDITSC_FAILURE;
1565 1564
1566 context = audit_take_context(tsk, success, return_code); 1565 context = audit_take_context(current, success, return_code);
1567 if (!context) 1566 if (!context)
1568 return; 1567 return;
1569 1568
1570 if (context->in_syscall && context->current_state == AUDIT_RECORD_CONTEXT) 1569 if (context->in_syscall && context->current_state == AUDIT_RECORD_CONTEXT)
1571 audit_log_exit(context, tsk); 1570 audit_log_exit(context, current);
1572 1571
1573 context->in_syscall = 0; 1572 context->in_syscall = 0;
1574 context->prio = context->state == AUDIT_RECORD_CONTEXT ? ~0ULL : 0; 1573 context->prio = context->state == AUDIT_RECORD_CONTEXT ? ~0ULL : 0;
@@ -1602,7 +1601,7 @@ static inline void handle_one(const struct inode *inode)
1602 int count; 1601 int count;
1603 if (likely(!inode->i_fsnotify_marks)) 1602 if (likely(!inode->i_fsnotify_marks))
1604 return; 1603 return;
1605 context = current->audit_context; 1604 context = audit_context();
1606 p = context->trees; 1605 p = context->trees;
1607 count = context->tree_count; 1606 count = context->tree_count;
1608 rcu_read_lock(); 1607 rcu_read_lock();
@@ -1633,7 +1632,7 @@ static void handle_path(const struct dentry *dentry)
1633 unsigned long seq; 1632 unsigned long seq;
1634 int count; 1633 int count;
1635 1634
1636 context = current->audit_context; 1635 context = audit_context();
1637 p = context->trees; 1636 p = context->trees;
1638 count = context->tree_count; 1637 count = context->tree_count;
1639retry: 1638retry:
@@ -1715,7 +1714,7 @@ static struct audit_names *audit_alloc_name(struct audit_context *context,
1715struct filename * 1714struct filename *
1716__audit_reusename(const __user char *uptr) 1715__audit_reusename(const __user char *uptr)
1717{ 1716{
1718 struct audit_context *context = current->audit_context; 1717 struct audit_context *context = audit_context();
1719 struct audit_names *n; 1718 struct audit_names *n;
1720 1719
1721 list_for_each_entry(n, &context->names_list, list) { 1720 list_for_each_entry(n, &context->names_list, list) {
@@ -1738,7 +1737,7 @@ __audit_reusename(const __user char *uptr)
1738 */ 1737 */
1739void __audit_getname(struct filename *name) 1738void __audit_getname(struct filename *name)
1740{ 1739{
1741 struct audit_context *context = current->audit_context; 1740 struct audit_context *context = audit_context();
1742 struct audit_names *n; 1741 struct audit_names *n;
1743 1742
1744 if (!context->in_syscall) 1743 if (!context->in_syscall)
@@ -1766,7 +1765,7 @@ void __audit_getname(struct filename *name)
1766void __audit_inode(struct filename *name, const struct dentry *dentry, 1765void __audit_inode(struct filename *name, const struct dentry *dentry,
1767 unsigned int flags) 1766 unsigned int flags)
1768{ 1767{
1769 struct audit_context *context = current->audit_context; 1768 struct audit_context *context = audit_context();
1770 struct inode *inode = d_backing_inode(dentry); 1769 struct inode *inode = d_backing_inode(dentry);
1771 struct audit_names *n; 1770 struct audit_names *n;
1772 bool parent = flags & AUDIT_INODE_PARENT; 1771 bool parent = flags & AUDIT_INODE_PARENT;
@@ -1865,7 +1864,7 @@ void __audit_inode_child(struct inode *parent,
1865 const struct dentry *dentry, 1864 const struct dentry *dentry,
1866 const unsigned char type) 1865 const unsigned char type)
