diff options
| author | Richard Guy Briggs <rgb@redhat.com> | 2018-05-12 21:58:21 -0400 |
|---|---|---|
| committer | Paul Moore <paul@paul-moore.com> | 2018-05-14 17:45:21 -0400 |
| commit | c0b0ae8a871bc2ebbe1ff9c9871efcf88994ffec (patch) | |
| tree | 6f3c9f546f71dc837d22b4c5a9167e1d7c33414e | |
| parent | cdfb6b341f0f2409aba24b84f3b4b2bba50be5c5 (diff) | |
audit: use inline function to set audit context
Recognizing that the audit context is an internal audit value, use an
access function to set the audit context pointer for the task
rather than reaching directly into the task struct to set it.
Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
[PM: merge fuzz in audit.h]
Signed-off-by: Paul Moore <paul@paul-moore.com>
| -rw-r--r-- | include/linux/audit.h | 7 | ||||
| -rw-r--r-- | kernel/auditsc.c | 7 | ||||
| -rw-r--r-- | kernel/fork.c | 2 |
3 files changed, 11 insertions, 5 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h index 831a4684df40..69c78477590b 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h | |||
| @@ -237,6 +237,11 @@ extern void audit_seccomp_actions_logged(const char *names, | |||
| 237 | const char *old_names, int res); | 237 | const char *old_names, int res); |
| 238 | extern void __audit_ptrace(struct task_struct *t); | 238 | extern void __audit_ptrace(struct task_struct *t); |
| 239 | 239 | ||
| 240 | static inline void audit_set_context(struct task_struct *task, struct audit_context *ctx) | ||
| 241 | { | ||
| 242 | task->audit_context = ctx; | ||
| 243 | } | ||
| 244 | |||
| 240 | static inline struct audit_context *audit_context(void) | 245 | static inline struct audit_context *audit_context(void) |
| 241 | { | 246 | { |
| 242 | return current->audit_context; | 247 | return current->audit_context; |
| @@ -469,6 +474,8 @@ static inline bool audit_dummy_context(void) | |||
| 469 | { | 474 | { |
| 470 | return true; | 475 | return true; |
| 471 | } | 476 | } |
| 477 | static inline void audit_set_context(struct task_struct *task, struct audit_context *ctx) | ||
| 478 | { } | ||
| 472 | static inline struct audit_context *audit_context(void) | 479 | static inline struct audit_context *audit_context(void) |
| 473 | { | 480 | { |
| 474 | return NULL; | 481 | return NULL; |
diff --git a/kernel/auditsc.c b/kernel/auditsc.c index fce4acba576d..cbab0da86d15 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c | |||
| @@ -865,7 +865,7 @@ static inline struct audit_context *audit_take_context(struct task_struct *tsk, | |||
| 865 | audit_filter_inodes(tsk, context); | 865 | audit_filter_inodes(tsk, context); |
| 866 | } | 866 | } |
| 867 | 867 | ||
| 868 | tsk->audit_context = NULL; | 868 | audit_set_context(tsk, NULL); |
| 869 | return context; | 869 | return context; |
| 870 | } | 870 | } |
| 871 | 871 | ||
| @@ -952,7 +952,7 @@ int audit_alloc(struct task_struct *tsk) | |||
| 952 | } | 952 | } |
| 953 | context->filterkey = key; | 953 | context->filterkey = key; |
| 954 | 954 | ||
| 955 | tsk->audit_context = context; | 955 | audit_set_context(tsk, context); |
| 956 | set_tsk_thread_flag(tsk, TIF_SYSCALL_AUDIT); | 956 | set_tsk_thread_flag(tsk, TIF_SYSCALL_AUDIT); |
| 957 | return 0; | 957 | return 0; |
| 958 | } | 958 | } |
| @@ -1554,7 +1554,6 @@ void __audit_syscall_entry(int major, unsigned long a1, unsigned long a2, | |||
| 1554 | */ | 1554 | */ |
| 1555 | void __audit_syscall_exit(int success, long return_code) | 1555 | void __audit_syscall_exit(int success, long return_code) |
| 1556 | { | 1556 | { |
| 1557 | struct task_struct *tsk = current; | ||
| 1558 | struct audit_context *context; | 1557 | struct audit_context *context; |
| 1559 | 1558 | ||
| 1560 | if (success) | 1559 | if (success) |
| @@ -1589,7 +1588,7 @@ void __audit_syscall_exit(int success, long return_code) | |||
| 1589 | kfree(context->filterkey); | 1588 | kfree(context->filterkey); |
| 1590 | context->filterkey = NULL; | 1589 | context->filterkey = NULL; |
| 1591 | } | 1590 | } |
| 1592 | tsk->audit_context = context; | 1591 | audit_set_context(current, context); |
| 1593 | } | 1592 | } |
| 1594 | 1593 | ||
| 1595 | static inline void handle_one(const struct inode *inode) | 1594 | static inline void handle_one(const struct inode *inode) |
diff --git a/kernel/fork.c b/kernel/fork.c index 242c8c93d285..cd18448b025a 100644 --- a/kernel/fork.c +++ b/kernel/fork.c | |||
| @@ -1713,7 +1713,7 @@ static __latent_entropy struct task_struct *copy_process( | |||
| 1713 | p->start_time = ktime_get_ns(); | 1713 | p->start_time = ktime_get_ns(); |
| 1714 | p->real_start_time = ktime_get_boot_ns(); | 1714 | p->real_start_time = ktime_get_boot_ns(); |
| 1715 | p->io_context = NULL; | 1715 | p->io_context = NULL; |
| 1716 | p->audit_context = NULL; | 1716 | audit_set_context(p, NULL); |
| 1717 | cgroup_fork(p); | 1717 | cgroup_fork(p); |
| 1718 | #ifdef CONFIG_NUMA | 1718 | #ifdef CONFIG_NUMA |
| 1719 | p->mempolicy = mpol_dup(p->mempolicy); | 1719 | p->mempolicy = mpol_dup(p->mempolicy); |