aboutsummaryrefslogtreecommitdiffstats
path: root/kernel/auditfilter.c
diff options
context:
space:
mode:
authorPaul Moore <paul@paul-moore.com>2017-05-02 10:16:05 -0400
committerPaul Moore <paul@paul-moore.com>2017-05-02 10:16:05 -0400
commit45a0642b4d021a2f50d5db9c191b5bfe60bfa1c7 (patch)
treed63e9090ba3ebaa02cb6c94717b5c285c1fd93ec /kernel/auditfilter.c
parenta9d1620877748375cf60b43ef3fa5f61ab6d9f24 (diff)
audit: kernel generated netlink traffic should have a portid of 0
We were setting the portid incorrectly in the netlink message headers, fix that to always be 0 (nlmsg_pid = 0). Signed-off-by: Paul Moore <paul@paul-moore.com> Reviewed-by: Richard Guy Briggs <rgb@redhat.com>
Diffstat (limited to 'kernel/auditfilter.c')
-rw-r--r--kernel/auditfilter.c14
1 files changed, 6 insertions, 8 deletions
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index 239d11c3122c..0b0aa5854dac 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -1033,7 +1033,7 @@ out:
1033} 1033}
1034 1034
1035/* List rules using struct audit_rule_data. */ 1035/* List rules using struct audit_rule_data. */
1036static void audit_list_rules(__u32 portid, int seq, struct sk_buff_head *q) 1036static void audit_list_rules(int seq, struct sk_buff_head *q)
1037{ 1037{
1038 struct sk_buff *skb; 1038 struct sk_buff *skb;
1039 struct audit_krule *r; 1039 struct audit_krule *r;
@@ -1048,15 +1048,15 @@ static void audit_list_rules(__u32 portid, int seq, struct sk_buff_head *q)
1048 data = audit_krule_to_data(r); 1048 data = audit_krule_to_data(r);
1049 if (unlikely(!data)) 1049 if (unlikely(!data))
1050 break; 1050 break;
1051 skb = audit_make_reply(portid, seq, AUDIT_LIST_RULES, 1051 skb = audit_make_reply(seq, AUDIT_LIST_RULES, 0, 1,
1052 0, 1, data, 1052 data,
1053 sizeof(*data) + data->buflen); 1053 sizeof(*data) + data->buflen);
1054 if (skb) 1054 if (skb)
1055 skb_queue_tail(q, skb); 1055 skb_queue_tail(q, skb);
1056 kfree(data); 1056 kfree(data);
1057 } 1057 }
1058 } 1058 }
1059 skb = audit_make_reply(portid, seq, AUDIT_LIST_RULES, 1, 1, NULL, 0); 1059 skb = audit_make_reply(seq, AUDIT_LIST_RULES, 1, 1, NULL, 0);
1060 if (skb) 1060 if (skb)
1061 skb_queue_tail(q, skb); 1061 skb_queue_tail(q, skb);
1062} 1062}
@@ -1085,13 +1085,11 @@ static void audit_log_rule_change(char *action, struct audit_krule *rule, int re
1085/** 1085/**
1086 * audit_rule_change - apply all rules to the specified message type 1086 * audit_rule_change - apply all rules to the specified message type
1087 * @type: audit message type 1087 * @type: audit message type
1088 * @portid: target port id for netlink audit messages
1089 * @seq: netlink audit message sequence (serial) number 1088 * @seq: netlink audit message sequence (serial) number
1090 * @data: payload data 1089 * @data: payload data
1091 * @datasz: size of payload data 1090 * @datasz: size of payload data
1092 */ 1091 */
1093int audit_rule_change(int type, __u32 portid, int seq, void *data, 1092int audit_rule_change(int type, int seq, void *data, size_t datasz)
1094 size_t datasz)
1095{ 1093{
1096 int err = 0; 1094 int err = 0;
1097 struct audit_entry *entry; 1095 struct audit_entry *entry;
@@ -1150,7 +1148,7 @@ int audit_list_rules_send(struct sk_buff *request_skb, int seq)
1150 skb_queue_head_init(&dest->q); 1148 skb_queue_head_init(&dest->q);
1151 1149
1152 mutex_lock(&audit_filter_mutex); 1150 mutex_lock(&audit_filter_mutex);
1153 audit_list_rules(portid, seq, &dest->q); 1151 audit_list_rules(seq, &dest->q);
1154 mutex_unlock(&audit_filter_mutex); 1152 mutex_unlock(&audit_filter_mutex);
1155 1153
1156 tsk = kthread_run(audit_send_list, dest, "audit_send_list"); 1154 tsk = kthread_run(audit_send_list, dest, "audit_send_list");
generated by cgit v1.2.2 (git 2.25.0) at 2026-03-07 06:11:22 -0500