1867{ 1866{
1868 struct audit_context *context = current->audit_context; 1867 struct audit_context *context = audit_context();
1869 struct inode *inode = d_backing_inode(dentry); 1868 struct inode *inode = d_backing_inode(dentry);
1870 const char *dname = dentry->d_name.name; 1869 const char *dname = dentry->d_name.name;
1871 struct audit_names *n, *found_parent = NULL, *found_child = NULL; 1870 struct audit_names *n, *found_parent = NULL, *found_child = NULL;
@@ -2084,7 +2083,7 @@ out:
2084 */ 2083 */
2085void __audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr) 2084void __audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr)
2086{ 2085{
2087 struct audit_context *context = current->audit_context; 2086 struct audit_context *context = audit_context();
2088 2087
2089 if (attr) 2088 if (attr)
2090 memcpy(&context->mq_open.attr, attr, sizeof(struct mq_attr)); 2089 memcpy(&context->mq_open.attr, attr, sizeof(struct mq_attr));
@@ -2108,7 +2107,7 @@ void __audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr)
2108void __audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, 2107void __audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, unsigned int msg_prio,
2109 const struct timespec64 *abs_timeout) 2108 const struct timespec64 *abs_timeout)
2110{ 2109{
2111 struct audit_context *context = current->audit_context; 2110 struct audit_context *context = audit_context();
2112 struct timespec64 *p = &context->mq_sendrecv.abs_timeout; 2111 struct timespec64 *p = &context->mq_sendrecv.abs_timeout;
2113 2112
2114 if (abs_timeout) 2113 if (abs_timeout)
@@ -2132,7 +2131,7 @@ void __audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, unsigned int msg_prio,
2132 2131
2133void __audit_mq_notify(mqd_t mqdes, const struct sigevent *notification) 2132void __audit_mq_notify(mqd_t mqdes, const struct sigevent *notification)
2134{ 2133{
2135 struct audit_context *context = current->audit_context; 2134 struct audit_context *context = audit_context();
2136 2135
2137 if (notification) 2136 if (notification)
2138 context->mq_notify.sigev_signo = notification->sigev_signo; 2137 context->mq_notify.sigev_signo = notification->sigev_signo;
@@ -2151,7 +2150,7 @@ void __audit_mq_notify(mqd_t mqdes, const struct sigevent *notification)
2151 */ 2150 */
2152void __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat) 2151void __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
2153{ 2152{
2154 struct audit_context *context = current->audit_context; 2153 struct audit_context *context = audit_context();
2155 context->mq_getsetattr.mqdes = mqdes; 2154 context->mq_getsetattr.mqdes = mqdes;
2156 context->mq_getsetattr.mqstat = *mqstat; 2155 context->mq_getsetattr.mqstat = *mqstat;
2157 context->type = AUDIT_MQ_GETSETATTR; 2156 context->type = AUDIT_MQ_GETSETATTR;
@@ -2164,7 +2163,7 @@ void __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
2164 */ 2163 */
2165void __audit_ipc_obj(struct kern_ipc_perm *ipcp) 2164void __audit_ipc_obj(struct kern_ipc_perm *ipcp)
2166{ 2165{
2167 struct audit_context *context = current->audit_context; 2166 struct audit_context *context = audit_context();
2168 context->ipc.uid = ipcp->uid; 2167 context->ipc.uid = ipcp->uid;
2169 context->ipc.gid = ipcp->gid; 2168 context->ipc.gid = ipcp->gid;
