summaryrefslogtreecommitdiffstats
path: root/kernel/auditsc.c
diff options
context:
space:
mode:
authorPeter Moody <pmoody@google.com>2012-06-14 13:04:35 -0400
committerMimi Zohar <zohar@linux.vnet.ibm.com>2012-09-12 07:28:05 -0400
commite23eb920b0f3978687c497de2ac3eb9e281dab32 (patch)
treec4b2a7765b330a901d0f9c6ff30b14855ddab088 /kernel/auditsc.c
parenta40695edad6a69561b299272028c172e2d981666 (diff)
audit: export audit_log_task_info
At the suggestion of eparis@redhat.com, move this chunk of task logging from audit_log_exit to audit_log_task_info and export this function so it's usuable elsewhere in the kernel. This patch is against git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity#next-ima-appraisal Changelog v2: - add empty audit_log_task_info if CONFIG_AUDITSYSCALL isn't set. Changelog v1: - Initial post. Signed-off-by: Peter Moody <pmoody@google.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Diffstat (limited to 'kernel/auditsc.c')
-rw-r--r--kernel/auditsc.c74
1 files changed, 34 insertions, 40 deletions
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 4b96415527b8..37f52f27828d 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -1154,13 +1154,38 @@ error_path:
1154 1154
1155EXPORT_SYMBOL(audit_log_task_context); 1155EXPORT_SYMBOL(audit_log_task_context);
1156 1156
1157static void audit_log_task_info(struct audit_buffer *ab, struct task_struct *tsk) 1157void audit_log_task_info(struct audit_buffer *ab, struct task_struct *tsk)
1158{ 1158{
1159 const struct cred *cred;
1159 char name[sizeof(tsk->comm)]; 1160 char name[sizeof(tsk->comm)];
1160 struct mm_struct *mm = tsk->mm; 1161 struct mm_struct *mm = tsk->mm;
1161 struct vm_area_struct *vma; 1162 struct vm_area_struct *vma;
1163 char *tty;
1164
1165 if (!ab)
1166 return;
1162 1167
1163 /* tsk == current */ 1168 /* tsk == current */
1169 cred = current_cred();
1170
1171 spin_lock_irq(&tsk->sighand->siglock);
1172 if (tsk->signal && tsk->signal->tty && tsk->signal->tty->name)
1173 tty = tsk->signal->tty->name;
1174 else
1175 tty = "(none)";
1176 spin_unlock_irq(&tsk->sighand->siglock);
1177
1178
1179 audit_log_format(ab,
1180 " ppid=%ld pid=%d auid=%u uid=%u gid=%u"
1181 " euid=%u suid=%u fsuid=%u"
1182 " egid=%u sgid=%u fsgid=%u ses=%u tty=%s",
1183 sys_getppid(),
1184 tsk->pid,
1185 tsk->loginuid, cred->uid, cred->gid,
1186 cred->euid, cred->suid, cred->fsuid,
1187 cred->egid, cred->sgid, cred->fsgid,
1188 tsk->sessionid, tty);
1164 1189
1165 get_task_comm(name, tsk); 1190 get_task_comm(name, tsk);
1166 audit_log_format(ab, " comm="); 1191 audit_log_format(ab, " comm=");
@@ -1183,6 +1208,8 @@ static void audit_log_task_info(struct audit_buffer *ab, struct task_struct *tsk
1183 audit_log_task_context(ab); 1208 audit_log_task_context(ab);
1184} 1209}
1185 1210
1211EXPORT_SYMBOL(audit_log_task_info);
1212
1186static int audit_log_pid_context(struct audit_context *context, pid_t pid, 1213static int audit_log_pid_context(struct audit_context *context, pid_t pid,
1187 uid_t auid, uid_t uid, unsigned int sessionid, 1214 uid_t auid, uid_t uid, unsigned int sessionid,
1188 u32 sid, char *comm) 1215 u32 sid, char *comm)
@@ -1585,26 +1612,12 @@ static void audit_log_name(struct audit_context *context, struct audit_names *n,
1585 1612
1586static void audit_log_exit(struct audit_context *context, struct task_struct *tsk) 1613static void audit_log_exit(struct audit_context *context, struct task_struct *tsk)
1587{ 1614{
1588 const struct cred *cred;
1589 int i, call_panic = 0; 1615 int i, call_panic = 0;
1590 struct audit_buffer *ab; 1616 struct audit_buffer *ab;
1591 struct audit_aux_data *aux; 1617 struct audit_aux_data *aux;
1592 const char *tty;
1593 struct audit_names *n; 1618 struct audit_names *n;
1594 1619
1595 /* tsk == current */ 1620 /* tsk == current */
1596 context->pid = tsk->pid;
1597 if (!context->ppid)
1598 context->ppid = sys_getppid();
1599 cred = current_cred();
1600 context->uid = cred->uid;
1601 context->gid = cred->gid;
1602 context->euid = cred->euid;
1603 context->suid = cred->suid;
1604 context->fsuid = cred->fsuid;
1605 context->egid = cred->egid;
1606 context->sgid = cred->sgid;
1607 context->fsgid = cred->fsgid;
1608 context->personality = tsk->personality; 1621 context->personality = tsk->personality;
1609 1622
1610 ab = audit_log_start(context, GFP_KERNEL, AUDIT_SYSCALL); 1623 ab = audit_log_start(context, GFP_KERNEL, AUDIT_SYSCALL);
@@ -1619,32 +1632,13 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts
1619 (context->return_valid==AUDITSC_SUCCESS)?"yes":"no", 1632 (context->return_valid==AUDITSC_SUCCESS)?"yes":"no",
1620 context->return_code); 1633 context->return_code);
1621 1634
1622 spin_lock_irq(&tsk->sighand->siglock);
1623 if (tsk->signal && tsk->signal->tty && tsk->signal->tty->name)
1624 tty = tsk->signal->tty->name;
1625 else
1626 tty = "(none)";
1627 spin_unlock_irq(&tsk->sighand->siglock);
1628
1629 audit_log_format(ab, 1635 audit_log_format(ab,
1630 " a0=%lx a1=%lx a2=%lx a3=%lx items=%d" 1636 " a0=%lx a1=%lx a2=%lx a3=%lx items=%d",
1631 " ppid=%d pid=%d auid=%u uid=%u gid=%u" 1637 context->argv[0],
1632 " euid=%u suid=%u fsuid=%u" 1638 context->argv[1],
1633 " egid=%u sgid=%u fsgid=%u tty=%s ses=%u", 1639 context->argv[2],
1634 context->argv[0], 1640 context->argv[3],
1635 context->argv[1], 1641 context->name_count);
1636 context->argv[2],
1637 context->argv[3],
1638 context->name_count,
1639 context->ppid,
1640 context->pid,
1641 tsk->loginuid,
1642 context->uid,
1643 context->gid,
1644 context->euid, context->suid, context->fsuid,
1645 context->egid, context->sgid, context->fsgid, tty,
1646 tsk->sessionid);
1647
1648 1642
1649 audit_log_task_info(ab, tsk); 1643 audit_log_task_info(ab, tsk);
1650 audit_log_key(ab, context->filterkey); 1644 audit_log_key(ab, context->filterkey);