2170 context->ipc.mode = ipcp->mode; 2169 context->ipc.mode = ipcp->mode;
@@ -2184,7 +2183,7 @@ void __audit_ipc_obj(struct kern_ipc_perm *ipcp)
2184 */ 2183 */
2185void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, umode_t mode) 2184void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, umode_t mode)
2186{ 2185{
2187 struct audit_context *context = current->audit_context; 2186 struct audit_context *context = audit_context();
2188 2187
2189 context->ipc.qbytes = qbytes; 2188 context->ipc.qbytes = qbytes;
2190 context->ipc.perm_uid = uid; 2189 context->ipc.perm_uid = uid;
@@ -2195,7 +2194,7 @@ void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, umode_t mo
2195 2194
2196void __audit_bprm(struct linux_binprm *bprm) 2195void __audit_bprm(struct linux_binprm *bprm)
2197{ 2196{
2198 struct audit_context *context = current->audit_context; 2197 struct audit_context *context = audit_context();
2199 2198
2200 context->type = AUDIT_EXECVE; 2199 context->type = AUDIT_EXECVE;
2201 context->execve.argc = bprm->argc; 2200 context->execve.argc = bprm->argc;
@@ -2210,7 +2209,7 @@ void __audit_bprm(struct linux_binprm *bprm)
2210 */ 2209 */
2211int __audit_socketcall(int nargs, unsigned long *args) 2210int __audit_socketcall(int nargs, unsigned long *args)
2212{ 2211{
2213 struct audit_context *context = current->audit_context; 2212 struct audit_context *context = audit_context();
2214 2213
2215 if (nargs <= 0 || nargs > AUDITSC_ARGS || !args) 2214 if (nargs <= 0 || nargs > AUDITSC_ARGS || !args)
2216 return -EINVAL; 2215 return -EINVAL;
@@ -2228,7 +2227,7 @@ int __audit_socketcall(int nargs, unsigned long *args)
2228 */ 2227 */
2229void __audit_fd_pair(int fd1, int fd2) 2228void __audit_fd_pair(int fd1, int fd2)
2230{ 2229{
2231 struct audit_context *context = current->audit_context; 2230 struct audit_context *context = audit_context();
2232 context->fds[0] = fd1; 2231 context->fds[0] = fd1;
2233 context->fds[1] = fd2; 2232 context->fds[1] = fd2;
2234} 2233}
@@ -2242,7 +2241,7 @@ void __audit_fd_pair(int fd1, int fd2)
2242 */ 2241 */
2243int __audit_sockaddr(int len, void *a) 2242int __audit_sockaddr(int len, void *a)
2244{ 2243{
2245 struct audit_context *context = current->audit_context; 2244 struct audit_context *context = audit_context();
2246 2245
2247 if (!context->sockaddr) { 2246 if (!context->sockaddr) {
2248 void *p = kmalloc(sizeof(struct sockaddr_storage), GFP_KERNEL); 2247 void *p = kmalloc(sizeof(struct sockaddr_storage), GFP_KERNEL);
@@ -2258,7 +2257,7 @@ int __audit_sockaddr(int len, void *a)
2258 2257
2259void __audit_ptrace(struct task_struct *t) 2258void __audit_ptrace(struct task_struct *t)
2260{ 2259{
2261 struct audit_context *context = current->audit_context; 2260 struct audit_context *context = audit_context();
2262 2261
2263 context->target_pid = task_tgid_nr(t); 2262 context->target_pid = task_tgid_nr(t);
2264 context->target_auid = audit_get_loginuid(t); 2263 context->target_auid = audit_get_loginuid(t);
@@ -2279,19 +2278,18 @@ void __audit_ptrace(struct task_struct *t)
2279int audit_signal_info(int sig, struct task_struct *t) 2278int audit_signal_info(int sig, struct task_struct *t)
2280{ 2279{
2281 struct audit_aux_data_pids *axp; 2280 struct audit_aux_data_pids *axp;
2282 struct task_struct *tsk = current; 2281 struct audit_context *ctx = audit_context();
2283 struct audit_context *ctx = tsk->audit_context;
2284 kuid_t uid = current_uid(), t_uid = task_uid(t); 2282 kuid_t uid = current_uid(), t_uid = task_uid(t);
2285 2283
2286 if (auditd_test_task(t) && 2284 if (auditd_test_task(t) &&
2287 (sig == SIGTERM || sig == SIGHUP || 2285 (sig == SIGTERM || sig == SIGHUP ||
2288 sig == SIGUSR1 || sig == SIGUSR2)) { 2286 sig == SIGUSR1 || sig == SIGUSR2)) {
2289 audit_sig_pid = task_tgid_nr(tsk); 2287 audit_sig_pid = task_tgid_nr(current);
2290 if (uid_valid(tsk->loginuid)) 2288 if (uid_valid(current->loginuid))
2291 audit_sig_uid = tsk->loginuid; 2289 audit_sig_uid = current->loginuid;
2292 else 2290 else
2293 audit_sig_uid = uid; 2291 audit_sig_uid = uid;
2294 security_task_getsecid(tsk, &audit_sig_sid); 2292 security_task_getsecid(current, &audit_sig_sid);
2295 } 2293 }
2296 2294
2297 if (!audit_signals || audit_dummy_context()) 2295 if (!audit_signals || audit_dummy_context())
@@ -2347,7 +2345,7 @@ int __audit_log_bprm_fcaps(struct linux_binprm *bprm,
2347 const struct cred *new, const struct cred *old) 2345 const struct cred *new, const struct cred *old)
2348{ 2346{
2349 struct audit_aux_data_bprm_fcaps *ax; 2347 struct audit_aux_data_bprm_fcaps *ax;
2350 struct audit_context *context = current->audit_context; 2348 struct audit_context *context = audit_context();
2351 struct cpu_vfs_cap_data vcaps; 2349 struct cpu_vfs_cap_data vcaps;
2352 2350
2353 ax = kmalloc(sizeof(*ax), GFP_KERNEL); 2351 ax = kmalloc(sizeof(*ax), GFP_KERNEL);
@@ -2387,7 +2385,7 @@ int __audit_log_bprm_fcaps(struct linux_binprm *bprm,
2387 */ 2385 */
2388void __audit_log_capset(const struct cred *new, const struct cred *old) 2386void __audit_log_capset(const struct cred *new, const struct cred *old)
2389{ 2387{
2390 struct audit_context *context = current->audit_context; 2388 struct audit_context *context = audit_context();
2391 context->capset.pid = task_tgid_nr(current); 2389 context->capset.pid = task_tgid_nr(current);
2392 context->capset.cap.effective = new->cap_effective; 2390 context->capset.cap.effective = new->cap_effective;
2393 context->capset.cap.inheritable = new->cap_effective; 2391 context->capset.cap.inheritable = new->cap_effective;
@@ -2398,7 +2396,7 @@ void __audit_log_capset(const struct cred *new, const struct cred *old)
2398 2396
2399void __audit_mmap_fd(int fd, int flags) 2397void __audit_mmap_fd(int fd, int flags)
2400{ 2398{
2401 struct audit_context *context = current->audit_context; 2399 struct audit_context *context = audit_context();
2402 context->mmap.fd = fd; 2400 context->mmap.fd = fd;
2403 context->mmap.flags = flags; 2401 context->mmap.flags = flags;
2404 context->type = AUDIT_MMAP; 2402 context->type = AUDIT_MMAP;
@@ -2406,7 +2404,7 @@ void __audit_mmap_fd(int fd, int flags)
2406 2404
2407void __audit_log_kern_module(char *name) 2405void __audit_log_kern_module(char *name)
2408{ 2406{
2409 struct audit_context *context = current->audit_context; 2407 struct audit_context *context = audit_context();
2410 2408
2411 context->module.name = kmalloc(strlen(name) + 1, GFP_KERNEL); 2409 context->module.name = kmalloc(strlen(name) + 1, GFP_KERNEL);
2412 strcpy(context->module.name, name); 2410 strcpy(context->module.name, name);
@@ -2415,7 +2413,7 @@ void __audit_log_kern_module(char *name)
2415 2413
2416void __audit_fanotify(unsigned int response) 2414void __audit_fanotify(unsigned int response)
2417{ 2415{
2418 audit_log(current->audit_context, GFP_KERNEL, 2416 audit_log(audit_context(), GFP_KERNEL,
2419 AUDIT_FANOTIFY, "resp=%u", response); 2417 AUDIT_FANOTIFY, "resp=%u", response);
2420} 2418}
2421 2419
@@ -2514,7 +2512,7 @@ void audit_seccomp_actions_logged(const char *names, const char *old_names,
2514 2512
2515struct list_head *audit_killed_trees(void) 2513struct list_head *audit_killed_trees(void)
2516{ 2514{
2517 struct audit_context *ctx = current->audit_context; 2515 struct audit_context *ctx = audit_context();
2518 if (likely(!ctx || !ctx->in_syscall)) 2516 if (likely(!ctx || !ctx->in_syscall))
2519 return NULL; 2517 return NULL;
2520 return &ctx->killed_trees; 2518 return &ctx->killed_trees;
diff --git a/net/bridge/netfilter/ebtables.c b/net/bridge/netfilter/ebtables.c
index 032e0fe45940..894c96a26223 100644
--- a/net/bridge/netfilter/ebtables.c
+++ b/net/bridge/netfilter/ebtables.c
@@ -1062,7 +1062,7 @@ static int do_replace_finish(struct net *net, struct ebt_replace *repl,
1062 1062
1063#ifdef CONFIG_AUDIT 1063#ifdef CONFIG_AUDIT
1064 if (audit_enabled) { 1064 if (audit_enabled) {
1065 audit_log(current->audit_context, GFP_KERNEL, 1065 audit_log(audit_context(), GFP_KERNEL,
1066 AUDIT_NETFILTER_CFG, 1066 AUDIT_NETFILTER_CFG,
1067 "table=%s family=%u entries=%u", 1067 "table=%s family=%u entries=%u",
1068 repl->name, AF_BRIDGE, repl->nentries); 1068 repl->name, AF_BRIDGE, repl->nentries);
diff --git a/net/core/dev.c b/net/core/dev.c
index 969462ebb296..ee8bc8d0797f 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -6749,15 +6749,15 @@ static int __dev_set_promiscuity(struct net_device *dev, int inc, bool notify)
6749 dev->flags & IFF_PROMISC ? "entered" : "left"); 6749 dev->flags & IFF_PROMISC ? "entered" : "left");
6750 if (audit_enabled) { 6750 if (audit_enabled) {
6751 current_uid_gid(&uid, &gid); 6751 current_uid_gid(&uid, &gid);
6752 audit_log(current->audit_context, GFP_ATOMIC, 6752 audit_log(audit_context(), GFP_ATOMIC,
6753 AUDIT_ANOM_PROMISCUOUS, 6753 AUDIT_ANOM_PROMISCUOUS,
6754 "dev=%s prom=%d old_prom=%d auid=%u uid=%u gid=%u ses=%u", 6754 "dev=%s prom=%d old_prom=%d auid=%u uid=%u gid=%u ses=%u",
6755 dev->name, (dev->flags & IFF_PROMISC), 6755 dev->name, (dev->flags & IFF_PROMISC),
6756 (old_flags & IFF_PROMISC), 6756 (old_flags & IFF_PROMISC),
6757 from_kuid(&init_user_ns, audit_get_loginuid(current)), 6757 from_kuid(&init_user_ns, audit_get_loginuid(current)),
6758 from_kuid(&init_user_ns, uid), 6758 from_kuid(&init_user_ns, uid),
6759 from_kgid(&init_user_ns, gid), 6759 from_kgid(&init_user_ns, gid),
6760 audit_get_sessionid(current)); 6760 audit_get_sessionid(current));
6761 } 6761 }
6762 6762
6763 dev_change_rx_flags(dev, IFF_PROMISC); 6763 dev_change_rx_flags(dev, IFF_PROMISC);
diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c
index 71325fef647d..15402636b9ed 100644
--- a/net/netfilter/x_tables.c
+++ b/net/netfilter/x_tables.c
@@ -1414,7 +1414,7 @@ xt_replace_table(struct xt_table *table,
1414 1414
1415#ifdef CONFIG_AUDIT 1415#ifdef CONFIG_AUDIT
1416 if (audit_enabled) { 1416 if (audit_enabled) {
1417 audit_log(current->audit_context, GFP_KERNEL, 1417 audit_log(audit_context(), GFP_KERNEL,
1418 AUDIT_NETFILTER_CFG, 1418 AUDIT_NETFILTER_CFG,
1419 "table=%s family=%u entries=%u", 1419 "table=%s family=%u entries=%u",
1420 table->name, table->af, private->number); 1420 table->name, table->af, private->number);
diff --git a/net/netlabel/netlabel_user.c b/net/netlabel/netlabel_user.c
index 58495f44c62a..2f328af91a52 100644
--- a/net/netlabel/netlabel_user.c
+++ b/net/netlabel/netlabel_user.c
@@ -104,7 +104,7 @@ struct audit_buffer *netlbl_audit_start_common(int type,
104 if (audit_enabled == 0) 104 if (audit_enabled == 0)
105 return NULL; 105 return NULL;
106 106
107 audit_buf = audit_log_start(current->audit_context, GFP_ATOMIC, type); 107 audit_buf = audit_log_start(audit_context(), GFP_ATOMIC, type);
108 if (audit_buf == NULL) 108 if (audit_buf == NULL)
109 return NULL; 109 return NULL;
110 110
diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c
index bf88236b7a0b..a02c5acfd403 100644
--- a/security/integrity/ima/ima_api.c
+++ b/security/integrity/ima/ima_api.c
@@ -326,7 +326,7 @@ void ima_audit_measurement(struct integrity_iint_cache *iint,
326 hex_byte_pack(hash + (i * 2), iint->ima_hash->digest[i]); 326 hex_byte_pack(hash + (i * 2), iint->ima_hash->digest[i]);
327 hash[i * 2] = '\0'; 327 hash[i * 2] = '\0';
328 328
329 ab = audit_log_start(current->audit_context, GFP_KERNEL, 329 ab = audit_log_start(audit_context(), GFP_KERNEL,
330 AUDIT_INTEGRITY_RULE); 330 AUDIT_INTEGRITY_RULE);
331 if (!ab) 331 if (!ab)
332 goto out; 332 goto out;
diff --git a/security/integrity/integrity_audit.c b/security/integrity/integrity_audit.c
index 90987d15b6fe..ab10a25310a1 100644
--- a/security/integrity/integrity_audit.c
+++ b/security/integrity/integrity_audit.c
@@ -38,7 +38,7 @@ void integrity_audit_msg(int audit_msgno, struct inode *inode,
38 if (!integrity_audit_info && audit_info == 1) /* Skip info messages */ 38 if (!integrity_audit_info && audit_info == 1) /* Skip info messages */
39 return; 39 return;
40 40
41 ab = audit_log_start(current->audit_context, GFP_KERNEL, audit_msgno); 41 ab = audit_log_start(audit_context(), GFP_KERNEL, audit_msgno);
42 audit_log_format(ab, "pid=%d uid=%u auid=%u ses=%u", 42 audit_log_format(ab, "pid=%d uid=%u auid=%u ses=%u",
43 task_pid_nr(current), 43 task_pid_nr(current),
44 from_kuid(&init_user_ns, current_cred()->uid), 44 from_kuid(&init_user_ns, current_cred()->uid),
diff --git a/security/lsm_audit.c b/security/lsm_audit.c
index 67703dbe29ea..f84001019356 100644
--- a/security/lsm_audit.c
+++ b/security/lsm_audit.c
@@ -447,7 +447,7 @@ void common_lsm_audit(struct common_audit_data *a,
447 if (a == NULL) 447 if (a == NULL)
448 return; 448 return;
449 /* we use GFP_ATOMIC so we won't sleep */ 449 /* we use GFP_ATOMIC so we won't sleep */
450 ab = audit_log_start(current->audit_context, GFP_ATOMIC | __GFP_NOWARN, 450 ab = audit_log_start(audit_context(), GFP_ATOMIC | __GFP_NOWARN,
451 AUDIT_AVC); 451 AUDIT_AVC);
452 452
453 if (ab == NULL) 453 if (ab == NULL)
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 4cafe6a19167..713c1648014f 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -3294,7 +3294,8 @@ static int selinux_inode_setxattr(struct dentry *dentry, const char *name,
3294 } else { 3294 } else {
3295 audit_size = 0; 3295 audit_size = 0;
3296 } 3296 }
3297 ab = audit_log_start(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR); 3297 ab = audit_log_start(audit_context(),
3298 GFP_ATOMIC, AUDIT_SELINUX_ERR);
3298 audit_log_format(ab, "op=setxattr invalid_context="); 3299 audit_log_format(ab, "op=setxattr invalid_context=");
3299 audit_log_n_untrustedstring(ab, value, audit_size); 3300 audit_log_n_untrustedstring(ab, value, audit_size);
3300 audit_log_end(ab); 3301 audit_log_end(ab);
@@ -6431,7 +6432,9 @@ static int selinux_setprocattr(const char *name, void *value, size_t size)
6431 audit_size = size - 1; 6432 audit_size = size - 1;
6432 else 6433 else
6433 audit_size = size; 6434 audit_size = size;
6434 ab = audit_log_start(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR); 6435 ab = audit_log_start(audit_context(),
6436 GFP_ATOMIC,
6437 AUDIT_SELINUX_ERR);
6435 audit_log_format(ab, "op=fscreate invalid_context="); 6438 audit_log_format(ab, "op=fscreate invalid_context=");
6436 audit_log_n_untrustedstring(ab, value, audit_size); 6439 audit_log_n_untrustedstring(ab, value, audit_size);
6437 audit_log_end(ab); 6440 audit_log_end(ab);
diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c
index 245160373dab..35fd77737c59 100644
--- a/security/selinux/selinuxfs.c
+++ b/security/selinux/selinuxfs.c
@@ -167,7 +167,7 @@ static ssize_t sel_write_enforce(struct file *file, const char __user *buf,
167 NULL); 167 NULL);
168 if (length) 168 if (length)
169 goto out; 169 goto out;
170 audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_STATUS, 170 audit_log(audit_context(), GFP_KERNEL, AUDIT_MAC_STATUS,
171 "enforcing=%d old_enforcing=%d auid=%u ses=%u", 171 "enforcing=%d old_enforcing=%d auid=%u ses=%u",
172 new_value, old_value, 172 new_value, old_value,
173 from_kuid(&init_user_ns, audit_get_loginuid(current)), 173 from_kuid(&init_user_ns, audit_get_loginuid(current)),
@@ -299,7 +299,7 @@ static ssize_t sel_write_disable(struct file *file, const char __user *buf,
299 length = selinux_disable(fsi->state); 299 length = selinux_disable(fsi->state);
300 if (length) 300 if (length)
301 goto out; 301 goto out;
302 audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_STATUS, 302 audit_log(audit_context(), GFP_KERNEL, AUDIT_MAC_STATUS,
303 "selinux=0 auid=%u ses=%u", 303 "selinux=0 auid=%u ses=%u",
304 from_kuid(&init_user_ns, audit_get_loginuid(current)), 304 from_kuid(&init_user_ns, audit_get_loginuid(current)),
305 audit_get_sessionid(current)); 305 audit_get_sessionid(current));
@@ -575,7 +575,7 @@ static ssize_t sel_write_load(struct file *file, const char __user *buf,
575 length = count; 575 length = count;
576 576
577out1: 577out1:
578 audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_POLICY_LOAD, 578 audit_log(audit_context(), GFP_KERNEL, AUDIT_MAC_POLICY_LOAD,
579 "policy loaded auid=%u ses=%u", 579 "policy loaded auid=%u ses=%u",
580 from_kuid(&init_user_ns, audit_get_loginuid(current)), 580 from_kuid(&init_user_ns, audit_get_loginuid(current)),
581 audit_get_sessionid(current)); 581 audit_get_sessionid(current));
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index 8057e19dc15f..0fd8ad955a38 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -501,7 +501,7 @@ static void security_dump_masked_av(struct policydb *policydb,
501 goto out; 501 goto out;
502 502
503 /* audit a message */ 503 /* audit a message */
504 ab = audit_log_start(current->audit_context, 504 ab = audit_log_start(audit_context(),
505 GFP_ATOMIC, AUDIT_SELINUX_ERR); 505 GFP_ATOMIC, AUDIT_SELINUX_ERR);
506 if (!ab) 506 if (!ab)
507 goto out; 507 goto out;
@@ -743,7 +743,7 @@ static int security_validtrans_handle_fail(struct selinux_state *state,
743 goto out; 743 goto out;
744 if (context_struct_to_string(p, tcontext, &t, &tlen)) 744 if (context_struct_to_string(p, tcontext, &t, &tlen))
745 goto out; 745 goto out;
746 audit_log(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR, 746 audit_log(audit_context(), GFP_ATOMIC, AUDIT_SELINUX_ERR,
747 "op=security_validate_transition seresult=denied" 747 "op=security_validate_transition seresult=denied"
748 " oldcontext=%s newcontext=%s taskcontext=%s tclass=%s", 748 " oldcontext=%s newcontext=%s taskcontext=%s tclass=%s",
749 o, n, t, sym_name(p, SYM_CLASSES, tclass-1)); 749 o, n, t, sym_name(p, SYM_CLASSES, tclass-1));
@@ -929,7 +929,7 @@ int security_bounded_transition(struct selinux_state *state,
929 &old_name, &length) && 929 &old_name, &length) &&
930 !context_struct_to_string(policydb, new_context, 930 !context_struct_to_string(policydb, new_context,
931 &new_name, &length)) { 931 &new_name, &length)) {
932 audit_log(current->audit_context, 932 audit_log(audit_context(),
933 GFP_ATOMIC, AUDIT_SELINUX_ERR, 933 GFP_ATOMIC, AUDIT_SELINUX_ERR,
934 "op=security_bounded_transition " 934 "op=security_bounded_transition "
935 "seresult=denied " 935 "seresult=denied "
@@ -1586,7 +1586,7 @@ static int compute_sid_handle_invalid_context(
1586 goto out; 1586 goto out;
1587 if (context_struct_to_string(policydb, newcontext, &n, &nlen)) 1587 if (context_struct_to_string(policydb, newcontext, &n, &nlen))
1588 goto out; 1588 goto out;
1589 audit_log(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR, 1589 audit_log(audit_context(), GFP_ATOMIC, AUDIT_SELINUX_ERR,
1590 "op=security_compute_sid invalid_context=%s" 1590 "op=security_compute_sid invalid_context=%s"
1591 " scontext=%s" 1591 " scontext=%s"
1592 " tcontext=%s" 1592 " tcontext=%s"
@@ -2882,7 +2882,7 @@ int security_set_bools(struct selinux_state *state, int len, int *values)
2882 2882
2883 for (i = 0; i < len; i++) { 2883 for (i = 0; i < len; i++) {
2884 if (!!values[i] != policydb->bool_val_to_struct[i]->state) { 2884 if (!!values[i] != policydb->bool_val_to_struct[i]->state) {
2885 audit_log(current->audit_context, GFP_ATOMIC, 2885 audit_log(audit_context(), GFP_ATOMIC,
2886 AUDIT_MAC_CONFIG_CHANGE, 2886 AUDIT_MAC_CONFIG_CHANGE,
2887 "bool=%s val=%d old_val=%d auid=%u ses=%u", 2887 "bool=%s val=%d old_val=%d auid=%u ses=%u",
2888 sym_name(policydb, SYM_BOOLS, i), 2888 sym_name(policydb, SYM_BOOLS, i),
@@ -3025,7 +3025,7 @@ int security_sid_mls_copy(struct selinux_state *state,
3025 if (rc) { 3025 if (rc) {
3026 if (!context_struct_to_string(policydb, &newcon, &s, 3026 if (!context_struct_to_string(policydb, &newcon, &s,
3027 &len)) { 3027 &len)) {
3028 audit_log(current->audit_context, 3028 audit_log(audit_context(),
3029 GFP_ATOMIC, AUDIT_SELINUX_ERR, 3029 GFP_ATOMIC, AUDIT_SELINUX_ERR,
3030 "op=security_sid_mls_copy " 3030 "op=security_sid_mls_copy "
3031 "invalid_context=%s", s); 3031 "invalid_context=%s", s);
generated by cgit v1.2.2 (git 2.25.0) at 2025-09-11 18:58:37 -0400